From babd706abcff0b319e7f66f06e8c1c9e3ee4f371 Mon Sep 17 00:00:00 2001 From: github-actions Date: Tue, 31 Mar 2026 16:24:39 +0000 Subject: [PATCH] chore(schema): update --- samtranslator/schema/schema.json | 8840 ++++++++++++++++++---- schema_source/cloudformation-docs.json | 18 +- schema_source/cloudformation.schema.json | 8840 ++++++++++++++++++---- 3 files changed, 14357 insertions(+), 3341 deletions(-) diff --git a/samtranslator/schema/schema.json b/samtranslator/schema/schema.json index 50e31d954..1dbb62a37 100644 --- a/samtranslator/schema/schema.json +++ b/samtranslator/schema/schema.json @@ -2869,6 +2869,12 @@ "markdownDescription": "A parallel configuration execution block.", "title": "ParallelConfig" }, + "RdsCreateCrossRegionReadReplicaConfig": { + "$ref": "#/definitions/AWS::ARCRegionSwitch::Plan.RdsCreateCrossRegionReplicaConfiguration" + }, + "RdsPromoteReadReplicaConfig": { + "$ref": "#/definitions/AWS::ARCRegionSwitch::Plan.RdsPromoteReadReplicaConfiguration" + }, "RegionSwitchPlanConfig": { "$ref": "#/definitions/AWS::ARCRegionSwitch::Plan.RegionSwitchPlanConfiguration", "markdownDescription": "A Region switch plan execution block.", @@ -3011,6 +3017,60 @@ ], "type": "object" }, + "AWS::ARCRegionSwitch::Plan.RdsCreateCrossRegionReplicaConfiguration": { + "additionalProperties": false, + "properties": { + "CrossAccountRole": { + "type": "string" + }, + "DbInstanceArnMap": { + "additionalProperties": true, + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "type": "object" + }, + "ExternalId": { + "type": "string" + }, + "TimeoutMinutes": { + "type": "number" + } + }, + "required": [ + "DbInstanceArnMap" + ], + "type": "object" + }, + "AWS::ARCRegionSwitch::Plan.RdsPromoteReadReplicaConfiguration": { + "additionalProperties": false, + "properties": { + "CrossAccountRole": { + "type": "string" + }, + "DbInstanceArnMap": { + "additionalProperties": true, + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "type": "object" + }, + "ExternalId": { + "type": "string" + }, + "TimeoutMinutes": { + "type": "number" + } + }, + "required": [ + "DbInstanceArnMap" + ], + "type": "object" + }, "AWS::ARCRegionSwitch::Plan.RegionSwitchPlanConfiguration": { "additionalProperties": false, "properties": { @@ -20923,6 +20983,21 @@ "title": "Name", "type": "string" }, + "RootVolumeConfig": { + "$ref": "#/definitions/AWS::AppStream::ImageBuilder.VolumeConfig" + }, + "SoftwaresToInstall": { + "items": { + "type": "string" + }, + "type": "array" + }, + "SoftwaresToUninstall": { + "items": { + "type": "string" + }, + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -21000,6 +21075,15 @@ }, "type": "object" }, + "AWS::AppStream::ImageBuilder.VolumeConfig": { + "additionalProperties": false, + "properties": { + "VolumeSizeInGb": { + "type": "number" + } + }, + "type": "object" + }, "AWS::AppStream::ImageBuilder.VpcConfig": { "additionalProperties": false, "properties": { @@ -27563,6 +27647,12 @@ "markdownDescription": "The EC2 instance capacity distribution across Availability Zones for the Auto Scaling group.", "title": "AvailabilityZoneDistribution" }, + "AvailabilityZoneIds": { + "items": { + "type": "string" + }, + "type": "array" + }, "AvailabilityZoneImpairmentPolicy": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.AvailabilityZoneImpairmentPolicy", "markdownDescription": "The Availability Zone impairment policy for the Auto Scaling group.", @@ -33149,6 +33239,9 @@ "title": "PlacementGroup", "type": "string" }, + "ScalingPolicy": { + "$ref": "#/definitions/AWS::Batch::ComputeEnvironment.ComputeScalingPolicy" + }, "SecurityGroupIds": { "items": { "type": "string" @@ -33199,6 +33292,15 @@ ], "type": "object" }, + "AWS::Batch::ComputeEnvironment.ComputeScalingPolicy": { + "additionalProperties": false, + "properties": { + "MinScaleDownDelayMinutes": { + "type": "number" + } + }, + "type": "object" + }, "AWS::Batch::ComputeEnvironment.Ec2ConfigurationObject": { "additionalProperties": false, "properties": { @@ -35299,6 +35401,145 @@ ], "type": "object" }, + "AWS::Batch::QuotaShare": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CapacityLimits": { + "items": { + "$ref": "#/definitions/AWS::Batch::QuotaShare.QuotaShareCapacityLimit" + }, + "type": "array" + }, + "JobQueue": { + "type": "string" + }, + "PreemptionConfiguration": { + "$ref": "#/definitions/AWS::Batch::QuotaShare.QuotaSharePreemptionConfiguration" + }, + "QuotaShareName": { + "type": "string" + }, + "ResourceSharingConfiguration": { + "$ref": "#/definitions/AWS::Batch::QuotaShare.QuotaShareResourceSharingConfiguration" + }, + "State": { + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "CapacityLimits", + "JobQueue", + "PreemptionConfiguration", + "QuotaShareName", + "ResourceSharingConfiguration" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Batch::QuotaShare" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Batch::QuotaShare.QuotaShareCapacityLimit": { + "additionalProperties": false, + "properties": { + "CapacityUnit": { + "type": "string" + }, + "MaxCapacity": { + "type": "number" + } + }, + "required": [ + "CapacityUnit", + "MaxCapacity" + ], + "type": "object" + }, + "AWS::Batch::QuotaShare.QuotaSharePreemptionConfiguration": { + "additionalProperties": false, + "properties": { + "InSharePreemption": { + "type": "string" + } + }, + "required": [ + "InSharePreemption" + ], + "type": "object" + }, + "AWS::Batch::QuotaShare.QuotaShareResourceSharingConfiguration": { + "additionalProperties": false, + "properties": { + "BorrowLimit": { + "type": "number" + }, + "Strategy": { + "type": "string" + } + }, + "required": [ + "Strategy" + ], + "type": "object" + }, "AWS::Batch::SchedulingPolicy": { "additionalProperties": false, "properties": { @@ -35344,6 +35585,9 @@ "title": "Name", "type": "string" }, + "QuotaSharePolicy": { + "$ref": "#/definitions/AWS::Batch::SchedulingPolicy.QuotaSharePolicy" + }, "Tags": { "additionalProperties": true, "markdownDescription": "The tags that you apply to the scheduling policy to help you categorize and organize your resources. Each tag consists of a key and an optional value. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in *AWS General Reference* .\n\nThese tags can be updated or removed using the [TagResource](https://docs.aws.amazon.com/batch/latest/APIReference/API_TagResource.html) and [UntagResource](https://docs.aws.amazon.com/batch/latest/APIReference/API_UntagResource.html) API operations.", @@ -35402,6 +35646,15 @@ }, "type": "object" }, + "AWS::Batch::SchedulingPolicy.QuotaSharePolicy": { + "additionalProperties": false, + "properties": { + "IdleResourceAssignmentStrategy": { + "type": "string" + } + }, + "type": "object" + }, "AWS::Batch::SchedulingPolicy.ShareAttributes": { "additionalProperties": false, "properties": { @@ -43854,7 +44107,7 @@ ], "type": "object" }, - "AWS::BedrockAgentCore::CodeInterpreterCustom": { + "AWS::BedrockAgentCore::BrowserProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -43890,46 +44143,29 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The code interpreter description.", - "title": "Description", - "type": "string" - }, - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the execution role.", - "title": "ExecutionRoleArn", "type": "string" }, "Name": { - "markdownDescription": "The name of the code interpreter.", - "title": "Name", "type": "string" }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::BedrockAgentCore::CodeInterpreterCustom.CodeInterpreterNetworkConfiguration", - "markdownDescription": "The network configuration for a code interpreter. This structure defines how the code interpreter connects to the network.", - "title": "NetworkConfiguration" - }, "Tags": { "additionalProperties": true, - "markdownDescription": "The tags for the code interpreter.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, - "title": "Tags", "type": "object" } }, "required": [ - "Name", - "NetworkConfiguration" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::BedrockAgentCore::CodeInterpreterCustom" + "AWS::BedrockAgentCore::BrowserProfile" ], "type": "string" }, @@ -43948,52 +44184,359 @@ ], "type": "object" }, - "AWS::BedrockAgentCore::CodeInterpreterCustom.CodeInterpreterNetworkConfiguration": { - "additionalProperties": false, - "properties": { - "NetworkMode": { - "markdownDescription": "The network mode.", - "title": "NetworkMode", - "type": "string" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::BedrockAgentCore::CodeInterpreterCustom.VpcConfig", - "markdownDescription": "", - "title": "VpcConfig" - } - }, - "required": [ - "NetworkMode" - ], - "type": "object" - }, - "AWS::BedrockAgentCore::CodeInterpreterCustom.VpcConfig": { - "additionalProperties": false, - "properties": { - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "SecurityGroups", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "Subnets", - "type": "array" - } - }, - "required": [ - "SecurityGroups", - "Subnets" - ], - "type": "object" - }, - "AWS::BedrockAgentCore::Gateway": { + "AWS::BedrockAgentCore::CodeInterpreterCustom": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The code interpreter description.", + "title": "Description", + "type": "string" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the execution role.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the code interpreter.", + "title": "Name", + "type": "string" + }, + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::BedrockAgentCore::CodeInterpreterCustom.CodeInterpreterNetworkConfiguration", + "markdownDescription": "The network configuration for a code interpreter. This structure defines how the code interpreter connects to the network.", + "title": "NetworkConfiguration" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags for the code interpreter.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name", + "NetworkConfiguration" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::BedrockAgentCore::CodeInterpreterCustom" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::CodeInterpreterCustom.CodeInterpreterNetworkConfiguration": { + "additionalProperties": false, + "properties": { + "NetworkMode": { + "markdownDescription": "The network mode.", + "title": "NetworkMode", + "type": "string" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::BedrockAgentCore::CodeInterpreterCustom.VpcConfig", + "markdownDescription": "", + "title": "VpcConfig" + } + }, + "required": [ + "NetworkMode" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::CodeInterpreterCustom.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Subnets", + "type": "array" + } + }, + "required": [ + "SecurityGroups", + "Subnets" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Evaluator": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "type": "string" + }, + "EvaluatorConfig": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Evaluator.EvaluatorConfig" + }, + "EvaluatorName": { + "type": "string" + }, + "Level": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "EvaluatorConfig", + "EvaluatorName", + "Level" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::BedrockAgentCore::Evaluator" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Evaluator.BedrockEvaluatorModelConfig": { + "additionalProperties": false, + "properties": { + "AdditionalModelRequestFields": { + "type": "object" + }, + "InferenceConfig": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Evaluator.InferenceConfiguration" + }, + "ModelId": { + "type": "string" + } + }, + "required": [ + "ModelId" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Evaluator.CategoricalScaleDefinition": { + "additionalProperties": false, + "properties": { + "Definition": { + "type": "string" + }, + "Label": { + "type": "string" + } + }, + "required": [ + "Definition", + "Label" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Evaluator.EvaluatorConfig": { + "additionalProperties": false, + "properties": { + "LlmAsAJudge": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Evaluator.LlmAsAJudgeEvaluatorConfig" + } + }, + "required": [ + "LlmAsAJudge" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Evaluator.EvaluatorModelConfig": { + "additionalProperties": false, + "properties": { + "BedrockEvaluatorModelConfig": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Evaluator.BedrockEvaluatorModelConfig" + } + }, + "required": [ + "BedrockEvaluatorModelConfig" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Evaluator.InferenceConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTokens": { + "type": "number" + }, + "Temperature": { + "type": "number" + }, + "TopP": { + "type": "number" + } + }, + "type": "object" + }, + "AWS::BedrockAgentCore::Evaluator.LlmAsAJudgeEvaluatorConfig": { + "additionalProperties": false, + "properties": { + "Instructions": { + "type": "string" + }, + "ModelConfig": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Evaluator.EvaluatorModelConfig" + }, + "RatingScale": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Evaluator.RatingScale" + } + }, + "required": [ + "Instructions", + "ModelConfig", + "RatingScale" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Evaluator.NumericalScaleDefinition": { + "additionalProperties": false, + "properties": { + "Definition": { + "type": "string" + }, + "Label": { + "type": "string" + }, + "Value": { + "type": "number" + } + }, + "required": [ + "Definition", + "Label", + "Value" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Evaluator.RatingScale": { + "additionalProperties": false, + "properties": { + "Categorical": { + "items": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Evaluator.CategoricalScaleDefinition" + }, + "type": "array" + }, + "Numerical": { + "items": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Evaluator.NumericalScaleDefinition" + }, + "type": "array" + } + }, + "type": "object" + }, + "AWS::BedrockAgentCore::Gateway": { "additionalProperties": false, "properties": { "Condition": { @@ -44066,6 +44609,9 @@ "title": "Name", "type": "string" }, + "PolicyEngineConfiguration": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Gateway.GatewayPolicyEngineConfiguration" + }, "ProtocolConfiguration": { "$ref": "#/definitions/AWS::BedrockAgentCore::Gateway.GatewayProtocolConfiguration", "markdownDescription": "The protocol configuration for the gateway target.", @@ -44275,6 +44821,22 @@ ], "type": "object" }, + "AWS::BedrockAgentCore::Gateway.GatewayPolicyEngineConfiguration": { + "additionalProperties": false, + "properties": { + "Arn": { + "type": "string" + }, + "Mode": { + "type": "string" + } + }, + "required": [ + "Arn", + "Mode" + ], + "type": "object" + }, "AWS::BedrockAgentCore::Gateway.GatewayProtocolConfiguration": { "additionalProperties": false, "properties": { @@ -44956,6 +45518,9 @@ "title": "Name", "type": "string" }, + "StreamDeliveryResources": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Memory.StreamDeliveryResources" + }, "Tags": { "additionalProperties": true, "markdownDescription": "The tags for the resources.", @@ -44995,6 +45560,21 @@ ], "type": "object" }, + "AWS::BedrockAgentCore::Memory.ContentConfiguration": { + "additionalProperties": false, + "properties": { + "Level": { + "type": "string" + }, + "Type": { + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, "AWS::BedrockAgentCore::Memory.CustomConfigurationInput": { "additionalProperties": false, "properties": { @@ -45262,6 +45842,25 @@ }, "type": "object" }, + "AWS::BedrockAgentCore::Memory.KinesisResource": { + "additionalProperties": false, + "properties": { + "ContentConfigurations": { + "items": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Memory.ContentConfiguration" + }, + "type": "array" + }, + "DataStreamArn": { + "type": "string" + } + }, + "required": [ + "ContentConfigurations", + "DataStreamArn" + ], + "type": "object" + }, "AWS::BedrockAgentCore::Memory.MemoryStrategy": { "additionalProperties": false, "properties": { @@ -45436,6 +46035,30 @@ ], "type": "object" }, + "AWS::BedrockAgentCore::Memory.StreamDeliveryResource": { + "additionalProperties": false, + "properties": { + "Kinesis": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Memory.KinesisResource" + } + }, + "type": "object" + }, + "AWS::BedrockAgentCore::Memory.StreamDeliveryResources": { + "additionalProperties": false, + "properties": { + "Resources": { + "items": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Memory.StreamDeliveryResource" + }, + "type": "array" + } + }, + "required": [ + "Resources" + ], + "type": "object" + }, "AWS::BedrockAgentCore::Memory.SummaryMemoryStrategy": { "additionalProperties": false, "properties": { @@ -45670,7 +46293,7 @@ ], "type": "object" }, - "AWS::BedrockAgentCore::Runtime": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -45705,85 +46328,49 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentRuntimeArtifact": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.AgentRuntimeArtifact", - "markdownDescription": "The artifact of the agent.", - "title": "AgentRuntimeArtifact" + "DataSourceConfig": { + "$ref": "#/definitions/AWS::BedrockAgentCore::OnlineEvaluationConfig.DataSourceConfig" }, - "AgentRuntimeName": { - "markdownDescription": "The name of the AgentCore Runtime endpoint.", - "title": "AgentRuntimeName", + "Description": { "type": "string" }, - "AuthorizerConfiguration": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.AuthorizerConfiguration", - "markdownDescription": "Represents inbound authorization configuration options used to authenticate incoming requests.", - "title": "AuthorizerConfiguration" - }, - "Description": { - "markdownDescription": "The agent runtime description.", - "title": "Description", + "EvaluationExecutionRoleArn": { "type": "string" }, - "EnvironmentVariables": { - "additionalProperties": true, - "markdownDescription": "The environment variables for the agent.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "Evaluators": { + "items": { + "$ref": "#/definitions/AWS::BedrockAgentCore::OnlineEvaluationConfig.EvaluatorReference" }, - "title": "EnvironmentVariables", - "type": "object" - }, - "LifecycleConfiguration": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.LifecycleConfiguration", - "markdownDescription": "", - "title": "LifecycleConfiguration" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.NetworkConfiguration", - "markdownDescription": "The network configuration.", - "title": "NetworkConfiguration" + "type": "array" }, - "ProtocolConfiguration": { - "markdownDescription": "The protocol configuration for an agent runtime. This structure defines how the agent runtime communicates with clients.", - "title": "ProtocolConfiguration", + "ExecutionStatus": { "type": "string" }, - "RequestHeaderConfiguration": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.RequestHeaderConfiguration", - "markdownDescription": "", - "title": "RequestHeaderConfiguration" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for for the role.", - "title": "RoleArn", + "OnlineEvaluationConfigName": { "type": "string" }, + "Rule": { + "$ref": "#/definitions/AWS::BedrockAgentCore::OnlineEvaluationConfig.Rule" + }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags for the agent.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, - "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "AgentRuntimeArtifact", - "AgentRuntimeName", - "NetworkConfiguration", - "RoleArn" + "DataSourceConfig", + "EvaluationExecutionRoleArn", + "Evaluators", + "OnlineEvaluationConfigName", + "Rule" ], "type": "object" }, "Type": { "enum": [ - "AWS::BedrockAgentCore::Runtime" + "AWS::BedrockAgentCore::OnlineEvaluationConfig" ], "type": "string" }, @@ -45802,295 +46389,751 @@ ], "type": "object" }, - "AWS::BedrockAgentCore::Runtime.AgentRuntimeArtifact": { - "additionalProperties": false, - "properties": { - "CodeConfiguration": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.CodeConfiguration", - "markdownDescription": "", - "title": "CodeConfiguration" - }, - "ContainerConfiguration": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.ContainerConfiguration", - "markdownDescription": "Representation of a container configuration.", - "title": "ContainerConfiguration" - } - }, - "type": "object" - }, - "AWS::BedrockAgentCore::Runtime.AuthorizerConfiguration": { - "additionalProperties": false, - "properties": { - "CustomJWTAuthorizer": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.CustomJWTAuthorizerConfiguration", - "markdownDescription": "Represents inbound authorization configuration options used to authenticate incoming requests.", - "title": "CustomJWTAuthorizer" - } - }, - "type": "object" - }, - "AWS::BedrockAgentCore::Runtime.AuthorizingClaimMatchValueType": { - "additionalProperties": false, - "properties": { - "ClaimMatchOperator": { - "type": "string" - }, - "ClaimMatchValue": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.ClaimMatchValueType" - } - }, - "required": [ - "ClaimMatchOperator", - "ClaimMatchValue" - ], - "type": "object" - }, - "AWS::BedrockAgentCore::Runtime.ClaimMatchValueType": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig.CloudWatchLogsInputConfig": { "additionalProperties": false, "properties": { - "MatchValueString": { - "type": "string" + "LogGroupNames": { + "items": { + "type": "string" + }, + "type": "array" }, - "MatchValueStringList": { + "ServiceNames": { "items": { "type": "string" }, "type": "array" } }, + "required": [ + "LogGroupNames", + "ServiceNames" + ], "type": "object" }, - "AWS::BedrockAgentCore::Runtime.Code": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig.CloudWatchOutputConfig": { "additionalProperties": false, "properties": { - "S3": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.S3Location", - "markdownDescription": "", - "title": "S3" + "LogGroupName": { + "type": "string" } }, "type": "object" }, - "AWS::BedrockAgentCore::Runtime.CodeConfiguration": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig.DataSourceConfig": { "additionalProperties": false, "properties": { - "Code": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.Code", - "markdownDescription": "", - "title": "Code" - }, - "EntryPoint": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "EntryPoint", - "type": "array" - }, - "Runtime": { - "markdownDescription": "", - "title": "Runtime", - "type": "string" + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::BedrockAgentCore::OnlineEvaluationConfig.CloudWatchLogsInputConfig" } }, "required": [ - "Code", - "EntryPoint", - "Runtime" + "CloudWatchLogs" ], "type": "object" }, - "AWS::BedrockAgentCore::Runtime.ContainerConfiguration": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig.EvaluatorReference": { "additionalProperties": false, "properties": { - "ContainerUri": { - "markdownDescription": "The container Uri.", - "title": "ContainerUri", + "EvaluatorId": { "type": "string" } }, "required": [ - "ContainerUri" + "EvaluatorId" ], "type": "object" }, - "AWS::BedrockAgentCore::Runtime.CustomClaimValidationType": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig.Filter": { "additionalProperties": false, "properties": { - "AuthorizingClaimMatchValue": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.AuthorizingClaimMatchValueType" - }, - "InboundTokenClaimName": { + "Key": { "type": "string" }, - "InboundTokenClaimValueType": { + "Operator": { "type": "string" - } - }, - "required": [ - "AuthorizingClaimMatchValue", - "InboundTokenClaimName", - "InboundTokenClaimValueType" - ], - "type": "object" - }, - "AWS::BedrockAgentCore::Runtime.CustomJWTAuthorizerConfiguration": { - "additionalProperties": false, - "properties": { - "AllowedAudience": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents inbound authorization configuration options used to authenticate incoming requests.", - "title": "AllowedAudience", - "type": "array" }, - "AllowedClients": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents individual client IDs that are validated in the incoming JWT token validation process.", - "title": "AllowedClients", - "type": "array" - }, - "AllowedScopes": { - "items": { - "type": "string" - }, - "type": "array" - }, - "CustomClaims": { - "items": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.CustomClaimValidationType" - }, - "type": "array" - }, - "DiscoveryUrl": { - "markdownDescription": "The configuration authorization.", - "title": "DiscoveryUrl", - "type": "string" + "Value": { + "$ref": "#/definitions/AWS::BedrockAgentCore::OnlineEvaluationConfig.FilterValue" } }, "required": [ - "DiscoveryUrl" + "Key", + "Operator", + "Value" ], "type": "object" }, - "AWS::BedrockAgentCore::Runtime.LifecycleConfiguration": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig.FilterValue": { "additionalProperties": false, "properties": { - "IdleRuntimeSessionTimeout": { - "markdownDescription": "", - "title": "IdleRuntimeSessionTimeout", - "type": "number" + "BooleanValue": { + "type": "boolean" }, - "MaxLifetime": { - "markdownDescription": "", - "title": "MaxLifetime", + "DoubleValue": { "type": "number" + }, + "StringValue": { + "type": "string" } }, "type": "object" }, - "AWS::BedrockAgentCore::Runtime.NetworkConfiguration": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig.OutputConfig": { "additionalProperties": false, "properties": { - "NetworkMode": { - "markdownDescription": "The network mode.", - "title": "NetworkMode", - "type": "string" - }, - "NetworkModeConfig": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.VpcConfig", - "markdownDescription": "", - "title": "NetworkModeConfig" + "CloudWatchConfig": { + "$ref": "#/definitions/AWS::BedrockAgentCore::OnlineEvaluationConfig.CloudWatchOutputConfig" } }, - "required": [ - "NetworkMode" - ], "type": "object" }, - "AWS::BedrockAgentCore::Runtime.RequestHeaderConfiguration": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig.Rule": { "additionalProperties": false, "properties": { - "RequestHeaderAllowlist": { + "Filters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::BedrockAgentCore::OnlineEvaluationConfig.Filter" }, - "markdownDescription": "", - "title": "RequestHeaderAllowlist", "type": "array" - } - }, - "type": "object" - }, - "AWS::BedrockAgentCore::Runtime.S3Location": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "", - "title": "Bucket", - "type": "string" }, - "Prefix": { - "markdownDescription": "", - "title": "Prefix", - "type": "string" + "SamplingConfig": { + "$ref": "#/definitions/AWS::BedrockAgentCore::OnlineEvaluationConfig.SamplingConfig" }, - "VersionId": { - "markdownDescription": "", - "title": "VersionId", - "type": "string" + "SessionConfig": { + "$ref": "#/definitions/AWS::BedrockAgentCore::OnlineEvaluationConfig.SessionConfig" } }, "required": [ - "Bucket", - "Prefix" + "SamplingConfig" ], "type": "object" }, - "AWS::BedrockAgentCore::Runtime.VpcConfig": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig.SamplingConfig": { "additionalProperties": false, "properties": { - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "SecurityGroups", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "Subnets", - "type": "array" + "SamplingPercentage": { + "type": "number" } }, "required": [ - "SecurityGroups", - "Subnets" + "SamplingPercentage" ], "type": "object" }, - "AWS::BedrockAgentCore::Runtime.WorkloadIdentityDetails": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig.SessionConfig": { "additionalProperties": false, "properties": { - "WorkloadIdentityArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the workload identity.", - "title": "WorkloadIdentityArn", - "type": "string" + "SessionTimeoutMinutes": { + "type": "number" } }, "required": [ - "WorkloadIdentityArn" + "SessionTimeoutMinutes" ], "type": "object" }, - "AWS::BedrockAgentCore::RuntimeEndpoint": { + "AWS::BedrockAgentCore::Policy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Definition": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Policy.PolicyDefinition" + }, + "Description": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "PolicyEngineId": { + "type": "string" + }, + "ValidationMode": { + "type": "string" + } + }, + "required": [ + "Definition", + "Name", + "PolicyEngineId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::BedrockAgentCore::Policy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Policy.CedarPolicy": { + "additionalProperties": false, + "properties": { + "Statement": { + "type": "string" + } + }, + "required": [ + "Statement" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Policy.PolicyDefinition": { + "additionalProperties": false, + "properties": { + "Cedar": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Policy.CedarPolicy" + } + }, + "required": [ + "Cedar" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::PolicyEngine": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "type": "string" + }, + "EncryptionKeyArn": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::BedrockAgentCore::PolicyEngine" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AgentRuntimeArtifact": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.AgentRuntimeArtifact", + "markdownDescription": "The artifact of the agent.", + "title": "AgentRuntimeArtifact" + }, + "AgentRuntimeName": { + "markdownDescription": "The name of the AgentCore Runtime endpoint.", + "title": "AgentRuntimeName", + "type": "string" + }, + "AuthorizerConfiguration": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.AuthorizerConfiguration", + "markdownDescription": "Represents inbound authorization configuration options used to authenticate incoming requests.", + "title": "AuthorizerConfiguration" + }, + "Description": { + "markdownDescription": "The agent runtime description.", + "title": "Description", + "type": "string" + }, + "EnvironmentVariables": { + "additionalProperties": true, + "markdownDescription": "The environment variables for the agent.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "EnvironmentVariables", + "type": "object" + }, + "LifecycleConfiguration": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.LifecycleConfiguration", + "markdownDescription": "", + "title": "LifecycleConfiguration" + }, + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.NetworkConfiguration", + "markdownDescription": "The network configuration.", + "title": "NetworkConfiguration" + }, + "ProtocolConfiguration": { + "markdownDescription": "The protocol configuration for an agent runtime. This structure defines how the agent runtime communicates with clients.", + "title": "ProtocolConfiguration", + "type": "string" + }, + "RequestHeaderConfiguration": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.RequestHeaderConfiguration", + "markdownDescription": "", + "title": "RequestHeaderConfiguration" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for for the role.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags for the agent.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "AgentRuntimeArtifact", + "AgentRuntimeName", + "NetworkConfiguration", + "RoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::BedrockAgentCore::Runtime" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.AgentRuntimeArtifact": { + "additionalProperties": false, + "properties": { + "CodeConfiguration": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.CodeConfiguration", + "markdownDescription": "", + "title": "CodeConfiguration" + }, + "ContainerConfiguration": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.ContainerConfiguration", + "markdownDescription": "Representation of a container configuration.", + "title": "ContainerConfiguration" + } + }, + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.AuthorizerConfiguration": { + "additionalProperties": false, + "properties": { + "CustomJWTAuthorizer": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.CustomJWTAuthorizerConfiguration", + "markdownDescription": "Represents inbound authorization configuration options used to authenticate incoming requests.", + "title": "CustomJWTAuthorizer" + } + }, + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.AuthorizingClaimMatchValueType": { + "additionalProperties": false, + "properties": { + "ClaimMatchOperator": { + "type": "string" + }, + "ClaimMatchValue": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.ClaimMatchValueType" + } + }, + "required": [ + "ClaimMatchOperator", + "ClaimMatchValue" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.ClaimMatchValueType": { + "additionalProperties": false, + "properties": { + "MatchValueString": { + "type": "string" + }, + "MatchValueStringList": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.Code": { + "additionalProperties": false, + "properties": { + "S3": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.S3Location", + "markdownDescription": "", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.CodeConfiguration": { + "additionalProperties": false, + "properties": { + "Code": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.Code", + "markdownDescription": "", + "title": "Code" + }, + "EntryPoint": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "EntryPoint", + "type": "array" + }, + "Runtime": { + "markdownDescription": "", + "title": "Runtime", + "type": "string" + } + }, + "required": [ + "Code", + "EntryPoint", + "Runtime" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.ContainerConfiguration": { + "additionalProperties": false, + "properties": { + "ContainerUri": { + "markdownDescription": "The container Uri.", + "title": "ContainerUri", + "type": "string" + } + }, + "required": [ + "ContainerUri" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.CustomClaimValidationType": { + "additionalProperties": false, + "properties": { + "AuthorizingClaimMatchValue": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.AuthorizingClaimMatchValueType" + }, + "InboundTokenClaimName": { + "type": "string" + }, + "InboundTokenClaimValueType": { + "type": "string" + } + }, + "required": [ + "AuthorizingClaimMatchValue", + "InboundTokenClaimName", + "InboundTokenClaimValueType" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.CustomJWTAuthorizerConfiguration": { + "additionalProperties": false, + "properties": { + "AllowedAudience": { + "items": { + "type": "string" + }, + "markdownDescription": "Represents inbound authorization configuration options used to authenticate incoming requests.", + "title": "AllowedAudience", + "type": "array" + }, + "AllowedClients": { + "items": { + "type": "string" + }, + "markdownDescription": "Represents individual client IDs that are validated in the incoming JWT token validation process.", + "title": "AllowedClients", + "type": "array" + }, + "AllowedScopes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "CustomClaims": { + "items": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.CustomClaimValidationType" + }, + "type": "array" + }, + "DiscoveryUrl": { + "markdownDescription": "The configuration authorization.", + "title": "DiscoveryUrl", + "type": "string" + } + }, + "required": [ + "DiscoveryUrl" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.LifecycleConfiguration": { + "additionalProperties": false, + "properties": { + "IdleRuntimeSessionTimeout": { + "markdownDescription": "", + "title": "IdleRuntimeSessionTimeout", + "type": "number" + }, + "MaxLifetime": { + "markdownDescription": "", + "title": "MaxLifetime", + "type": "number" + } + }, + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.NetworkConfiguration": { + "additionalProperties": false, + "properties": { + "NetworkMode": { + "markdownDescription": "The network mode.", + "title": "NetworkMode", + "type": "string" + }, + "NetworkModeConfig": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.VpcConfig", + "markdownDescription": "", + "title": "NetworkModeConfig" + } + }, + "required": [ + "NetworkMode" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.RequestHeaderConfiguration": { + "additionalProperties": false, + "properties": { + "RequestHeaderAllowlist": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "RequestHeaderAllowlist", + "type": "array" + } + }, + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "", + "title": "Bucket", + "type": "string" + }, + "Prefix": { + "markdownDescription": "", + "title": "Prefix", + "type": "string" + }, + "VersionId": { + "markdownDescription": "", + "title": "VersionId", + "type": "string" + } + }, + "required": [ + "Bucket", + "Prefix" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Subnets", + "type": "array" + } + }, + "required": [ + "SecurityGroups", + "Subnets" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.WorkloadIdentityDetails": { + "additionalProperties": false, + "properties": { + "WorkloadIdentityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the workload identity.", + "title": "WorkloadIdentityArn", + "type": "string" + } + }, + "required": [ + "WorkloadIdentityArn" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::RuntimeEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -46267,6 +47310,77 @@ ], "type": "object" }, + "AWS::BedrockMantle::Project": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::BedrockMantle::Project" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, "AWS::Billing::BillingView": { "additionalProperties": false, "properties": { @@ -48714,6 +49828,9 @@ "Properties": { "additionalProperties": false, "properties": { + "Attributes": { + "$ref": "#/definitions/AWS::Cases::Field.FieldAttributes" + }, "Description": { "markdownDescription": "Description of the field.", "title": "Description", @@ -48770,6 +49887,27 @@ ], "type": "object" }, + "AWS::Cases::Field.FieldAttributes": { + "additionalProperties": false, + "properties": { + "Text": { + "$ref": "#/definitions/AWS::Cases::Field.TextAttributes" + } + }, + "type": "object" + }, + "AWS::Cases::Field.TextAttributes": { + "additionalProperties": false, + "properties": { + "IsMultiline": { + "type": "boolean" + } + }, + "required": [ + "IsMultiline" + ], + "type": "object" + }, "AWS::Cases::Layout": { "additionalProperties": false, "properties": { @@ -51444,6 +52582,9 @@ "AWS::CleanRooms::ConfiguredTable.AthenaTableReference": { "additionalProperties": false, "properties": { + "CatalogName": { + "type": "string" + }, "DatabaseName": { "markdownDescription": "The database name.", "title": "DatabaseName", @@ -52683,7 +53824,7 @@ }, "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset": { + "AWS::CleanRoomsML::ConfiguredModelAlgorithm": { "additionalProperties": false, "properties": { "Condition": { @@ -52719,47 +53860,39 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the training dataset.", - "title": "Description", + "type": "string" + }, + "InferenceContainerConfig": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithm.InferenceContainerConfig" + }, + "KmsKeyArn": { "type": "string" }, "Name": { - "markdownDescription": "The name of the training dataset.", - "title": "Name", "type": "string" }, "RoleArn": { - "markdownDescription": "The ARN of the IAM role that Clean Rooms ML can assume to read the data referred to in the `dataSource` field of each dataset.\n\nPassing a role across accounts is not allowed. If you pass a role that isn't in your account, you get an `AccessDeniedException` error.", - "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The optional metadata that you apply to the resource to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50.\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8.\n- Maximum value length - 256 Unicode characters in UTF-8.\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for keys as it is reserved. You cannot edit or delete tag keys with this prefix. Values can have this prefix. If a tag value has `aws` as its prefix but the key does not, then Clean Rooms ML considers it to be a user tag and will count against the limit of 50 tags. Tags with only the key prefix of `aws` do not count against your tags per resource limit.", - "title": "Tags", "type": "array" }, - "TrainingData": { - "items": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.Dataset" - }, - "markdownDescription": "An array of information that lists the Dataset objects, which specifies the dataset type and details on its location and schema. You must provide a role that has read access to these tables.", - "title": "TrainingData", - "type": "array" + "TrainingContainerConfig": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithm.ContainerConfig" } }, "required": [ "Name", - "RoleArn", - "TrainingData" + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::CleanRoomsML::TrainingDataset" + "AWS::CleanRoomsML::ConfiguredModelAlgorithm" ], "type": "string" }, @@ -52778,251 +53911,685 @@ ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset.ColumnSchema": { + "AWS::CleanRoomsML::ConfiguredModelAlgorithm.ContainerConfig": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of a column.", - "title": "ColumnName", - "type": "string" - }, - "ColumnTypes": { + "Arguments": { "items": { "type": "string" }, - "markdownDescription": "The data type of column.", - "title": "ColumnTypes", "type": "array" - } - }, - "required": [ - "ColumnName", - "ColumnTypes" - ], - "type": "object" - }, - "AWS::CleanRoomsML::TrainingDataset.DataSource": { - "additionalProperties": false, - "properties": { - "GlueDataSource": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.GlueDataSource", - "markdownDescription": "A GlueDataSource object that defines the catalog ID, database name, and table name for the training data.", - "title": "GlueDataSource" - } - }, - "required": [ - "GlueDataSource" - ], - "type": "object" - }, - "AWS::CleanRoomsML::TrainingDataset.Dataset": { - "additionalProperties": false, - "properties": { - "InputConfig": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig", - "markdownDescription": "A DatasetInputConfig object that defines the data source and schema mapping.", - "title": "InputConfig" - }, - "Type": { - "markdownDescription": "What type of information is found in the dataset.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "InputConfig", - "Type" - ], - "type": "object" - }, - "AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig": { - "additionalProperties": false, - "properties": { - "DataSource": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DataSource", - "markdownDescription": "A DataSource object that specifies the Glue data source for the training data.", - "title": "DataSource" }, - "Schema": { + "Entrypoint": { "items": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.ColumnSchema" + "type": "string" }, - "markdownDescription": "The schema information for the training data.", - "title": "Schema", "type": "array" - } - }, - "required": [ - "DataSource", - "Schema" - ], - "type": "object" - }, - "AWS::CleanRoomsML::TrainingDataset.GlueDataSource": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The Glue catalog that contains the training data.", - "title": "CatalogId", - "type": "string" }, - "DatabaseName": { - "markdownDescription": "The Glue database that contains the training data.", - "title": "DatabaseName", + "ImageUri": { "type": "string" }, - "TableName": { - "markdownDescription": "The Glue table that contains the training data.", - "title": "TableName", - "type": "string" + "MetricDefinitions": { + "items": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithm.MetricDefinition" + }, + "type": "array" } }, "required": [ - "DatabaseName", - "TableName" + "ImageUri" ], "type": "object" }, - "AWS::Cloud9::EnvironmentEC2": { + "AWS::CleanRoomsML::ConfiguredModelAlgorithm.InferenceContainerConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutomaticStopTimeMinutes": { - "markdownDescription": "The number of minutes until the running instance is shut down after the environment was last used.", - "title": "AutomaticStopTimeMinutes", - "type": "number" - }, - "ConnectionType": { - "markdownDescription": "The connection type used for connecting to an Amazon EC2 environment. Valid values are `CONNECT_SSH` (default) and `CONNECT_SSM` (connected through AWS Systems Manager ).", - "title": "ConnectionType", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the environment to create.", - "title": "Description", - "type": "string" - }, - "ImageId": { - "markdownDescription": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. To choose an AMI for the instance, you must specify a valid AMI alias or a valid AWS Systems Manager path.\n\nFrom December 04, 2023, you will be required to include the `ImageId` parameter for the `CreateEnvironmentEC2` action. This change will be reflected across all direct methods of communicating with the API, such as AWS SDK, AWS CLI and AWS CloudFormation. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nSince Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04.\n\n*AMI aliases*\n\n- Amazon Linux 2: `amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `ubuntu-22.04-x86_64`\n\n*SSM paths*\n\n- Amazon Linux 2: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`", - "title": "ImageId", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "The type of instance to connect to the environment (for example, `t2.micro` ).", - "title": "InstanceType", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the environment.", - "title": "Name", - "type": "string" - }, - "OwnerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the environment owner. This ARN can be the ARN of any AWS Identity and Access Management principal. If this value is not specified, the ARN defaults to this environment's creator.", - "title": "OwnerArn", - "type": "string" - }, - "Repositories": { - "items": { - "$ref": "#/definitions/AWS::Cloud9::EnvironmentEC2.Repository" - }, - "markdownDescription": "Any AWS CodeCommit source code repositories to be cloned into the development environment.", - "title": "Repositories", - "type": "array" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet in Amazon Virtual Private Cloud (Amazon VPC) that AWS Cloud9 will use to communicate with the Amazon Elastic Compute Cloud (Amazon EC2) instance.", - "title": "SubnetId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs that will be associated with the new AWS Cloud9 development environment.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ImageId", - "InstanceType" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Cloud9::EnvironmentEC2" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ImageUri": { "type": "string" } }, "required": [ - "Type", - "Properties" + "ImageUri" ], "type": "object" }, - "AWS::Cloud9::EnvironmentEC2.Repository": { + "AWS::CleanRoomsML::ConfiguredModelAlgorithm.MetricDefinition": { "additionalProperties": false, "properties": { - "PathComponent": { - "markdownDescription": "The path within the development environment's default file system location to clone the AWS CodeCommit repository into. For example, `/REPOSITORY_NAME` would clone the repository into the `/home/USER_NAME/environment/REPOSITORY_NAME` directory in the environment.", - "title": "PathComponent", + "Name": { "type": "string" }, - "RepositoryUrl": { - "markdownDescription": "The clone URL of the AWS CodeCommit repository to be cloned. For example, for an AWS CodeCommit repository this might be `https://git-codecommit.us-east-2.amazonaws.com/v1/repos/REPOSITORY_NAME` .", - "title": "RepositoryUrl", + "Regex": { "type": "string" } }, "required": [ - "PathComponent", - "RepositoryUrl" + "Name", + "Regex" ], "type": "object" }, - "AWS::CloudFormation::CustomResource": { + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConfiguredModelAlgorithmArn": { + "type": "string" + }, + "Description": { + "type": "string" + }, + "MembershipIdentifier": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "PrivacyConfiguration": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.PrivacyConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "ConfiguredModelAlgorithmArn", + "MembershipIdentifier", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.CustomEntityConfig": { + "additionalProperties": false, + "properties": { + "CustomDataIdentifiers": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "CustomDataIdentifiers" + ], + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.LogRedactionConfiguration": { + "additionalProperties": false, + "properties": { + "CustomEntityConfig": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.CustomEntityConfig" + }, + "EntitiesToRedact": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "EntitiesToRedact" + ], + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.LogsConfigurationPolicy": { + "additionalProperties": false, + "properties": { + "AllowedAccountIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "FilterPattern": { + "type": "string" + }, + "LogRedactionConfiguration": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.LogRedactionConfiguration" + }, + "LogType": { + "type": "string" + } + }, + "required": [ + "AllowedAccountIds" + ], + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.MetricsConfigurationPolicy": { + "additionalProperties": false, + "properties": { + "NoiseLevel": { + "type": "string" + } + }, + "required": [ + "NoiseLevel" + ], + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.PrivacyConfiguration": { + "additionalProperties": false, + "properties": { + "Policies": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.PrivacyConfigurationPolicies" + } + }, + "required": [ + "Policies" + ], + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.PrivacyConfigurationPolicies": { + "additionalProperties": false, + "properties": { + "TrainedModelExports": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelExportsConfigurationPolicy" + }, + "TrainedModelInferenceJobs": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelInferenceJobsConfigurationPolicy" + }, + "TrainedModels": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelsConfigurationPolicy" + } + }, + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelArtifactMaxSize": { + "additionalProperties": false, + "properties": { + "Unit": { + "type": "string" + }, + "Value": { + "type": "number" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelExportsConfigurationPolicy": { + "additionalProperties": false, + "properties": { + "FilesToExport": { + "items": { + "type": "string" + }, + "type": "array" + }, + "MaxSize": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelExportsMaxSize" + } + }, + "required": [ + "FilesToExport", + "MaxSize" + ], + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelExportsMaxSize": { + "additionalProperties": false, + "properties": { + "Unit": { + "type": "string" + }, + "Value": { + "type": "number" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelInferenceJobsConfigurationPolicy": { + "additionalProperties": false, + "properties": { + "ContainerLogs": { + "items": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.LogsConfigurationPolicy" + }, + "type": "array" + }, + "MaxOutputSize": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelInferenceMaxOutputSize" + } + }, + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelInferenceMaxOutputSize": { + "additionalProperties": false, + "properties": { + "Unit": { + "type": "string" + }, + "Value": { + "type": "number" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelsConfigurationPolicy": { + "additionalProperties": false, + "properties": { + "ContainerLogs": { + "items": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.LogsConfigurationPolicy" + }, + "type": "array" + }, + "ContainerMetrics": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.MetricsConfigurationPolicy" + }, + "MaxArtifactSize": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelArtifactMaxSize" + } + }, + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the training dataset.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the training dataset.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that Clean Rooms ML can assume to read the data referred to in the `dataSource` field of each dataset.\n\nPassing a role across accounts is not allowed. If you pass a role that isn't in your account, you get an `AccessDeniedException` error.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The optional metadata that you apply to the resource to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50.\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8.\n- Maximum value length - 256 Unicode characters in UTF-8.\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for keys as it is reserved. You cannot edit or delete tag keys with this prefix. Values can have this prefix. If a tag value has `aws` as its prefix but the key does not, then Clean Rooms ML considers it to be a user tag and will count against the limit of 50 tags. Tags with only the key prefix of `aws` do not count against your tags per resource limit.", + "title": "Tags", + "type": "array" + }, + "TrainingData": { + "items": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.Dataset" + }, + "markdownDescription": "An array of information that lists the Dataset objects, which specifies the dataset type and details on its location and schema. You must provide a role that has read access to these tables.", + "title": "TrainingData", + "type": "array" + } + }, + "required": [ + "Name", + "RoleArn", + "TrainingData" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CleanRoomsML::TrainingDataset" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset.ColumnSchema": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The name of a column.", + "title": "ColumnName", + "type": "string" + }, + "ColumnTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The data type of column.", + "title": "ColumnTypes", + "type": "array" + } + }, + "required": [ + "ColumnName", + "ColumnTypes" + ], + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset.DataSource": { + "additionalProperties": false, + "properties": { + "GlueDataSource": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.GlueDataSource", + "markdownDescription": "A GlueDataSource object that defines the catalog ID, database name, and table name for the training data.", + "title": "GlueDataSource" + } + }, + "required": [ + "GlueDataSource" + ], + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset.Dataset": { + "additionalProperties": false, + "properties": { + "InputConfig": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig", + "markdownDescription": "A DatasetInputConfig object that defines the data source and schema mapping.", + "title": "InputConfig" + }, + "Type": { + "markdownDescription": "What type of information is found in the dataset.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "InputConfig", + "Type" + ], + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig": { + "additionalProperties": false, + "properties": { + "DataSource": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DataSource", + "markdownDescription": "A DataSource object that specifies the Glue data source for the training data.", + "title": "DataSource" + }, + "Schema": { + "items": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.ColumnSchema" + }, + "markdownDescription": "The schema information for the training data.", + "title": "Schema", + "type": "array" + } + }, + "required": [ + "DataSource", + "Schema" + ], + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset.GlueDataSource": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The Glue catalog that contains the training data.", + "title": "CatalogId", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The Glue database that contains the training data.", + "title": "DatabaseName", + "type": "string" + }, + "TableName": { + "markdownDescription": "The Glue table that contains the training data.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "DatabaseName", + "TableName" + ], + "type": "object" + }, + "AWS::Cloud9::EnvironmentEC2": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutomaticStopTimeMinutes": { + "markdownDescription": "The number of minutes until the running instance is shut down after the environment was last used.", + "title": "AutomaticStopTimeMinutes", + "type": "number" + }, + "ConnectionType": { + "markdownDescription": "The connection type used for connecting to an Amazon EC2 environment. Valid values are `CONNECT_SSH` (default) and `CONNECT_SSM` (connected through AWS Systems Manager ).", + "title": "ConnectionType", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the environment to create.", + "title": "Description", + "type": "string" + }, + "ImageId": { + "markdownDescription": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. To choose an AMI for the instance, you must specify a valid AMI alias or a valid AWS Systems Manager path.\n\nFrom December 04, 2023, you will be required to include the `ImageId` parameter for the `CreateEnvironmentEC2` action. This change will be reflected across all direct methods of communicating with the API, such as AWS SDK, AWS CLI and AWS CloudFormation. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nSince Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04.\n\n*AMI aliases*\n\n- Amazon Linux 2: `amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `ubuntu-22.04-x86_64`\n\n*SSM paths*\n\n- Amazon Linux 2: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`", + "title": "ImageId", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The type of instance to connect to the environment (for example, `t2.micro` ).", + "title": "InstanceType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the environment.", + "title": "Name", + "type": "string" + }, + "OwnerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the environment owner. This ARN can be the ARN of any AWS Identity and Access Management principal. If this value is not specified, the ARN defaults to this environment's creator.", + "title": "OwnerArn", + "type": "string" + }, + "Repositories": { + "items": { + "$ref": "#/definitions/AWS::Cloud9::EnvironmentEC2.Repository" + }, + "markdownDescription": "Any AWS CodeCommit source code repositories to be cloned into the development environment.", + "title": "Repositories", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet in Amazon Virtual Private Cloud (Amazon VPC) that AWS Cloud9 will use to communicate with the Amazon Elastic Compute Cloud (Amazon EC2) instance.", + "title": "SubnetId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs that will be associated with the new AWS Cloud9 development environment.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ImageId", + "InstanceType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Cloud9::EnvironmentEC2" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Cloud9::EnvironmentEC2.Repository": { + "additionalProperties": false, + "properties": { + "PathComponent": { + "markdownDescription": "The path within the development environment's default file system location to clone the AWS CodeCommit repository into. For example, `/REPOSITORY_NAME` would clone the repository into the `/home/USER_NAME/environment/REPOSITORY_NAME` directory in the environment.", + "title": "PathComponent", + "type": "string" + }, + "RepositoryUrl": { + "markdownDescription": "The clone URL of the AWS CodeCommit repository to be cloned. For example, for an AWS CodeCommit repository this might be `https://git-codecommit.us-east-2.amazonaws.com/v1/repos/REPOSITORY_NAME` .", + "title": "RepositoryUrl", + "type": "string" + } + }, + "required": [ + "PathComponent", + "RepositoryUrl" + ], + "type": "object" + }, + "AWS::CloudFormation::CustomResource": { "additionalProperties": false, "properties": { "Condition": { @@ -60506,10 +62073,6 @@ "type": "string" } }, - "required": [ - "ComparisonOperator", - "EvaluationPeriods" - ], "type": "object" }, "Type": { @@ -60528,8 +62091,7 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, @@ -69750,7 +71312,7 @@ ], "type": "object" }, - "AWS::Config::AggregationAuthorization": { + "AWS::ComputeOptimizer::AutomationRule": { "additionalProperties": false, "properties": { "Condition": { @@ -69785,34 +71347,55 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthorizedAccountId": { - "markdownDescription": "The 12-digit account ID of the account authorized to aggregate data.", - "title": "AuthorizedAccountId", + "Criteria": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.Criteria" + }, + "Description": { "type": "string" }, - "AuthorizedAwsRegion": { - "markdownDescription": "The region authorized to collect aggregated data.", - "title": "AuthorizedAwsRegion", + "Name": { + "type": "string" + }, + "OrganizationConfiguration": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.OrganizationConfiguration" + }, + "Priority": { + "type": "string" + }, + "RecommendedActionTypes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "RuleType": { + "type": "string" + }, + "Schedule": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.Schedule" + }, + "Status": { "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of tag object.", - "title": "Tags", "type": "array" } }, "required": [ - "AuthorizedAccountId", - "AuthorizedAwsRegion" + "Name", + "RecommendedActionTypes", + "RuleType", + "Schedule", + "Status" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::AggregationAuthorization" + "AWS::ComputeOptimizer::AutomationRule" ], "type": "string" }, @@ -69831,241 +71414,469 @@ ], "type": "object" }, - "AWS::Config::ConfigRule": { + "AWS::ComputeOptimizer::AutomationRule.Criteria": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "EbsVolumeSizeInGib": { + "items": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.IntegerCriteriaCondition" + }, + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "EbsVolumeType": { + "items": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.StringCriteriaCondition" + }, + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "EstimatedMonthlySavings": { + "items": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.DoubleCriteriaCondition" + }, + "type": "array" }, - "Metadata": { - "type": "object" + "LookBackPeriodInDays": { + "items": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.IntegerCriteriaCondition" + }, + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Compliance": { - "$ref": "#/definitions/AWS::Config::ConfigRule.Compliance", - "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant and provides the number of contributors that affect the compliance.", - "title": "Compliance" - }, - "ConfigRuleName": { - "markdownDescription": "A name for the AWS Config rule. If you don't specify a name, CloudFormation generates a unique physical ID and uses that ID for the rule name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .", - "title": "ConfigRuleName", - "type": "string" - }, - "Description": { - "markdownDescription": "The description that you provide for the AWS Config rule.", - "title": "Description", - "type": "string" - }, - "EvaluationModes": { - "items": { - "$ref": "#/definitions/AWS::Config::ConfigRule.EvaluationModeConfiguration" - }, - "markdownDescription": "The modes the AWS Config rule can be evaluated in. The valid values are distinct objects. By default, the value is Detective evaluation mode only.", - "title": "EvaluationModes", - "type": "array" - }, - "InputParameters": { - "markdownDescription": "A string, in JSON format, that is passed to the AWS Config rule Lambda function.", - "title": "InputParameters", - "type": "object" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. You can specify a value for `MaximumExecutionFrequency` when:\n\n- You are using an AWS managed rule that is triggered at a periodic frequency.\n- Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see [ConfigSnapshotDeliveryProperties](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html) .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", - "title": "MaximumExecutionFrequency", - "type": "string" - }, - "Scope": { - "$ref": "#/definitions/AWS::Config::ConfigRule.Scope", - "markdownDescription": "Defines which resources can trigger an evaluation for the rule. The scope can include one or more resource types, a combination of one resource type and one resource ID, or a combination of a tag key and value. Specify a scope to constrain the resources that can trigger an evaluation for the rule. If you do not specify a scope, evaluations are triggered when any resource in the recording group changes.", - "title": "Scope" - }, - "Source": { - "$ref": "#/definitions/AWS::Config::ConfigRule.Source", - "markdownDescription": "Provides the rule owner ( `AWS` for managed rules, `CUSTOM_POLICY` for Custom Policy rules, and `CUSTOM_LAMBDA` for Custom Lambda rules), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.", - "title": "Source" - } + "Region": { + "items": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.StringCriteriaCondition" }, - "required": [ - "Source" - ], - "type": "object" + "type": "array" }, - "Type": { - "enum": [ - "AWS::Config::ConfigRule" - ], - "type": "string" + "ResourceArn": { + "items": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.StringCriteriaCondition" + }, + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ResourceTag": { + "items": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.ResourceTagsCriteriaCondition" + }, + "type": "array" + }, + "RestartNeeded": { + "items": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.StringCriteriaCondition" + }, + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Config::ConfigRule.Compliance": { + "AWS::ComputeOptimizer::AutomationRule.DoubleCriteriaCondition": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant.\n\nA resource is compliant if it complies with all of the AWS Config rules that evaluate it. A resource is noncompliant if it does not comply with one or more of these rules.\n\nA rule is compliant if all of the resources that the rule evaluates comply with it. A rule is noncompliant if any of these resources do not comply.\n\nAWS Config returns the `INSUFFICIENT_DATA` value when no evaluation results are available for the AWS resource or AWS Config rule.\n\nFor the `Compliance` data type, AWS Config supports only `COMPLIANT` , `NON_COMPLIANT` , and `INSUFFICIENT_DATA` values. AWS Config does not support the `NOT_APPLICABLE` value for the `Compliance` data type.", - "title": "Type", + "Comparison": { "type": "string" + }, + "Values": { + "items": { + "type": "number" + }, + "type": "array" } }, "type": "object" }, - "AWS::Config::ConfigRule.CustomPolicyDetails": { + "AWS::ComputeOptimizer::AutomationRule.IntegerCriteriaCondition": { "additionalProperties": false, "properties": { - "EnableDebugLogDelivery": { - "markdownDescription": "The boolean expression for enabling debug logging for your AWS Config Custom Policy rule. The default value is `false` .", - "title": "EnableDebugLogDelivery", - "type": "boolean" - }, - "PolicyRuntime": { - "markdownDescription": "The runtime system for your AWS Config Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", - "title": "PolicyRuntime", + "Comparison": { "type": "string" }, - "PolicyText": { - "markdownDescription": "The policy definition containing the logic for your AWS Config Custom Policy rule.", - "title": "PolicyText", - "type": "string" + "Values": { + "items": { + "type": "number" + }, + "type": "array" } }, "type": "object" }, - "AWS::Config::ConfigRule.EvaluationModeConfiguration": { + "AWS::ComputeOptimizer::AutomationRule.OrganizationConfiguration": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The mode of an evaluation. The valid values are Detective or Proactive.", - "title": "Mode", + "AccountIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "RuleApplyOrder": { "type": "string" } }, "type": "object" }, - "AWS::Config::ConfigRule.Scope": { + "AWS::ComputeOptimizer::AutomationRule.ResourceTagsCriteriaCondition": { "additionalProperties": false, "properties": { - "ComplianceResourceId": { - "markdownDescription": "The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for `ComplianceResourceTypes` .", - "title": "ComplianceResourceId", + "Comparison": { "type": "string" }, - "ComplianceResourceTypes": { + "Key": { + "type": "string" + }, + "Values": { "items": { "type": "string" }, - "markdownDescription": "The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for `ComplianceResourceId` .", - "title": "ComplianceResourceTypes", "type": "array" - }, - "TagKey": { - "markdownDescription": "The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule.", - "title": "TagKey", - "type": "string" - }, - "TagValue": { - "markdownDescription": "The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for `TagValue` , you must also specify a value for `TagKey` .", - "title": "TagValue", - "type": "string" } }, "type": "object" }, - "AWS::Config::ConfigRule.Source": { + "AWS::ComputeOptimizer::AutomationRule.Schedule": { "additionalProperties": false, "properties": { - "CustomPolicyDetails": { - "$ref": "#/definitions/AWS::Config::ConfigRule.CustomPolicyDetails", - "markdownDescription": "Provides the runtime system, policy definition, and whether debug logging is enabled. Required when owner is set to `CUSTOM_POLICY` .", - "title": "CustomPolicyDetails" + "ExecutionWindowInMinutes": { + "type": "number" }, - "Owner": { - "markdownDescription": "Indicates whether AWS or the customer owns and manages the AWS Config rule.\n\nAWS Config Managed Rules are predefined rules owned by AWS . For more information, see [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) in the *AWS Config developer guide* .\n\nAWS Config Custom Rules are rules that you can develop either with Guard ( `CUSTOM_POLICY` ) or AWS Lambda ( `CUSTOM_LAMBDA` ). For more information, see [AWS Config Custom Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html) in the *AWS Config developer guide* .", - "title": "Owner", + "ScheduleExpression": { "type": "string" }, - "SourceDetails": { - "items": { - "$ref": "#/definitions/AWS::Config::ConfigRule.SourceDetail" - }, - "markdownDescription": "Provides the source and the message types that cause AWS Config to evaluate your AWS resources against a rule. It also provides the frequency with which you want AWS Config to run evaluations for the rule if the trigger type is periodic.\n\nIf the owner is set to `CUSTOM_POLICY` , the only acceptable values for the AWS Config rule trigger message type are `ConfigurationItemChangeNotification` and `OversizedConfigurationItemChangeNotification` .", - "title": "SourceDetails", - "type": "array" - }, - "SourceIdentifier": { - "markdownDescription": "For AWS Config Managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) .\n\nFor AWS Config Custom Lambda rules, the identifier is the Amazon Resource Name (ARN) of the rule's AWS Lambda function, such as `arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name` .\n\nFor AWS Config Custom Policy rules, this field will be ignored.", - "title": "SourceIdentifier", + "ScheduleExpressionTimezone": { "type": "string" } }, - "required": [ - "Owner" - ], "type": "object" }, - "AWS::Config::ConfigRule.SourceDetail": { + "AWS::ComputeOptimizer::AutomationRule.StringCriteriaCondition": { "additionalProperties": false, "properties": { - "EventSource": { - "markdownDescription": "The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.", - "title": "EventSource", - "type": "string" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The frequency at which you want AWS Config to run evaluations for a custom rule with a periodic trigger. If you specify a value for `MaximumExecutionFrequency` , then `MessageType` must use the `ScheduledNotification` value.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.\n> \n> Based on the valid value you choose, AWS Config runs evaluations once for each valid value. For example, if you choose `Three_Hours` , AWS Config runs evaluations once every three hours. In this case, `Three_Hours` is the frequency of this rule.", - "title": "MaximumExecutionFrequency", + "Comparison": { "type": "string" }, - "MessageType": { - "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .\n- `ConfigurationSnapshotDeliveryCompleted` - Triggers a periodic evaluation when AWS Config delivers a configuration snapshot.\n\nIf you want your custom rule to be triggered by configuration changes, specify two SourceDetail objects, one for `ConfigurationItemChangeNotification` and one for `OversizedConfigurationItemChangeNotification` .", - "title": "MessageType", - "type": "string" + "Values": { + "items": { + "type": "string" + }, + "type": "array" } }, - "required": [ - "EventSource", - "MessageType" - ], "type": "object" }, - "AWS::Config::ConfigurationAggregator": { + "AWS::Config::AggregationAuthorization": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AuthorizedAccountId": { + "markdownDescription": "The 12-digit account ID of the account authorized to aggregate data.", + "title": "AuthorizedAccountId", + "type": "string" + }, + "AuthorizedAwsRegion": { + "markdownDescription": "The region authorized to collect aggregated data.", + "title": "AuthorizedAwsRegion", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of tag object.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AuthorizedAccountId", + "AuthorizedAwsRegion" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Config::AggregationAuthorization" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Config::ConfigRule": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Compliance": { + "$ref": "#/definitions/AWS::Config::ConfigRule.Compliance", + "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant and provides the number of contributors that affect the compliance.", + "title": "Compliance" + }, + "ConfigRuleName": { + "markdownDescription": "A name for the AWS Config rule. If you don't specify a name, CloudFormation generates a unique physical ID and uses that ID for the rule name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .", + "title": "ConfigRuleName", + "type": "string" + }, + "Description": { + "markdownDescription": "The description that you provide for the AWS Config rule.", + "title": "Description", + "type": "string" + }, + "EvaluationModes": { + "items": { + "$ref": "#/definitions/AWS::Config::ConfigRule.EvaluationModeConfiguration" + }, + "markdownDescription": "The modes the AWS Config rule can be evaluated in. The valid values are distinct objects. By default, the value is Detective evaluation mode only.", + "title": "EvaluationModes", + "type": "array" + }, + "InputParameters": { + "markdownDescription": "A string, in JSON format, that is passed to the AWS Config rule Lambda function.", + "title": "InputParameters", + "type": "object" + }, + "MaximumExecutionFrequency": { + "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. You can specify a value for `MaximumExecutionFrequency` when:\n\n- You are using an AWS managed rule that is triggered at a periodic frequency.\n- Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see [ConfigSnapshotDeliveryProperties](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html) .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", + "title": "MaximumExecutionFrequency", + "type": "string" + }, + "Scope": { + "$ref": "#/definitions/AWS::Config::ConfigRule.Scope", + "markdownDescription": "Defines which resources can trigger an evaluation for the rule. The scope can include one or more resource types, a combination of one resource type and one resource ID, or a combination of a tag key and value. Specify a scope to constrain the resources that can trigger an evaluation for the rule. If you do not specify a scope, evaluations are triggered when any resource in the recording group changes.", + "title": "Scope" + }, + "Source": { + "$ref": "#/definitions/AWS::Config::ConfigRule.Source", + "markdownDescription": "Provides the rule owner ( `AWS` for managed rules, `CUSTOM_POLICY` for Custom Policy rules, and `CUSTOM_LAMBDA` for Custom Lambda rules), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.", + "title": "Source" + } + }, + "required": [ + "Source" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Config::ConfigRule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Config::ConfigRule.Compliance": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant.\n\nA resource is compliant if it complies with all of the AWS Config rules that evaluate it. A resource is noncompliant if it does not comply with one or more of these rules.\n\nA rule is compliant if all of the resources that the rule evaluates comply with it. A rule is noncompliant if any of these resources do not comply.\n\nAWS Config returns the `INSUFFICIENT_DATA` value when no evaluation results are available for the AWS resource or AWS Config rule.\n\nFor the `Compliance` data type, AWS Config supports only `COMPLIANT` , `NON_COMPLIANT` , and `INSUFFICIENT_DATA` values. AWS Config does not support the `NOT_APPLICABLE` value for the `Compliance` data type.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Config::ConfigRule.CustomPolicyDetails": { + "additionalProperties": false, + "properties": { + "EnableDebugLogDelivery": { + "markdownDescription": "The boolean expression for enabling debug logging for your AWS Config Custom Policy rule. The default value is `false` .", + "title": "EnableDebugLogDelivery", + "type": "boolean" + }, + "PolicyRuntime": { + "markdownDescription": "The runtime system for your AWS Config Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", + "title": "PolicyRuntime", + "type": "string" + }, + "PolicyText": { + "markdownDescription": "The policy definition containing the logic for your AWS Config Custom Policy rule.", + "title": "PolicyText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Config::ConfigRule.EvaluationModeConfiguration": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "The mode of an evaluation. The valid values are Detective or Proactive.", + "title": "Mode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Config::ConfigRule.Scope": { + "additionalProperties": false, + "properties": { + "ComplianceResourceId": { + "markdownDescription": "The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for `ComplianceResourceTypes` .", + "title": "ComplianceResourceId", + "type": "string" + }, + "ComplianceResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for `ComplianceResourceId` .", + "title": "ComplianceResourceTypes", + "type": "array" + }, + "TagKey": { + "markdownDescription": "The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule.", + "title": "TagKey", + "type": "string" + }, + "TagValue": { + "markdownDescription": "The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for `TagValue` , you must also specify a value for `TagKey` .", + "title": "TagValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Config::ConfigRule.Source": { + "additionalProperties": false, + "properties": { + "CustomPolicyDetails": { + "$ref": "#/definitions/AWS::Config::ConfigRule.CustomPolicyDetails", + "markdownDescription": "Provides the runtime system, policy definition, and whether debug logging is enabled. Required when owner is set to `CUSTOM_POLICY` .", + "title": "CustomPolicyDetails" + }, + "Owner": { + "markdownDescription": "Indicates whether AWS or the customer owns and manages the AWS Config rule.\n\nAWS Config Managed Rules are predefined rules owned by AWS . For more information, see [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) in the *AWS Config developer guide* .\n\nAWS Config Custom Rules are rules that you can develop either with Guard ( `CUSTOM_POLICY` ) or AWS Lambda ( `CUSTOM_LAMBDA` ). For more information, see [AWS Config Custom Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html) in the *AWS Config developer guide* .", + "title": "Owner", + "type": "string" + }, + "SourceDetails": { + "items": { + "$ref": "#/definitions/AWS::Config::ConfigRule.SourceDetail" + }, + "markdownDescription": "Provides the source and the message types that cause AWS Config to evaluate your AWS resources against a rule. It also provides the frequency with which you want AWS Config to run evaluations for the rule if the trigger type is periodic.\n\nIf the owner is set to `CUSTOM_POLICY` , the only acceptable values for the AWS Config rule trigger message type are `ConfigurationItemChangeNotification` and `OversizedConfigurationItemChangeNotification` .", + "title": "SourceDetails", + "type": "array" + }, + "SourceIdentifier": { + "markdownDescription": "For AWS Config Managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) .\n\nFor AWS Config Custom Lambda rules, the identifier is the Amazon Resource Name (ARN) of the rule's AWS Lambda function, such as `arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name` .\n\nFor AWS Config Custom Policy rules, this field will be ignored.", + "title": "SourceIdentifier", + "type": "string" + } + }, + "required": [ + "Owner" + ], + "type": "object" + }, + "AWS::Config::ConfigRule.SourceDetail": { + "additionalProperties": false, + "properties": { + "EventSource": { + "markdownDescription": "The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.", + "title": "EventSource", + "type": "string" + }, + "MaximumExecutionFrequency": { + "markdownDescription": "The frequency at which you want AWS Config to run evaluations for a custom rule with a periodic trigger. If you specify a value for `MaximumExecutionFrequency` , then `MessageType` must use the `ScheduledNotification` value.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.\n> \n> Based on the valid value you choose, AWS Config runs evaluations once for each valid value. For example, if you choose `Three_Hours` , AWS Config runs evaluations once every three hours. In this case, `Three_Hours` is the frequency of this rule.", + "title": "MaximumExecutionFrequency", + "type": "string" + }, + "MessageType": { + "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .\n- `ConfigurationSnapshotDeliveryCompleted` - Triggers a periodic evaluation when AWS Config delivers a configuration snapshot.\n\nIf you want your custom rule to be triggered by configuration changes, specify two SourceDetail objects, one for `ConfigurationItemChangeNotification` and one for `OversizedConfigurationItemChangeNotification` .", + "title": "MessageType", + "type": "string" + } + }, + "required": [ + "EventSource", + "MessageType" + ], + "type": "object" + }, + "AWS::Config::ConfigurationAggregator": { "additionalProperties": false, "properties": { "Condition": { @@ -71710,6 +73521,150 @@ ], "type": "object" }, + "AWS::Connect::ContactFlowModuleAlias": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ContactFlowModuleId": { + "type": "string" + }, + "ContactFlowModuleVersion": { + "type": "number" + }, + "Description": { + "type": "string" + }, + "Name": { + "type": "string" + } + }, + "required": [ + "ContactFlowModuleId", + "ContactFlowModuleVersion", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Connect::ContactFlowModuleAlias" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Connect::ContactFlowModuleVersion": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ContactFlowModuleId": { + "type": "string" + }, + "Description": { + "type": "string" + } + }, + "required": [ + "ContactFlowModuleId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Connect::ContactFlowModuleVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, "AWS::Connect::ContactFlowVersion": { "additionalProperties": false, "properties": { @@ -74443,6 +76398,12 @@ "Properties": { "additionalProperties": false, "properties": { + "AdditionalEmailAddresses": { + "items": { + "$ref": "#/definitions/AWS::Connect::Queue.EmailAddress" + }, + "type": "array" + }, "Description": { "markdownDescription": "The description of the queue.", "title": "Description", @@ -74528,6 +76489,18 @@ ], "type": "object" }, + "AWS::Connect::Queue.EmailAddress": { + "additionalProperties": false, + "properties": { + "EmailAddressArn": { + "type": "string" + } + }, + "required": [ + "EmailAddressArn" + ], + "type": "object" + }, "AWS::Connect::Queue.OutboundCallerConfig": { "additionalProperties": false, "properties": { @@ -75504,6 +77477,12 @@ "title": "AllowedAccessControlTags", "type": "array" }, + "AllowedFlowModules": { + "items": { + "$ref": "#/definitions/AWS::Connect::SecurityProfile.FlowModule" + }, + "type": "array" + }, "Applications": { "items": { "$ref": "#/definitions/AWS::Connect::SecurityProfile.Application" @@ -75607,6 +77586,9 @@ "markdownDescription": "Namespace of the application that you want to give access to.", "title": "Namespace", "type": "string" + }, + "Type": { + "type": "string" } }, "required": [ @@ -75626,6 +77608,22 @@ }, "type": "object" }, + "AWS::Connect::SecurityProfile.FlowModule": { + "additionalProperties": false, + "properties": { + "FlowModuleId": { + "type": "string" + }, + "Type": { + "type": "string" + } + }, + "required": [ + "FlowModuleId", + "Type" + ], + "type": "object" + }, "AWS::Connect::SecurityProfile.GranularAccessControlConfiguration": { "additionalProperties": false, "properties": { @@ -79592,6 +81590,9 @@ "title": "ObjectTypeNames", "type": "array" }, + "Scope": { + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -80112,6 +82113,9 @@ "title": "SourceLastUpdatedTimestampFormat", "type": "string" }, + "SourcePriority": { + "type": "number" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -80232,6 +82236,187 @@ }, "type": "object" }, + "AWS::CustomerProfiles::Recommender": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "type": "string" + }, + "DomainName": { + "type": "string" + }, + "RecommenderConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Recommender.RecommenderConfig" + }, + "RecommenderName": { + "type": "string" + }, + "RecommenderRecipeName": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "DomainName", + "RecommenderName", + "RecommenderRecipeName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CustomerProfiles::Recommender" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Recommender.EventParameters": { + "additionalProperties": false, + "properties": { + "EventType": { + "type": "string" + }, + "EventValueThreshold": { + "type": "number" + } + }, + "required": [ + "EventType" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Recommender.EventsConfig": { + "additionalProperties": false, + "properties": { + "EventParametersList": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::Recommender.EventParameters" + }, + "type": "array" + } + }, + "required": [ + "EventParametersList" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Recommender.Metrics": { + "additionalProperties": false, + "properties": { + "coverage": { + "type": "number" + }, + "freshness": { + "type": "number" + }, + "hit": { + "type": "number" + }, + "popularity": { + "type": "number" + }, + "recall": { + "type": "number" + }, + "similarity": { + "type": "number" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::Recommender.RecommenderConfig": { + "additionalProperties": false, + "properties": { + "EventsConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Recommender.EventsConfig" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::Recommender.RecommenderUpdate": { + "additionalProperties": false, + "properties": { + "CreationDateTime": { + "type": "string" + }, + "FailureReason": { + "type": "string" + }, + "LastUpdatedDateTime": { + "type": "string" + }, + "RecommenderConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Recommender.RecommenderConfig" + }, + "Status": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::Recommender.TrainingMetrics": { + "additionalProperties": false, + "properties": { + "Metrics": { + "$ref": "#/definitions/AWS::CustomerProfiles::Recommender.Metrics" + }, + "Time": { + "type": "string" + } + }, + "type": "object" + }, "AWS::CustomerProfiles::SegmentDefinition": { "additionalProperties": false, "properties": { @@ -81522,6 +83707,12 @@ "AWS::DLM::LifecyclePolicy.FastRestoreRule": { "additionalProperties": false, "properties": { + "AvailabilityZoneIds": { + "items": { + "type": "string" + }, + "type": "array" + }, "AvailabilityZones": { "items": { "type": "string" @@ -88286,6 +90477,46 @@ ], "type": "object" }, + "AWS::DataSync::LocationFSxONTAP.CmkSecretConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::LocationFSxONTAP.CustomSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretAccessRoleArn": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "required": [ + "SecretAccessRoleArn", + "SecretArn" + ], + "type": "object" + }, + "AWS::DataSync::LocationFSxONTAP.ManagedSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretArn": { + "type": "string" + } + }, + "required": [ + "SecretArn" + ], + "type": "object" + }, "AWS::DataSync::LocationFSxONTAP.NFS": { "additionalProperties": false, "properties": { @@ -88330,11 +90561,20 @@ "AWS::DataSync::LocationFSxONTAP.SMB": { "additionalProperties": false, "properties": { + "CmkSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.CmkSecretConfig" + }, + "CustomSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.CustomSecretConfig" + }, "Domain": { "markdownDescription": "Specifies the name of the Windows domain that your storage virtual machine (SVM) belongs to.\n\nIf you have multiple domains in your environment, configuring this setting makes sure that DataSync connects to the right SVM.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right SVM.", "title": "Domain", "type": "string" }, + "ManagedSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.ManagedSecretConfig" + }, "MountOptions": { "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.SmbMountOptions", "markdownDescription": "Specifies how DataSync can access a location using the SMB protocol.", @@ -88353,7 +90593,6 @@ }, "required": [ "MountOptions", - "Password", "User" ], "type": "object" @@ -88534,6 +90773,12 @@ "Properties": { "additionalProperties": false, "properties": { + "CmkSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxWindows.CmkSecretConfig" + }, + "CustomSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxWindows.CustomSecretConfig" + }, "Domain": { "markdownDescription": "Specifies the name of the Windows domain that the FSx for Windows File Server file system belongs to.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right file system.", "title": "Domain", @@ -88603,6 +90848,46 @@ ], "type": "object" }, + "AWS::DataSync::LocationFSxWindows.CmkSecretConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::LocationFSxWindows.CustomSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretAccessRoleArn": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "required": [ + "SecretAccessRoleArn", + "SecretArn" + ], + "type": "object" + }, + "AWS::DataSync::LocationFSxWindows.ManagedSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretArn": { + "type": "string" + } + }, + "required": [ + "SecretArn" + ], + "type": "object" + }, "AWS::DataSync::LocationHDFS": { "additionalProperties": false, "properties": { @@ -88656,6 +90941,12 @@ "title": "BlockSize", "type": "number" }, + "CmkSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationHDFS.CmkSecretConfig" + }, + "CustomSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationHDFS.CustomSecretConfig" + }, "KerberosKeytab": { "markdownDescription": "The Kerberos key table (keytab) that contains mappings between the defined Kerberos principal and the encrypted keys. Provide the base64-encoded file text. If `KERBEROS` is specified for `AuthType` , this value is required.", "title": "KerberosKeytab", @@ -88741,6 +91032,46 @@ ], "type": "object" }, + "AWS::DataSync::LocationHDFS.CmkSecretConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::LocationHDFS.CustomSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretAccessRoleArn": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "required": [ + "SecretAccessRoleArn", + "SecretArn" + ], + "type": "object" + }, + "AWS::DataSync::LocationHDFS.ManagedSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretArn": { + "type": "string" + } + }, + "required": [ + "SecretArn" + ], + "type": "object" + }, "AWS::DataSync::LocationHDFS.NameNode": { "additionalProperties": false, "properties": { @@ -93294,6 +95625,9 @@ "Properties": { "additionalProperties": false, "properties": { + "CostScaleFactor": { + "type": "number" + }, "Description": { "markdownDescription": "A description of the farm that helps identify what the farm is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", "title": "Description", @@ -95108,6 +97442,9 @@ "title": "Description", "type": "string" }, + "KmsKeyArn": { + "type": "string" + }, "Name": { "markdownDescription": "The name of the Agent Space.", "title": "Name", @@ -95115,6 +97452,12 @@ }, "OperatorApp": { "$ref": "#/definitions/AWS::DevOpsAgent::AgentSpace.OperatorApp" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" } }, "required": [ @@ -95808,11 +98151,20 @@ "Properties": { "additionalProperties": false, "properties": { + "KmsKeyArn": { + "type": "string" + }, "ServiceDetails": { "$ref": "#/definitions/AWS::DevOpsAgent::Service.ServiceDetails" }, "ServiceType": { "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" } }, "required": [ @@ -96565,7 +98917,7 @@ }, "type": "object" }, - "AWS::DirectoryService::MicrosoftAD": { + "AWS::DirectConnect::Connection": { "additionalProperties": false, "properties": { "Condition": { @@ -96600,52 +98952,41 @@ "Properties": { "additionalProperties": false, "properties": { - "CreateAlias": { - "markdownDescription": "Specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, CloudFormation does not create an alias.\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", - "title": "CreateAlias", - "type": "boolean" - }, - "Edition": { - "markdownDescription": "AWS Managed Microsoft AD is available in two editions: `Standard` and `Enterprise` . `Enterprise` is the default.", - "title": "Edition", + "Bandwidth": { "type": "string" }, - "EnableSso": { - "markdownDescription": "Whether to enable single sign-on for a Microsoft Active Directory in AWS . Single sign-on allows users in your directory to access certain AWS services from a computer joined to the directory without having to enter their credentials separately. If you don't specify a value, CloudFormation disables single sign-on by default.", - "title": "EnableSso", - "type": "boolean" + "ConnectionName": { + "type": "string" }, - "Name": { - "markdownDescription": "The fully qualified domain name for the AWS Managed Microsoft AD directory, such as `corp.example.com` . This name will resolve inside your VPC only. It does not need to be publicly resolvable.", - "title": "Name", + "LagId": { "type": "string" }, - "Password": { - "markdownDescription": "The password for the default administrative user named `Admin` .\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *Directory Service API Reference* .", - "title": "Password", + "Location": { "type": "string" }, - "ShortName": { - "markdownDescription": "The NetBIOS name for your domain, such as `CORP` . If you don't specify a NetBIOS name, it will default to the first part of your directory DNS. For example, `CORP` for the directory DNS `corp.example.com` .", - "title": "ShortName", + "ProviderName": { "type": "string" }, - "VpcSettings": { - "$ref": "#/definitions/AWS::DirectoryService::MicrosoftAD.VpcSettings", - "markdownDescription": "Specifies the VPC settings of the Microsoft AD directory server in AWS .", - "title": "VpcSettings" + "RequestMACSec": { + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" } }, "required": [ - "Name", - "Password", - "VpcSettings" + "Bandwidth", + "ConnectionName", + "Location" ], "type": "object" }, "Type": { "enum": [ - "AWS::DirectoryService::MicrosoftAD" + "AWS::DirectConnect::Connection" ], "type": "string" }, @@ -96664,30 +99005,748 @@ ], "type": "object" }, - "AWS::DirectoryService::MicrosoftAD.VpcSettings": { + "AWS::DirectConnect::DirectConnectGateway": { "additionalProperties": false, "properties": { - "SubnetIds": { - "items": { - "type": "string" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AmazonSideAsn": { + "type": "string" + }, + "DirectConnectGatewayName": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } }, - "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. Directory Service specifies a directory server and a DNS server in each of these subnets.", - "title": "SubnetIds", - "type": "array" + "required": [ + "DirectConnectGatewayName" + ], + "type": "object" }, - "VpcId": { - "markdownDescription": "The identifier of the VPC in which to create the directory.", - "title": "VpcId", + "Type": { + "enum": [ + "AWS::DirectConnect::DirectConnectGateway" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "SubnetIds", - "VpcId" + "Type", + "Properties" ], "type": "object" }, - "AWS::DirectoryService::SimpleAD": { + "AWS::DirectConnect::DirectConnectGatewayAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptDirectConnectGatewayAssociationProposalRoleArn": { + "type": "string" + }, + "AllowedPrefixesToDirectConnectGateway": { + "items": { + "type": "string" + }, + "type": "array" + }, + "AssociatedGatewayId": { + "type": "string" + }, + "DirectConnectGatewayId": { + "type": "string" + } + }, + "required": [ + "AssociatedGatewayId", + "DirectConnectGatewayId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DirectConnect::DirectConnectGatewayAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::DirectConnect::Lag": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectionsBandwidth": { + "type": "string" + }, + "LagName": { + "type": "string" + }, + "Location": { + "type": "string" + }, + "MinimumLinks": { + "type": "number" + }, + "ProviderName": { + "type": "string" + }, + "RequestMACSec": { + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "ConnectionsBandwidth", + "LagName", + "Location" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DirectConnect::Lag" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::DirectConnect::PrivateVirtualInterface": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllocatePrivateVirtualInterfaceRoleArn": { + "type": "string" + }, + "BgpPeers": { + "items": { + "$ref": "#/definitions/AWS::DirectConnect::PrivateVirtualInterface.BgpPeer" + }, + "type": "array" + }, + "ConnectionId": { + "type": "string" + }, + "DirectConnectGatewayId": { + "type": "string" + }, + "EnableSiteLink": { + "type": "boolean" + }, + "Mtu": { + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, + "VirtualGatewayId": { + "type": "string" + }, + "VirtualInterfaceName": { + "type": "string" + }, + "Vlan": { + "type": "number" + } + }, + "required": [ + "BgpPeers", + "ConnectionId", + "VirtualInterfaceName", + "Vlan" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DirectConnect::PrivateVirtualInterface" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::DirectConnect::PrivateVirtualInterface.BgpPeer": { + "additionalProperties": false, + "properties": { + "AddressFamily": { + "type": "string" + }, + "AmazonAddress": { + "type": "string" + }, + "Asn": { + "type": "string" + }, + "AuthKey": { + "type": "string" + }, + "BgpPeerId": { + "type": "string" + }, + "CustomerAddress": { + "type": "string" + } + }, + "required": [ + "AddressFamily", + "Asn" + ], + "type": "object" + }, + "AWS::DirectConnect::PublicVirtualInterface": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllocatePublicVirtualInterfaceRoleArn": { + "type": "string" + }, + "BgpPeers": { + "items": { + "$ref": "#/definitions/AWS::DirectConnect::PublicVirtualInterface.BgpPeer" + }, + "type": "array" + }, + "ConnectionId": { + "type": "string" + }, + "RouteFilterPrefixes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, + "VirtualInterfaceName": { + "type": "string" + }, + "Vlan": { + "type": "number" + } + }, + "required": [ + "BgpPeers", + "ConnectionId", + "VirtualInterfaceName", + "Vlan" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DirectConnect::PublicVirtualInterface" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::DirectConnect::PublicVirtualInterface.BgpPeer": { + "additionalProperties": false, + "properties": { + "AddressFamily": { + "type": "string" + }, + "AmazonAddress": { + "type": "string" + }, + "Asn": { + "type": "string" + }, + "AuthKey": { + "type": "string" + }, + "BgpPeerId": { + "type": "string" + }, + "CustomerAddress": { + "type": "string" + } + }, + "required": [ + "AddressFamily", + "Asn" + ], + "type": "object" + }, + "AWS::DirectConnect::TransitVirtualInterface": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllocateTransitVirtualInterfaceRoleArn": { + "type": "string" + }, + "BgpPeers": { + "items": { + "$ref": "#/definitions/AWS::DirectConnect::TransitVirtualInterface.BgpPeer" + }, + "type": "array" + }, + "ConnectionId": { + "type": "string" + }, + "DirectConnectGatewayId": { + "type": "string" + }, + "EnableSiteLink": { + "type": "boolean" + }, + "Mtu": { + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, + "VirtualInterfaceName": { + "type": "string" + }, + "Vlan": { + "type": "number" + } + }, + "required": [ + "BgpPeers", + "ConnectionId", + "DirectConnectGatewayId", + "VirtualInterfaceName", + "Vlan" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DirectConnect::TransitVirtualInterface" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::DirectConnect::TransitVirtualInterface.BgpPeer": { + "additionalProperties": false, + "properties": { + "AddressFamily": { + "type": "string" + }, + "AmazonAddress": { + "type": "string" + }, + "Asn": { + "type": "string" + }, + "AuthKey": { + "type": "string" + }, + "BgpPeerId": { + "type": "string" + }, + "CustomerAddress": { + "type": "string" + } + }, + "required": [ + "AddressFamily", + "Asn" + ], + "type": "object" + }, + "AWS::DirectoryService::MicrosoftAD": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CreateAlias": { + "markdownDescription": "Specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, CloudFormation does not create an alias.\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", + "title": "CreateAlias", + "type": "boolean" + }, + "Edition": { + "markdownDescription": "AWS Managed Microsoft AD is available in two editions: `Standard` and `Enterprise` . `Enterprise` is the default.", + "title": "Edition", + "type": "string" + }, + "EnableSso": { + "markdownDescription": "Whether to enable single sign-on for a Microsoft Active Directory in AWS . Single sign-on allows users in your directory to access certain AWS services from a computer joined to the directory without having to enter their credentials separately. If you don't specify a value, CloudFormation disables single sign-on by default.", + "title": "EnableSso", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The fully qualified domain name for the AWS Managed Microsoft AD directory, such as `corp.example.com` . This name will resolve inside your VPC only. It does not need to be publicly resolvable.", + "title": "Name", + "type": "string" + }, + "Password": { + "markdownDescription": "The password for the default administrative user named `Admin` .\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *Directory Service API Reference* .", + "title": "Password", + "type": "string" + }, + "ShortName": { + "markdownDescription": "The NetBIOS name for your domain, such as `CORP` . If you don't specify a NetBIOS name, it will default to the first part of your directory DNS. For example, `CORP` for the directory DNS `corp.example.com` .", + "title": "ShortName", + "type": "string" + }, + "VpcSettings": { + "$ref": "#/definitions/AWS::DirectoryService::MicrosoftAD.VpcSettings", + "markdownDescription": "Specifies the VPC settings of the Microsoft AD directory server in AWS .", + "title": "VpcSettings" + } + }, + "required": [ + "Name", + "Password", + "VpcSettings" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DirectoryService::MicrosoftAD" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::DirectoryService::MicrosoftAD.VpcSettings": { + "additionalProperties": false, + "properties": { + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. Directory Service specifies a directory server and a DNS server in each of these subnets.", + "title": "SubnetIds", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The identifier of the VPC in which to create the directory.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "SubnetIds", + "VpcId" + ], + "type": "object" + }, + "AWS::DirectoryService::SimpleAD": { "additionalProperties": false, "properties": { "Condition": { @@ -100371,6 +103430,9 @@ "title": "ReplaceUnhealthyInstances", "type": "boolean" }, + "ReservedCapacityOptions": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.ReservedCapacityOptionsRequest" + }, "SpotOptions": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.SpotOptionsRequest", "markdownDescription": "Describes the configuration of Spot Instances in an EC2 Fleet.", @@ -101034,6 +104096,18 @@ }, "type": "object" }, + "AWS::EC2::EC2Fleet.ReservedCapacityOptionsRequest": { + "additionalProperties": false, + "properties": { + "ReservationTypes": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, "AWS::EC2::EC2Fleet.SpotOptionsRequest": { "additionalProperties": false, "properties": { @@ -102454,6 +105528,92 @@ ], "type": "object" }, + "AWS::EC2::IPAMPrefixListResolverTarget": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DesiredVersion": { + "type": "number" + }, + "IpamPrefixListResolverId": { + "type": "string" + }, + "PrefixListId": { + "type": "string" + }, + "PrefixListRegion": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, + "TrackLatestVersion": { + "type": "boolean" + } + }, + "required": [ + "IpamPrefixListResolverId", + "PrefixListId", + "PrefixListRegion", + "TrackLatestVersion" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::IPAMPrefixListResolverTarget" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, "AWS::EC2::IPAMResourceDiscovery": { "additionalProperties": false, "properties": { @@ -103619,6 +106779,30 @@ ], "type": "object" }, + "AWS::EC2::InstanceConnectEndpoint.InstanceConnectEndpointDnsNames": { + "additionalProperties": false, + "properties": { + "DnsName": { + "type": "string" + }, + "FipsDnsName": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::InstanceConnectEndpoint.InstanceConnectEndpointPublicDnsNames": { + "additionalProperties": false, + "properties": { + "Dualstack": { + "$ref": "#/definitions/AWS::EC2::InstanceConnectEndpoint.InstanceConnectEndpointDnsNames" + }, + "Ipv4": { + "$ref": "#/definitions/AWS::EC2::InstanceConnectEndpoint.InstanceConnectEndpointDnsNames" + } + }, + "type": "object" + }, "AWS::EC2::InternetGateway": { "additionalProperties": false, "properties": { @@ -110308,6 +113492,74 @@ }, "type": "object" }, + "AWS::EC2::SqlHaStandbyDetectedInstance": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InstanceId": { + "type": "string" + }, + "SqlServerCredentials": { + "type": "string" + } + }, + "required": [ + "InstanceId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::SqlHaStandbyDetectedInstance" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, "AWS::EC2::Subnet": { "additionalProperties": false, "properties": { @@ -117018,6 +120270,18 @@ }, "type": "object" }, + "AWS::ECS::CapacityProvider.CapacityReservationRequest": { + "additionalProperties": false, + "properties": { + "ReservationGroupArn": { + "type": "string" + }, + "ReservationPreference": { + "type": "string" + } + }, + "type": "object" + }, "AWS::ECS::CapacityProvider.InfrastructureOptimization": { "additionalProperties": false, "properties": { @@ -117037,6 +120301,9 @@ "title": "CapacityOptionType", "type": "string" }, + "CapacityReservations": { + "$ref": "#/definitions/AWS::ECS::CapacityProvider.CapacityReservationRequest" + }, "Ec2InstanceProfileArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile that Amazon ECS applies to Amazon ECS Managed Instances. This instance profile must include the necessary permissions for your tasks to access AWS services and resources.\n\nFor more information, see [Amazon ECS instance profile for Managed Instances](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/managed-instances-instance-profile.html) in the *Amazon ECS Developer Guide* .", "title": "Ec2InstanceProfileArn", @@ -117045,6 +120312,9 @@ "FipsEnabled": { "type": "boolean" }, + "InstanceMetadataTagsPropagation": { + "type": "boolean" + }, "InstanceRequirements": { "$ref": "#/definitions/AWS::ECS::CapacityProvider.InstanceRequirementsRequest", "markdownDescription": "The instance requirements. You can specify:\n\n- The instance types\n- Instance requirements such as vCPU count, memory, network performance, and accelerator specifications\n\nAmazon ECS automatically selects the instances that match the specified criteria.", @@ -122216,9 +125486,6 @@ "type": "array" } }, - "required": [ - "RemoteNodeNetworks" - ], "type": "object" }, "AWS::EKS::Cluster.RemoteNodeNetwork": { @@ -123160,7 +126427,7 @@ }, "Configurations": { "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + "$ref": "#/definitions/AWS::EMR::Cluster.EMRConfiguration" }, "markdownDescription": "Applies only to Amazon EMR releases 4.x and later. The list of configurations that are supplied to the Amazon EMR cluster.", "title": "Configurations", @@ -123216,6 +126483,9 @@ "markdownDescription": "Creates or updates a managed scaling policy for an Amazon EMR cluster. The managed scaling policy defines the limits for resources, such as Amazon EC2 instances that can be added or terminated from a cluster. The policy only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", "title": "ManagedScalingPolicy" }, + "MonitoringConfiguration": { + "$ref": "#/definitions/AWS::EMR::Cluster.MonitoringConfiguration" + }, "Name": { "markdownDescription": "The name of the cluster. This parameter can't contain the characters <, >, $, |, or ` (backtick).", "title": "Name", @@ -123274,11 +126544,6 @@ "markdownDescription": "A list of tags associated with a cluster.", "title": "Tags", "type": "array" - }, - "VisibleToAllUsers": { - "markdownDescription": "Indicates whether the cluster is visible to all IAM users of the AWS account associated with the cluster. If this value is set to `true` , all IAM users of that AWS account can view and manage the cluster if they have the proper policy permissions set. If this value is `false` , only the IAM user that created the cluster can view and manage it. This value can be changed using the SetVisibleToAllUsers action.\n\n> When you create clusters directly through the EMR console or API, this value is set to `true` by default. However, for `AWS::EMR::Cluster` resources in CloudFormation, the default is `false` .", - "title": "VisibleToAllUsers", - "type": "boolean" } }, "required": [ @@ -123459,6 +126724,30 @@ ], "type": "object" }, + "AWS::EMR::Cluster.CloudWatchLogConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "EncryptionKeyArn": { + "type": "string" + }, + "LogGroupName": { + "type": "string" + }, + "LogStreamNamePrefix": { + "type": "string" + }, + "LogTypes": { + "type": "object" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, "AWS::EMR::Cluster.ComputeLimits": { "additionalProperties": false, "properties": { @@ -123495,31 +126784,25 @@ ], "type": "object" }, - "AWS::EMR::Cluster.Configuration": { + "AWS::EMR::Cluster.EMRConfiguration": { "additionalProperties": false, "properties": { "Classification": { - "markdownDescription": "The classification within a configuration.", - "title": "Classification", "type": "string" }, "ConfigurationProperties": { "additionalProperties": true, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, - "title": "ConfigurationProperties", "type": "object" }, "Configurations": { "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + "$ref": "#/definitions/AWS::EMR::Cluster.EMRConfiguration" }, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "title": "Configurations", "type": "array" } }, @@ -123684,7 +126967,7 @@ }, "Configurations": { "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + "$ref": "#/definitions/AWS::EMR::Cluster.EMRConfiguration" }, "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nThe list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).", "title": "Configurations", @@ -123742,7 +127025,7 @@ }, "Configurations": { "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + "$ref": "#/definitions/AWS::EMR::Cluster.EMRConfiguration" }, "markdownDescription": "A configuration classification that applies when provisioning cluster instances, which can include configurations for applications and software that run on the cluster.", "title": "Configurations", @@ -123987,6 +127270,15 @@ ], "type": "object" }, + "AWS::EMR::Cluster.MonitoringConfiguration": { + "additionalProperties": false, + "properties": { + "CloudWatchLogConfiguration": { + "$ref": "#/definitions/AWS::EMR::Cluster.CloudWatchLogConfiguration" + } + }, + "type": "object" + }, "AWS::EMR::Cluster.OnDemandCapacityReservationOptions": { "additionalProperties": false, "properties": { @@ -127868,14 +131160,6 @@ "title": "CacheParameterGroupName", "type": "string" }, - "CacheSecurityGroupNames": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of cache security group names to associate with this replication group.", - "title": "CacheSecurityGroupNames", - "type": "array" - }, "CacheSubnetGroupName": { "markdownDescription": "The name of the cache subnet group to be used for the replication group.\n\n> If you're going to launch your cluster in an Amazon VPC, you need to create a subnet group before you start creating a cluster. For more information, see [AWS::ElastiCache::SubnetGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-subnetgroup.html) .", "title": "CacheSubnetGroupName", @@ -128114,6 +131398,18 @@ }, "type": "object" }, + "AWS::ElastiCache::ReplicationGroup.Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, "AWS::ElastiCache::ReplicationGroup.KinesisFirehoseDestinationDetails": { "additionalProperties": false, "properties": { @@ -128194,6 +131490,30 @@ }, "type": "object" }, + "AWS::ElastiCache::ReplicationGroup.ReadEndPoint": { + "additionalProperties": false, + "properties": { + "Addresses": { + "type": "string" + }, + "AddressesList": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Ports": { + "type": "string" + }, + "PortsList": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, "AWS::ElastiCache::SecurityGroup": { "additionalProperties": false, "properties": { @@ -132262,6 +135582,131 @@ }, "type": "object" }, + "AWS::ElementalInference::Feed": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + }, + "Outputs": { + "items": { + "$ref": "#/definitions/AWS::ElementalInference::Feed.GetOutput" + }, + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "Name", + "Outputs" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ElementalInference::Feed" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ElementalInference::Feed.ClippingConfig": { + "additionalProperties": false, + "properties": { + "CallbackMetadata": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::ElementalInference::Feed.GetOutput": { + "additionalProperties": false, + "properties": { + "Description": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "OutputConfig": { + "$ref": "#/definitions/AWS::ElementalInference::Feed.OutputConfig" + }, + "Status": { + "type": "string" + } + }, + "required": [ + "Name", + "OutputConfig", + "Status" + ], + "type": "object" + }, + "AWS::ElementalInference::Feed.OutputConfig": { + "additionalProperties": false, + "properties": { + "Clipping": { + "$ref": "#/definitions/AWS::ElementalInference::Feed.ClippingConfig" + }, + "Cropping": { + "type": "object" + } + }, + "type": "object" + }, "AWS::EntityResolution::IdMappingWorkflow": { "additionalProperties": false, "properties": { @@ -137846,6 +141291,21 @@ }, "type": "object" }, + "AWS::FSx::FileSystem.FsrmConfiguration": { + "additionalProperties": false, + "properties": { + "EventLogDestination": { + "type": "string" + }, + "FsrmServiceEnabled": { + "type": "boolean" + } + }, + "required": [ + "FsrmServiceEnabled" + ], + "type": "object" + }, "AWS::FSx::FileSystem.LustreConfiguration": { "additionalProperties": false, "properties": { @@ -138298,6 +141758,9 @@ "markdownDescription": "The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for Windows file system. By default, Amazon FSx automatically provisions 3 IOPS per GiB of storage capacity. You can provision additional IOPS per GiB of storage, up to the maximum limit associated with your chosen throughput capacity.", "title": "DiskIopsConfiguration" }, + "FsrmConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.FsrmConfiguration" + }, "PreferredSubnetId": { "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` . This specifies the subnet in which you want the preferred file server to be located. For in- AWS applications, we recommend that you launch your clients in the same availability zone as your preferred file server to reduce cross-availability zone data transfer costs and minimize latency.", "title": "PreferredSubnetId", @@ -141244,6 +144707,9 @@ "title": "PerInstanceContainerGroupDefinitionName", "type": "string" }, + "PlayerGatewayMode": { + "type": "string" + }, "ScalingPolicies": { "items": { "$ref": "#/definitions/AWS::GameLift::ContainerFleet.ScalingPolicy" @@ -141427,6 +144893,9 @@ "markdownDescription": "", "title": "LocationCapacity" }, + "PlayerGatewayStatus": { + "type": "string" + }, "StoppedActions": { "items": { "type": "string" @@ -142074,6 +145543,12 @@ "title": "PeerVpcId", "type": "string" }, + "PlayerGatewayConfiguration": { + "$ref": "#/definitions/AWS::GameLift::Fleet.PlayerGatewayConfiguration" + }, + "PlayerGatewayMode": { + "type": "string" + }, "ResourceCreationLimitPolicy": { "$ref": "#/definitions/AWS::GameLift::Fleet.ResourceCreationLimitPolicy", "markdownDescription": "A policy that limits the number of game sessions that an individual player can create on instances in this fleet within a specified span of time.", @@ -142231,6 +145706,9 @@ "$ref": "#/definitions/AWS::GameLift::Fleet.LocationCapacity", "markdownDescription": "Current resource capacity settings for managed EC2 fleets and managed container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.\n\n*Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)", "title": "LocationCapacity" + }, + "PlayerGatewayStatus": { + "type": "string" } }, "required": [ @@ -142253,6 +145731,15 @@ ], "type": "object" }, + "AWS::GameLift::Fleet.PlayerGatewayConfiguration": { + "additionalProperties": false, + "properties": { + "GameServerIpProtocolSupported": { + "type": "string" + } + }, + "type": "object" + }, "AWS::GameLift::Fleet.ResourceCreationLimitPolicy": { "additionalProperties": false, "properties": { @@ -143721,6 +147208,212 @@ ], "type": "object" }, + "AWS::Glue::Catalog": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllowFullTableExternalDataAccess": { + "type": "string" + }, + "CatalogProperties": { + "$ref": "#/definitions/AWS::Glue::Catalog.CatalogProperties" + }, + "CreateDatabaseDefaultPermissions": { + "items": { + "$ref": "#/definitions/AWS::Glue::Catalog.PrincipalPermissions" + }, + "type": "array" + }, + "CreateTableDefaultPermissions": { + "items": { + "$ref": "#/definitions/AWS::Glue::Catalog.PrincipalPermissions" + }, + "type": "array" + }, + "Description": { + "type": "string" + }, + "FederatedCatalog": { + "$ref": "#/definitions/AWS::Glue::Catalog.FederatedCatalog" + }, + "Name": { + "type": "string" + }, + "OverwriteChildResourcePermissionsWithDefault": { + "type": "string" + }, + "Parameters": { + "additionalProperties": true, + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, + "TargetRedshiftCatalog": { + "$ref": "#/definitions/AWS::Glue::Catalog.TargetRedshiftCatalog" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Glue::Catalog" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Glue::Catalog.CatalogProperties": { + "additionalProperties": false, + "properties": { + "CustomProperties": { + "additionalProperties": true, + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "type": "object" + }, + "DataLakeAccessProperties": { + "$ref": "#/definitions/AWS::Glue::Catalog.DataLakeAccessProperties" + } + }, + "type": "object" + }, + "AWS::Glue::Catalog.DataLakeAccessProperties": { + "additionalProperties": false, + "properties": { + "AllowFullTableExternalDataAccess": { + "type": "string" + }, + "CatalogType": { + "type": "string" + }, + "DataLakeAccess": { + "type": "boolean" + }, + "DataTransferRole": { + "type": "string" + }, + "KmsKey": { + "type": "string" + }, + "ManagedWorkgroupName": { + "type": "string" + }, + "ManagedWorkgroupStatus": { + "type": "string" + }, + "RedshiftDatabaseName": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Catalog.DataLakePrincipal": { + "additionalProperties": false, + "properties": { + "DataLakePrincipalIdentifier": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Catalog.FederatedCatalog": { + "additionalProperties": false, + "properties": { + "ConnectionName": { + "type": "string" + }, + "Identifier": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Catalog.PrincipalPermissions": { + "additionalProperties": false, + "properties": { + "Permissions": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Principal": { + "$ref": "#/definitions/AWS::Glue::Catalog.DataLakePrincipal" + } + }, + "type": "object" + }, + "AWS::Glue::Catalog.TargetRedshiftCatalog": { + "additionalProperties": false, + "properties": { + "CatalogArn": { + "type": "string" + } + }, + "required": [ + "CatalogArn" + ], + "type": "object" + }, "AWS::Glue::Classifier": { "additionalProperties": false, "properties": { @@ -161407,6 +165100,116 @@ ], "type": "object" }, + "AWS::Interconnect::Connection": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ActivationKey": { + "type": "string" + }, + "AttachPoint": { + "$ref": "#/definitions/AWS::Interconnect::Connection.AttachPoint" + }, + "Bandwidth": { + "type": "string" + }, + "Description": { + "type": "string" + }, + "EnvironmentId": { + "type": "string" + }, + "RemoteOwnerAccount": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "AttachPoint" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Interconnect::Connection" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Interconnect::Connection.AttachPoint": { + "additionalProperties": false, + "properties": { + "Arn": { + "type": "string" + }, + "DirectConnectGateway": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::Interconnect::Connection.Provider": { + "additionalProperties": false, + "properties": { + "CloudServiceProvider": { + "type": "string" + }, + "LastMileProvider": { + "type": "string" + } + }, + "type": "object" + }, "AWS::InternetMonitor::Monitor": { "additionalProperties": false, "properties": { @@ -194231,6 +198034,9 @@ "Properties": { "additionalProperties": false, "properties": { + "BearerTokenAuthenticationEnabled": { + "type": "boolean" + }, "DataProtectionPolicy": { "markdownDescription": "Creates a data protection policy and assigns it to the log group. A data protection policy can help safeguard sensitive data that's ingested by the log group by auditing and masking the sensitive log data. When a user who does not have permission to view masked data views a log event that includes masked data, the sensitive data is replaced by asterisks.", "title": "DataProtectionPolicy", @@ -200338,6 +204144,9 @@ "title": "AvailabilityZone", "type": "string" }, + "EncodingConfig": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.EncodingConfig" + }, "FlowSize": { "markdownDescription": "Determines the processing capacity and feature set of the flow. Set this optional parameter to LARGE if you want to enable NDI outputs on the flow.", "title": "FlowSize", @@ -200381,6 +204190,12 @@ "markdownDescription": "The settings for source monitoring.", "title": "SourceMonitoringConfig" }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, "VpcInterfaces": { "items": { "$ref": "#/definitions/AWS::MediaConnect::Flow.VpcInterface" @@ -200444,6 +204259,18 @@ }, "type": "object" }, + "AWS::MediaConnect::Flow.EncodingConfig": { + "additionalProperties": false, + "properties": { + "EncodingProfile": { + "type": "string" + }, + "VideoMaxBitrate": { + "type": "number" + } + }, + "type": "object" + }, "AWS::MediaConnect::Flow.Encryption": { "additionalProperties": false, "properties": { @@ -200452,31 +204279,11 @@ "title": "Algorithm", "type": "string" }, - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", - "title": "ConstantInitializationVector", - "type": "string" - }, - "DeviceId": { - "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "DeviceId", - "type": "string" - }, "KeyType": { "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", "title": "KeyType", "type": "string" }, - "Region": { - "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Region", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "ResourceId", - "type": "string" - }, "RoleArn": { "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", "title": "RoleArn", @@ -200486,11 +204293,6 @@ "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", "title": "SecretArn", "type": "string" - }, - "Url": { - "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Url", - "type": "string" } }, "required": [ @@ -200727,6 +204529,12 @@ "title": "MediaStreamType", "type": "string" }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, "VideoFormat": { "markdownDescription": "The resolution of the video.", "title": "VideoFormat", @@ -200833,6 +204641,15 @@ ], "type": "object" }, + "AWS::MediaConnect::Flow.NdiSourceSettings": { + "additionalProperties": false, + "properties": { + "SourceName": { + "type": "string" + } + }, + "type": "object" + }, "AWS::MediaConnect::Flow.SecretsManagerEncryptionKeyConfiguration": { "additionalProperties": false, "properties": { @@ -200935,6 +204752,9 @@ "title": "Name", "type": "string" }, + "NdiSourceSettings": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.NdiSourceSettings" + }, "Protocol": { "markdownDescription": "The protocol that is used by the source. AWS CloudFormation does not currently support CDI or ST 2110 JPEG XS source protocols.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", "title": "Protocol", @@ -200950,16 +204770,6 @@ "markdownDescription": "The decryption configuration for the flow source when router integration is enabled.", "title": "RouterIntegrationTransitDecryption" }, - "SenderControlPort": { - "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", - "title": "SenderControlPort", - "type": "number" - }, - "SenderIpAddress": { - "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", - "title": "SenderIpAddress", - "type": "string" - }, "SourceArn": { "markdownDescription": "The ARN of the source.", "title": "SourceArn", @@ -200985,6 +204795,12 @@ "title": "StreamId", "type": "string" }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, "VpcInterfaceName": { "markdownDescription": "The name of the VPC interface that is used for this source.", "title": "VpcInterfaceName", @@ -201098,6 +204914,12 @@ "markdownDescription": "Subnet must be in the AZ of the Flow.", "title": "SubnetId", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" } }, "required": [ @@ -201191,6 +205013,12 @@ "markdownDescription": "The AWS account IDs that you want to share your content with. The receiving accounts (subscribers) will be allowed to create their own flows using your content as the source.", "title": "Subscribers", "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" } }, "required": [ @@ -201230,31 +205058,11 @@ "title": "Algorithm", "type": "string" }, - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", - "title": "ConstantInitializationVector", - "type": "string" - }, - "DeviceId": { - "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "DeviceId", - "type": "string" - }, "KeyType": { "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", "title": "KeyType", "type": "string" }, - "Region": { - "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Region", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "ResourceId", - "type": "string" - }, "RoleArn": { "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", "title": "RoleArn", @@ -201264,11 +205072,6 @@ "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", "title": "SecretArn", "type": "string" - }, - "Url": { - "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Url", - "type": "string" } }, "required": [ @@ -201413,6 +205216,12 @@ "title": "StreamId", "type": "string" }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, "VpcInterfaceAttachment": { "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.VpcInterfaceAttachment", "markdownDescription": "The name of the VPC interface attachment to use for this output.", @@ -201678,11 +205487,6 @@ "title": "Description", "type": "string" }, - "EntitlementArn": { - "markdownDescription": "The ARN of the entitlement that allows you to subscribe to this flow. The entitlement is set by the flow originator, and the ARN is generated as part of the originator's flow.", - "title": "EntitlementArn", - "type": "string" - }, "FlowArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the flow this source is connected to. The flow must have Failover enabled to add an additional source.", "title": "FlowArn", @@ -201723,16 +205527,6 @@ "title": "Protocol", "type": "string" }, - "SenderControlPort": { - "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", - "title": "SenderControlPort", - "type": "number" - }, - "SenderIpAddress": { - "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", - "title": "SenderIpAddress", - "type": "string" - }, "SourceListenerAddress": { "markdownDescription": "Source IP or domain name for SRT-caller protocol.", "title": "SourceListenerAddress", @@ -201748,6 +205542,12 @@ "title": "StreamId", "type": "string" }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, "VpcInterfaceName": { "markdownDescription": "The name of the VPC interface to use for this source.", "title": "VpcInterfaceName", @@ -201761,6 +205561,7 @@ }, "required": [ "Description", + "FlowArn", "Name" ], "type": "object" @@ -201794,31 +205595,11 @@ "title": "Algorithm", "type": "string" }, - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", - "title": "ConstantInitializationVector", - "type": "string" - }, - "DeviceId": { - "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "DeviceId", - "type": "string" - }, "KeyType": { "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", "title": "KeyType", "type": "string" }, - "Region": { - "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Region", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "ResourceId", - "type": "string" - }, "RoleArn": { "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", "title": "RoleArn", @@ -201828,11 +205609,6 @@ "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", "title": "SecretArn", "type": "string" - }, - "Url": { - "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Url", - "type": "string" } }, "required": [ @@ -203674,6 +207450,9 @@ "markdownDescription": "The encoding configuration for the output content.", "title": "EncoderSettings" }, + "InferenceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InferenceSettings" + }, "InputAttachments": { "items": { "$ref": "#/definitions/AWS::MediaLive::Channel.InputAttachment" @@ -206889,6 +210668,15 @@ "properties": {}, "type": "object" }, + "AWS::MediaLive::Channel.InferenceSettings": { + "additionalProperties": false, + "properties": { + "FeedArn": { + "type": "string" + } + }, + "type": "object" + }, "AWS::MediaLive::Channel.InputAttachment": { "additionalProperties": false, "properties": { @@ -211550,12 +215338,6 @@ "type": "string" } }, - "required": [ - "Id", - "Password", - "Url", - "Username" - ], "type": "object" }, "AWS::MediaPackage::Channel.LogConfiguration": { @@ -221415,6 +225197,12 @@ "title": "DisplayName", "type": "string" }, + "IamRoles": { + "items": { + "$ref": "#/definitions/AWS::ODB::CloudAutonomousVmCluster.IamRole" + }, + "type": "array" + }, "IsMtlsEnabledVmCluster": { "markdownDescription": "Specifies whether mutual TLS (mTLS) authentication is enabled for the Autonomous VM cluster.", "title": "IsMtlsEnabledVmCluster", @@ -221491,6 +225279,21 @@ ], "type": "object" }, + "AWS::ODB::CloudAutonomousVmCluster.IamRole": { + "additionalProperties": false, + "properties": { + "AwsIntegration": { + "type": "string" + }, + "IamRoleArn": { + "type": "string" + }, + "Status": { + "type": "string" + } + }, + "type": "object" + }, "AWS::ODB::CloudAutonomousVmCluster.MaintenanceWindow": { "additionalProperties": false, "properties": { @@ -221828,6 +225631,12 @@ "title": "Hostname", "type": "string" }, + "IamRoles": { + "items": { + "$ref": "#/definitions/AWS::ODB::CloudVmCluster.IamRole" + }, + "type": "array" + }, "IsLocalBackupEnabled": { "markdownDescription": "Specifies whether database backups to local Exadata storage are enabled for the VM cluster.", "title": "IsLocalBackupEnabled", @@ -222020,6 +225829,21 @@ ], "type": "object" }, + "AWS::ODB::CloudVmCluster.IamRole": { + "additionalProperties": false, + "properties": { + "AwsIntegration": { + "type": "string" + }, + "IamRoleArn": { + "type": "string" + }, + "Status": { + "type": "string" + } + }, + "type": "object" + }, "AWS::ODB::OdbNetwork": { "additionalProperties": false, "properties": { @@ -222075,6 +225899,12 @@ "title": "ClientSubnetCidr", "type": "string" }, + "CrossRegionS3RestoreSources": { + "items": { + "type": "string" + }, + "type": "array" + }, "CustomDomainName": { "markdownDescription": "The domain name for the resources in the ODB network.", "title": "CustomDomainName", @@ -222095,6 +225925,12 @@ "title": "DisplayName", "type": "string" }, + "KmsAccess": { + "type": "string" + }, + "KmsPolicyDocument": { + "type": "string" + }, "S3Access": { "markdownDescription": "The configuration for Amazon S3 access from the ODB network.", "title": "S3Access", @@ -222105,6 +225941,12 @@ "title": "S3PolicyDocument", "type": "string" }, + "StsAccess": { + "type": "string" + }, + "StsPolicyDocument": { + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -222141,6 +225983,45 @@ ], "type": "object" }, + "AWS::ODB::OdbNetwork.CrossRegionS3RestoreSourcesAccess": { + "additionalProperties": false, + "properties": { + "Ipv4Addresses": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Region": { + "type": "string" + }, + "Status": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::ODB::OdbNetwork.KmsAccess": { + "additionalProperties": false, + "properties": { + "DomainName": { + "type": "string" + }, + "Ipv4Addresses": { + "items": { + "type": "string" + }, + "type": "array" + }, + "KmsPolicyDocument": { + "type": "string" + }, + "Status": { + "type": "string" + } + }, + "type": "object" + }, "AWS::ODB::OdbNetwork.ManagedS3BackupAccess": { "additionalProperties": false, "properties": { @@ -222163,6 +226044,15 @@ "AWS::ODB::OdbNetwork.ManagedServices": { "additionalProperties": false, "properties": { + "CrossRegionS3RestoreSourcesAccess": { + "items": { + "$ref": "#/definitions/AWS::ODB::OdbNetwork.CrossRegionS3RestoreSourcesAccess" + }, + "type": "array" + }, + "KmsAccess": { + "$ref": "#/definitions/AWS::ODB::OdbNetwork.KmsAccess" + }, "ManagedS3BackupAccess": { "$ref": "#/definitions/AWS::ODB::OdbNetwork.ManagedS3BackupAccess", "markdownDescription": "The managed Amazon S3 backup access configuration.", @@ -222196,6 +226086,9 @@ "markdownDescription": "The service network endpoint configuration.", "title": "ServiceNetworkEndpoint" }, + "StsAccess": { + "$ref": "#/definitions/AWS::ODB::OdbNetwork.StsAccess" + }, "ZeroEtlAccess": { "$ref": "#/definitions/AWS::ODB::OdbNetwork.ZeroEtlAccess", "markdownDescription": "The Zero-ETL access configuration.", @@ -222249,6 +226142,27 @@ }, "type": "object" }, + "AWS::ODB::OdbNetwork.StsAccess": { + "additionalProperties": false, + "properties": { + "DomainName": { + "type": "string" + }, + "Ipv4Addresses": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Status": { + "type": "string" + }, + "StsPolicyDocument": { + "type": "string" + } + }, + "type": "object" + }, "AWS::ODB::OdbNetwork.ZeroEtlAccess": { "additionalProperties": false, "properties": { @@ -222323,6 +226237,12 @@ "title": "PeerNetworkId", "type": "string" }, + "PeerNetworkRouteTableIds": { + "items": { + "type": "string" + }, + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -222995,6 +226915,9 @@ "markdownDescription": "Configuration defining the backup region and an optional KMS key for the backup destination.", "title": "BackupConfiguration" }, + "LogGroupNameConfiguration": { + "$ref": "#/definitions/AWS::ObservabilityAdmin::OrganizationCentralizationRule.LogGroupNameConfiguration" + }, "LogsEncryptionConfiguration": { "$ref": "#/definitions/AWS::ObservabilityAdmin::OrganizationCentralizationRule.LogsEncryptionConfiguration", "markdownDescription": "The encryption configuration for centralization destination log groups.", @@ -223003,6 +226926,18 @@ }, "type": "object" }, + "AWS::ObservabilityAdmin::OrganizationCentralizationRule.LogGroupNameConfiguration": { + "additionalProperties": false, + "properties": { + "LogGroupNamePattern": { + "type": "string" + } + }, + "required": [ + "LogGroupNamePattern" + ], + "type": "object" + }, "AWS::ObservabilityAdmin::OrganizationCentralizationRule.LogsBackupConfiguration": { "additionalProperties": false, "properties": { @@ -223049,6 +226984,9 @@ "AWS::ObservabilityAdmin::OrganizationCentralizationRule.SourceLogsConfiguration": { "additionalProperties": false, "properties": { + "DataSourceSelectionCriteria": { + "type": "string" + }, "EncryptedLogGroupStrategy": { "markdownDescription": "A strategy determining whether to centralize source log groups that are encrypted with customer managed KMS keys (CMK). ALLOW will consider CMK encrypted source log groups for centralization while SKIP will skip CMK encrypted source log groups from centralization.", "title": "EncryptedLogGroupStrategy", @@ -223061,8 +226999,7 @@ } }, "required": [ - "EncryptedLogGroupStrategy", - "LogGroupSelectionCriteria" + "EncryptedLogGroupStrategy" ], "type": "object" }, @@ -223644,6 +227581,67 @@ ], "type": "object" }, + "AWS::ObservabilityAdmin::TelemetryEnrichment": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Scope": { + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ObservabilityAdmin::TelemetryEnrichment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, "AWS::ObservabilityAdmin::TelemetryPipelines": { "additionalProperties": false, "properties": { @@ -225630,6 +229628,9 @@ "markdownDescription": "The type of collection. Possible values are `SEARCH` , `TIMESERIES` , and `VECTORSEARCH` . For more information, see [Choosing a collection type](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-overview.html#serverless-usecase) .", "title": "Type", "type": "string" + }, + "VectorOptions": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Collection.VectorOptions" } }, "required": [ @@ -225670,6 +229671,126 @@ }, "type": "object" }, + "AWS::OpenSearchServerless::Collection.FipsEndpoints": { + "additionalProperties": false, + "properties": { + "CollectionEndpoint": { + "type": "string" + }, + "DashboardEndpoint": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpenSearchServerless::Collection.VectorOptions": { + "additionalProperties": false, + "properties": { + "ServerlessVectorAcceleration": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpenSearchServerless::CollectionGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CapacityLimits": { + "$ref": "#/definitions/AWS::OpenSearchServerless::CollectionGroup.CapacityLimits" + }, + "Description": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "StandbyReplicas": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "Name", + "StandbyReplicas" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchServerless::CollectionGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::OpenSearchServerless::CollectionGroup.CapacityLimits": { + "additionalProperties": false, + "properties": { + "MaxIndexingCapacityInOcu": { + "type": "number" + }, + "MaxSearchCapacityInOcu": { + "type": "number" + }, + "MinIndexingCapacityInOcu": { + "type": "number" + }, + "MinSearchCapacityInOcu": { + "type": "number" + } + }, + "type": "object" + }, "AWS::OpenSearchServerless::Index": { "additionalProperties": false, "properties": { @@ -226388,6 +230509,9 @@ "markdownDescription": "Settings container for integrating IAM Identity Center with OpenSearch UI applications, which enables enabling secure user authentication and access control across multiple data sources. This setup supports single sign-on (SSO) through IAM Identity Center, allowing centralized user management.", "title": "IamIdentityCenterOptions" }, + "KmsKeyArn": { + "type": "string" + }, "Name": { "markdownDescription": "The name of an OpenSearch application.", "title": "Name", @@ -226559,6 +230683,9 @@ "markdownDescription": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.", "title": "CognitoOptions" }, + "DeploymentStrategyOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.DeploymentStrategyOptions" + }, "DomainEndpointOptions": { "$ref": "#/definitions/AWS::OpenSearchService::Domain.DomainEndpointOptions", "markdownDescription": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.", @@ -226837,6 +230964,15 @@ }, "type": "object" }, + "AWS::OpenSearchService::Domain.DeploymentStrategyOptions": { + "additionalProperties": false, + "properties": { + "DeploymentStrategy": { + "type": "string" + } + }, + "type": "object" + }, "AWS::OpenSearchService::Domain.DomainEndpointOptions": { "additionalProperties": false, "properties": { @@ -230721,6 +234857,9 @@ }, "title": "Tags", "type": "object" + }, + "VpcEndpointId": { + "type": "string" } }, "required": [ @@ -230943,6 +235082,22 @@ ], "type": "object" }, + "AWS::PCS::Cluster.CgroupCustomSetting": { + "additionalProperties": false, + "properties": { + "ParameterName": { + "type": "string" + }, + "ParameterValue": { + "type": "string" + } + }, + "required": [ + "ParameterName", + "ParameterValue" + ], + "type": "object" + }, "AWS::PCS::Cluster.Endpoint": { "additionalProperties": false, "properties": { @@ -231086,6 +235241,12 @@ "markdownDescription": "The shared Slurm key for authentication, also known as the *cluster secret* .", "title": "AuthKey" }, + "CgroupCustomSettings": { + "items": { + "$ref": "#/definitions/AWS::PCS::Cluster.CgroupCustomSetting" + }, + "type": "array" + }, "JwtAuth": { "$ref": "#/definitions/AWS::PCS::Cluster.JwtAuth", "markdownDescription": "The JWT authentication configuration for Slurm REST API access.", @@ -231108,6 +235269,12 @@ "$ref": "#/definitions/AWS::PCS::Cluster.SlurmRest", "markdownDescription": "The Slurm REST API configuration for the cluster.", "title": "SlurmRest" + }, + "SlurmdbdCustomSettings": { + "items": { + "$ref": "#/definitions/AWS::PCS::Cluster.SlurmdbdCustomSetting" + }, + "type": "array" } }, "type": "object" @@ -231146,236 +235313,13 @@ ], "type": "object" }, - "AWS::PCS::ComputeNodeGroup": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AmiId": { - "markdownDescription": "The ID of the Amazon Machine Image (AMI) that AWS PCS uses to launch instances. If not provided, AWS PCS uses the AMI ID specified in the custom launch template.", - "title": "AmiId", - "type": "string" - }, - "ClusterId": { - "markdownDescription": "The ID of the cluster of the compute node group.", - "title": "ClusterId", - "type": "string" - }, - "CustomLaunchTemplate": { - "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.CustomLaunchTemplate", - "markdownDescription": "An Amazon EC2 launch template AWS PCS uses to launch compute nodes.", - "title": "CustomLaunchTemplate" - }, - "IamInstanceProfileArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM instance profile used to pass an IAM role when launching EC2 instances. The role contained in your instance profile must have the `pcs:RegisterComputeNodeGroupInstance` permission and the role name must start with `AWSPCS` or must have the path `/aws-pcs/` . For more information, see [IAM instance profiles for AWS PCS](https://docs.aws.amazon.com//pcs/latest/userguide/security-instance-profiles.html) in the *AWS PCS User Guide* .", - "title": "IamInstanceProfileArn", - "type": "string" - }, - "InstanceConfigs": { - "items": { - "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.InstanceConfig" - }, - "markdownDescription": "A list of EC2 instance configurations that AWS PCS can provision in the compute node group.", - "title": "InstanceConfigs", - "type": "array" - }, - "Name": { - "markdownDescription": "The name that identifies the compute node group.", - "title": "Name", - "type": "string" - }, - "PurchaseOption": { - "markdownDescription": "Specifies how EC2 instances are purchased on your behalf. AWS PCS supports On-Demand Instances, Spot Instances, and Amazon EC2 Capacity Blocks for ML. For more information, see [Amazon EC2 billing and purchasing options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-purchasing-options.html) in the *Amazon Elastic Compute Cloud User Guide* . For more information about AWS PCS support for Capacity Blocks, see [Using Amazon EC2 Capacity Blocks for ML with AWS PCS](https://docs.aws.amazon.com/pcs/latest/userguide/capacity-blocks.html) in the *AWS PCS User Guide* . If you don't provide this option, it defaults to On-Demand.", - "title": "PurchaseOption", - "type": "string" - }, - "ScalingConfiguration": { - "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.ScalingConfiguration", - "markdownDescription": "Specifies the boundaries of the compute node group auto scaling.", - "title": "ScalingConfiguration" - }, - "SlurmConfiguration": { - "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SlurmConfiguration", - "markdownDescription": "Additional options related to the Slurm scheduler.", - "title": "SlurmConfiguration" - }, - "SpotOptions": { - "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SpotOptions", - "markdownDescription": "Additional configuration when you specify `SPOT` as the `purchaseOption` for the `CreateComputeNodeGroup` API action.", - "title": "SpotOptions" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of subnet IDs where instances are provisioned by the compute node group. The subnets must be in the same VPC as the cluster.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "1 or more tags added to the resource. Each tag consists of a tag key and tag value. The tag value is optional and can be an empty string.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } - }, - "required": [ - "ClusterId", - "CustomLaunchTemplate", - "IamInstanceProfileArn", - "InstanceConfigs", - "ScalingConfiguration", - "SubnetIds" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::PCS::ComputeNodeGroup" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::PCS::ComputeNodeGroup.CustomLaunchTemplate": { - "additionalProperties": false, - "properties": { - "TemplateId": { - "markdownDescription": "The ID of the EC2 launch template to use to provision instances.", - "title": "TemplateId", - "type": "string" - }, - "Version": { - "markdownDescription": "The version of the EC2 launch template to use to provision instances.", - "title": "Version", - "type": "string" - } - }, - "required": [ - "Version" - ], - "type": "object" - }, - "AWS::PCS::ComputeNodeGroup.ErrorInfo": { - "additionalProperties": false, - "properties": { - "Code": { - "markdownDescription": "The short-form error code.", - "title": "Code", - "type": "string" - }, - "Message": { - "markdownDescription": "The detailed error information.", - "title": "Message", - "type": "string" - } - }, - "type": "object" - }, - "AWS::PCS::ComputeNodeGroup.InstanceConfig": { - "additionalProperties": false, - "properties": { - "InstanceType": { - "markdownDescription": "The EC2 instance type that AWS PCS can provision in the compute node group.\n\nExample: `t2.xlarge`", - "title": "InstanceType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::PCS::ComputeNodeGroup.ScalingConfiguration": { - "additionalProperties": false, - "properties": { - "MaxInstanceCount": { - "markdownDescription": "The upper bound of the number of instances allowed in the compute fleet.", - "title": "MaxInstanceCount", - "type": "number" - }, - "MinInstanceCount": { - "markdownDescription": "The lower bound of the number of instances allowed in the compute fleet.", - "title": "MinInstanceCount", - "type": "number" - } - }, - "required": [ - "MaxInstanceCount", - "MinInstanceCount" - ], - "type": "object" - }, - "AWS::PCS::ComputeNodeGroup.SlurmConfiguration": { - "additionalProperties": false, - "properties": { - "SlurmCustomSettings": { - "items": { - "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SlurmCustomSetting" - }, - "markdownDescription": "Additional Slurm-specific configuration that directly maps to Slurm settings.", - "title": "SlurmCustomSettings", - "type": "array" - } - }, - "type": "object" - }, - "AWS::PCS::ComputeNodeGroup.SlurmCustomSetting": { + "AWS::PCS::Cluster.SlurmdbdCustomSetting": { "additionalProperties": false, "properties": { "ParameterName": { - "markdownDescription": "AWS PCS supports custom Slurm settings for clusters, compute node groups, and queues. For more information, see [Configuring custom Slurm settings in AWS PCS](https://docs.aws.amazon.com//pcs/latest/userguide/slurm-custom-settings.html) in the *AWS PCS User Guide* .", - "title": "ParameterName", "type": "string" }, "ParameterValue": { - "markdownDescription": "The values for the configured Slurm settings.", - "title": "ParameterValue", "type": "string" } }, @@ -231385,18 +235329,257 @@ ], "type": "object" }, - "AWS::PCS::ComputeNodeGroup.SpotOptions": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "The Amazon EC2 allocation strategy AWS PCS uses to provision EC2 instances. AWS PCS supports *lowest price* , *capacity optimized* , and *price capacity optimized* . For more information, see [Use allocation strategies to determine how EC2 Fleet or Spot Fleet fulfills Spot and On-Demand capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-allocation-strategy.html) in the *Amazon Elastic Compute Cloud User Guide* . If you don't provide this option, it defaults to *price capacity optimized* .", - "title": "AllocationStrategy", - "type": "string" - } - }, - "type": "object" - }, - "AWS::PCS::Queue": { + "AWS::PCS::ComputeNodeGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AmiId": { + "markdownDescription": "The ID of the Amazon Machine Image (AMI) that AWS PCS uses to launch instances. If not provided, AWS PCS uses the AMI ID specified in the custom launch template.", + "title": "AmiId", + "type": "string" + }, + "ClusterId": { + "markdownDescription": "The ID of the cluster of the compute node group.", + "title": "ClusterId", + "type": "string" + }, + "CustomLaunchTemplate": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.CustomLaunchTemplate", + "markdownDescription": "An Amazon EC2 launch template AWS PCS uses to launch compute nodes.", + "title": "CustomLaunchTemplate" + }, + "IamInstanceProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM instance profile used to pass an IAM role when launching EC2 instances. The role contained in your instance profile must have the `pcs:RegisterComputeNodeGroupInstance` permission and the role name must start with `AWSPCS` or must have the path `/aws-pcs/` . For more information, see [IAM instance profiles for AWS PCS](https://docs.aws.amazon.com//pcs/latest/userguide/security-instance-profiles.html) in the *AWS PCS User Guide* .", + "title": "IamInstanceProfileArn", + "type": "string" + }, + "InstanceConfigs": { + "items": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.InstanceConfig" + }, + "markdownDescription": "A list of EC2 instance configurations that AWS PCS can provision in the compute node group.", + "title": "InstanceConfigs", + "type": "array" + }, + "Name": { + "markdownDescription": "The name that identifies the compute node group.", + "title": "Name", + "type": "string" + }, + "PurchaseOption": { + "markdownDescription": "Specifies how EC2 instances are purchased on your behalf. AWS PCS supports On-Demand Instances, Spot Instances, and Amazon EC2 Capacity Blocks for ML. For more information, see [Amazon EC2 billing and purchasing options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-purchasing-options.html) in the *Amazon Elastic Compute Cloud User Guide* . For more information about AWS PCS support for Capacity Blocks, see [Using Amazon EC2 Capacity Blocks for ML with AWS PCS](https://docs.aws.amazon.com/pcs/latest/userguide/capacity-blocks.html) in the *AWS PCS User Guide* . If you don't provide this option, it defaults to On-Demand.", + "title": "PurchaseOption", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.ScalingConfiguration", + "markdownDescription": "Specifies the boundaries of the compute node group auto scaling.", + "title": "ScalingConfiguration" + }, + "SlurmConfiguration": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SlurmConfiguration", + "markdownDescription": "Additional options related to the Slurm scheduler.", + "title": "SlurmConfiguration" + }, + "SpotOptions": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SpotOptions", + "markdownDescription": "Additional configuration when you specify `SPOT` as the `purchaseOption` for the `CreateComputeNodeGroup` API action.", + "title": "SpotOptions" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnet IDs where instances are provisioned by the compute node group. The subnets must be in the same VPC as the cluster.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "1 or more tags added to the resource. Each tag consists of a tag key and tag value. The tag value is optional and can be an empty string.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ClusterId", + "CustomLaunchTemplate", + "IamInstanceProfileArn", + "InstanceConfigs", + "ScalingConfiguration", + "SubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCS::ComputeNodeGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup.CustomLaunchTemplate": { + "additionalProperties": false, + "properties": { + "TemplateId": { + "markdownDescription": "The ID of the EC2 launch template to use to provision instances.", + "title": "TemplateId", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the EC2 launch template to use to provision instances.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Version" + ], + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup.ErrorInfo": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The short-form error code.", + "title": "Code", + "type": "string" + }, + "Message": { + "markdownDescription": "The detailed error information.", + "title": "Message", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup.InstanceConfig": { + "additionalProperties": false, + "properties": { + "InstanceType": { + "markdownDescription": "The EC2 instance type that AWS PCS can provision in the compute node group.\n\nExample: `t2.xlarge`", + "title": "InstanceType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup.ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxInstanceCount": { + "markdownDescription": "The upper bound of the number of instances allowed in the compute fleet.", + "title": "MaxInstanceCount", + "type": "number" + }, + "MinInstanceCount": { + "markdownDescription": "The lower bound of the number of instances allowed in the compute fleet.", + "title": "MinInstanceCount", + "type": "number" + } + }, + "required": [ + "MaxInstanceCount", + "MinInstanceCount" + ], + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup.SlurmConfiguration": { + "additionalProperties": false, + "properties": { + "SlurmCustomSettings": { + "items": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SlurmCustomSetting" + }, + "markdownDescription": "Additional Slurm-specific configuration that directly maps to Slurm settings.", + "title": "SlurmCustomSettings", + "type": "array" + } + }, + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup.SlurmCustomSetting": { + "additionalProperties": false, + "properties": { + "ParameterName": { + "markdownDescription": "AWS PCS supports custom Slurm settings for clusters, compute node groups, and queues. For more information, see [Configuring custom Slurm settings in AWS PCS](https://docs.aws.amazon.com//pcs/latest/userguide/slurm-custom-settings.html) in the *AWS PCS User Guide* .", + "title": "ParameterName", + "type": "string" + }, + "ParameterValue": { + "markdownDescription": "The values for the configured Slurm settings.", + "title": "ParameterValue", + "type": "string" + } + }, + "required": [ + "ParameterName", + "ParameterValue" + ], + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup.SpotOptions": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "The Amazon EC2 allocation strategy AWS PCS uses to provision EC2 instances. AWS PCS supports *lowest price* , *capacity optimized* , and *price capacity optimized* . For more information, see [Use allocation strategies to determine how EC2 Fleet or Spot Fleet fulfills Spot and On-Demand capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-allocation-strategy.html) in the *Amazon Elastic Compute Cloud User Guide* . If you don't provide this option, it defaults to *price capacity optimized* .", + "title": "AllocationStrategy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PCS::Queue": { "additionalProperties": false, "properties": { "Condition": { @@ -251331,7 +255514,7 @@ "type": "array" }, "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick Suite user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick Suite user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick Suite ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", "title": "Principal", "type": "string" } @@ -254945,17 +259128,89 @@ "title": "AddOrRunAnomalyDetectionForAnalyses", "type": "string" }, + "AmazonBedrockARSAction": { + "type": "string" + }, + "AmazonBedrockFSAction": { + "type": "string" + }, + "AmazonBedrockKRSAction": { + "type": "string" + }, + "AmazonSThreeAction": { + "type": "string" + }, "Analysis": { "markdownDescription": "The ability to perform analysis-related actions.", "title": "Analysis", "type": "string" }, + "ApproveFlowShareRequests": { + "type": "string" + }, + "AsanaAction": { + "type": "string" + }, "Automate": { "type": "string" }, + "BambooHRAction": { + "type": "string" + }, + "BoxAgentAction": { + "type": "string" + }, + "BuildCalculatedFieldWithQ": { + "type": "string" + }, + "CanvaAgentAction": { + "type": "string" + }, "ChatAgent": { "type": "string" }, + "ComprehendAction": { + "type": "string" + }, + "ComprehendMedicalAction": { + "type": "string" + }, + "ConfluenceAction": { + "type": "string" + }, + "CreateAndUpdateAmazonBedrockARSAction": { + "type": "string" + }, + "CreateAndUpdateAmazonBedrockFSAction": { + "type": "string" + }, + "CreateAndUpdateAmazonBedrockKRSAction": { + "type": "string" + }, + "CreateAndUpdateAmazonSThreeAction": { + "type": "string" + }, + "CreateAndUpdateAsanaAction": { + "type": "string" + }, + "CreateAndUpdateBambooHRAction": { + "type": "string" + }, + "CreateAndUpdateBoxAgentAction": { + "type": "string" + }, + "CreateAndUpdateCanvaAgentAction": { + "type": "string" + }, + "CreateAndUpdateComprehendAction": { + "type": "string" + }, + "CreateAndUpdateComprehendMedicalAction": { + "type": "string" + }, + "CreateAndUpdateConfluenceAction": { + "type": "string" + }, "CreateAndUpdateDashboardEmailReports": { "markdownDescription": "The ability to create and update email reports.", "title": "CreateAndUpdateDashboardEmailReports", @@ -254971,6 +259226,102 @@ "title": "CreateAndUpdateDatasets", "type": "string" }, + "CreateAndUpdateFactSetAction": { + "type": "string" + }, + "CreateAndUpdateGenericHTTPAction": { + "type": "string" + }, + "CreateAndUpdateGithubAction": { + "type": "string" + }, + "CreateAndUpdateGoogleCalendarAction": { + "type": "string" + }, + "CreateAndUpdateHubspotAction": { + "type": "string" + }, + "CreateAndUpdateHuggingFaceAction": { + "type": "string" + }, + "CreateAndUpdateIntercomAction": { + "type": "string" + }, + "CreateAndUpdateJiraAction": { + "type": "string" + }, + "CreateAndUpdateKnowledgeBases": { + "type": "string" + }, + "CreateAndUpdateLinearAction": { + "type": "string" + }, + "CreateAndUpdateMCPAction": { + "type": "string" + }, + "CreateAndUpdateMSExchangeAction": { + "type": "string" + }, + "CreateAndUpdateMSTeamsAction": { + "type": "string" + }, + "CreateAndUpdateMondayAction": { + "type": "string" + }, + "CreateAndUpdateNewRelicAction": { + "type": "string" + }, + "CreateAndUpdateNotionAction": { + "type": "string" + }, + "CreateAndUpdateOneDriveAction": { + "type": "string" + }, + "CreateAndUpdateOpenAPIAction": { + "type": "string" + }, + "CreateAndUpdatePagerDutyAction": { + "type": "string" + }, + "CreateAndUpdateSAPBillOfMaterialAction": { + "type": "string" + }, + "CreateAndUpdateSAPBusinessPartnerAction": { + "type": "string" + }, + "CreateAndUpdateSAPMaterialStockAction": { + "type": "string" + }, + "CreateAndUpdateSAPPhysicalInventoryAction": { + "type": "string" + }, + "CreateAndUpdateSAPProductMasterDataAction": { + "type": "string" + }, + "CreateAndUpdateSalesforceAction": { + "type": "string" + }, + "CreateAndUpdateSandPGMIAction": { + "type": "string" + }, + "CreateAndUpdateSandPGlobalEnergyAction": { + "type": "string" + }, + "CreateAndUpdateServiceNowAction": { + "type": "string" + }, + "CreateAndUpdateSharePointAction": { + "type": "string" + }, + "CreateAndUpdateSlackAction": { + "type": "string" + }, + "CreateAndUpdateSmartsheetAction": { + "type": "string" + }, + "CreateAndUpdateTextractAction": { + "type": "string" + }, "CreateAndUpdateThemes": { "markdownDescription": "The ability to export to Create and Update themes.", "title": "CreateAndUpdateThemes", @@ -254981,9 +259332,15 @@ "title": "CreateAndUpdateThresholdAlerts", "type": "string" }, + "CreateAndUpdateZendeskAction": { + "type": "string" + }, "CreateChatAgents": { "type": "string" }, + "CreateDashboardExecutiveSummaryWithQ": { + "type": "string" + }, "CreateSPICEDataset": { "markdownDescription": "The ability to create a SPICE dataset.", "title": "CreateSPICEDataset", @@ -254999,6 +259356,9 @@ "title": "Dashboard", "type": "string" }, + "EditVisualWithQ": { + "type": "string" + }, "ExportToCsv": { "markdownDescription": "The ability to export to CSV files from the UI.", "title": "ExportToCsv", @@ -255029,17 +259389,77 @@ "title": "ExportToPdfInScheduledReports", "type": "string" }, + "Extension": { + "type": "string" + }, + "FactSetAction": { + "type": "string" + }, "Flow": { "type": "string" }, + "GenericHTTPAction": { + "type": "string" + }, + "GithubAction": { + "type": "string" + }, + "GoogleCalendarAction": { + "type": "string" + }, + "HubspotAction": { + "type": "string" + }, + "HuggingFaceAction": { + "type": "string" + }, "IncludeContentInScheduledReportsEmail": { "markdownDescription": "The ability to include content in scheduled email reports.", "title": "IncludeContentInScheduledReportsEmail", "type": "string" }, + "IntercomAction": { + "type": "string" + }, + "JiraAction": { + "type": "string" + }, "KnowledgeBase": { "type": "string" }, + "LinearAction": { + "type": "string" + }, + "MCPAction": { + "type": "string" + }, + "MSExchangeAction": { + "type": "string" + }, + "MSTeamsAction": { + "type": "string" + }, + "ManageSharedFolders": { + "type": "string" + }, + "MondayAction": { + "type": "string" + }, + "NewRelicAction": { + "type": "string" + }, + "NotionAction": { + "type": "string" + }, + "OneDriveAction": { + "type": "string" + }, + "OpenAPIAction": { + "type": "string" + }, + "PagerDutyAction": { + "type": "string" + }, "PerformFlowUiTask": { "type": "string" }, @@ -255059,11 +259479,71 @@ "Research": { "type": "string" }, + "SAPBillOfMaterialAction": { + "type": "string" + }, + "SAPBusinessPartnerAction": { + "type": "string" + }, + "SAPMaterialStockAction": { + "type": "string" + }, + "SAPPhysicalInventoryAction": { + "type": "string" + }, + "SAPProductMasterDataAction": { + "type": "string" + }, + "SalesforceAction": { + "type": "string" + }, + "SandPGMIAction": { + "type": "string" + }, + "SandPGlobalEnergyAction": { + "type": "string" + }, + "ServiceNowAction": { + "type": "string" + }, + "ShareAmazonBedrockARSAction": { + "type": "string" + }, + "ShareAmazonBedrockFSAction": { + "type": "string" + }, + "ShareAmazonBedrockKRSAction": { + "type": "string" + }, + "ShareAmazonSThreeAction": { + "type": "string" + }, "ShareAnalyses": { "markdownDescription": "The ability to share analyses.", "title": "ShareAnalyses", "type": "string" }, + "ShareAsanaAction": { + "type": "string" + }, + "ShareBambooHRAction": { + "type": "string" + }, + "ShareBoxAgentAction": { + "type": "string" + }, + "ShareCanvaAgentAction": { + "type": "string" + }, + "ShareComprehendAction": { + "type": "string" + }, + "ShareComprehendMedicalAction": { + "type": "string" + }, + "ShareConfluenceAction": { + "type": "string" + }, "ShareDashboards": { "markdownDescription": "The ability to share dashboards.", "title": "ShareDashboards", @@ -255079,6 +259559,114 @@ "title": "ShareDatasets", "type": "string" }, + "ShareFactSetAction": { + "type": "string" + }, + "ShareGenericHTTPAction": { + "type": "string" + }, + "ShareGithubAction": { + "type": "string" + }, + "ShareGoogleCalendarAction": { + "type": "string" + }, + "ShareHubspotAction": { + "type": "string" + }, + "ShareHuggingFaceAction": { + "type": "string" + }, + "ShareIntercomAction": { + "type": "string" + }, + "ShareJiraAction": { + "type": "string" + }, + "ShareKnowledgeBases": { + "type": "string" + }, + "ShareLinearAction": { + "type": "string" + }, + "ShareMCPAction": { + "type": "string" + }, + "ShareMSExchangeAction": { + "type": "string" + }, + "ShareMSTeamsAction": { + "type": "string" + }, + "ShareMondayAction": { + "type": "string" + }, + "ShareNewRelicAction": { + "type": "string" + }, + "ShareNotionAction": { + "type": "string" + }, + "ShareOneDriveAction": { + "type": "string" + }, + "ShareOpenAPIAction": { + "type": "string" + }, + "SharePagerDutyAction": { + "type": "string" + }, + "SharePointAction": { + "type": "string" + }, + "ShareSAPBillOfMaterialAction": { + "type": "string" + }, + "ShareSAPBusinessPartnerAction": { + "type": "string" + }, + "ShareSAPMaterialStockAction": { + "type": "string" + }, + "ShareSAPPhysicalInventoryAction": { + "type": "string" + }, + "ShareSAPProductMasterDataAction": { + "type": "string" + }, + "ShareSalesforceAction": { + "type": "string" + }, + "ShareSandPGMIAction": { + "type": "string" + }, + "ShareSandPGlobalEnergyAction": { + "type": "string" + }, + "ShareServiceNowAction": { + "type": "string" + }, + "ShareSharePointAction": { + "type": "string" + }, + "ShareSlackAction": { + "type": "string" + }, + "ShareSmartsheetAction": { + "type": "string" + }, + "ShareTextractAction": { + "type": "string" + }, + "ShareZendeskAction": { + "type": "string" + }, + "SlackAction": { + "type": "string" + }, + "SmartsheetAction": { + "type": "string" + }, "Space": { "type": "string" }, @@ -255087,16 +259675,154 @@ "title": "SubscribeDashboardEmailReports", "type": "string" }, + "TextractAction": { + "type": "string" + }, + "Topic": { + "type": "string" + }, "UseAgentWebSearch": { "type": "string" }, + "UseAmazonBedrockARSAction": { + "type": "string" + }, + "UseAmazonBedrockFSAction": { + "type": "string" + }, + "UseAmazonBedrockKRSAction": { + "type": "string" + }, + "UseAmazonSThreeAction": { + "type": "string" + }, + "UseAsanaAction": { + "type": "string" + }, + "UseBambooHRAction": { + "type": "string" + }, "UseBedrockModels": { "type": "string" }, + "UseBoxAgentAction": { + "type": "string" + }, + "UseCanvaAgentAction": { + "type": "string" + }, + "UseComprehendAction": { + "type": "string" + }, + "UseComprehendMedicalAction": { + "type": "string" + }, + "UseConfluenceAction": { + "type": "string" + }, + "UseFactSetAction": { + "type": "string" + }, + "UseGenericHTTPAction": { + "type": "string" + }, + "UseGithubAction": { + "type": "string" + }, + "UseGoogleCalendarAction": { + "type": "string" + }, + "UseHubspotAction": { + "type": "string" + }, + "UseHuggingFaceAction": { + "type": "string" + }, + "UseIntercomAction": { + "type": "string" + }, + "UseJiraAction": { + "type": "string" + }, + "UseLinearAction": { + "type": "string" + }, + "UseMCPAction": { + "type": "string" + }, + "UseMSExchangeAction": { + "type": "string" + }, + "UseMSTeamsAction": { + "type": "string" + }, + "UseMondayAction": { + "type": "string" + }, + "UseNewRelicAction": { + "type": "string" + }, + "UseNotionAction": { + "type": "string" + }, + "UseOneDriveAction": { + "type": "string" + }, + "UseOpenAPIAction": { + "type": "string" + }, + "UsePagerDutyAction": { + "type": "string" + }, + "UseSAPBillOfMaterialAction": { + "type": "string" + }, + "UseSAPBusinessPartnerAction": { + "type": "string" + }, + "UseSAPMaterialStockAction": { + "type": "string" + }, + "UseSAPPhysicalInventoryAction": { + "type": "string" + }, + "UseSAPProductMasterDataAction": { + "type": "string" + }, + "UseSalesforceAction": { + "type": "string" + }, + "UseSandPGMIAction": { + "type": "string" + }, + "UseSandPGlobalEnergyAction": { + "type": "string" + }, + "UseServiceNowAction": { + "type": "string" + }, + "UseSharePointAction": { + "type": "string" + }, + "UseSlackAction": { + "type": "string" + }, + "UseSmartsheetAction": { + "type": "string" + }, + "UseTextractAction": { + "type": "string" + }, + "UseZendeskAction": { + "type": "string" + }, "ViewAccountSPICECapacity": { "markdownDescription": "The ability to view account SPICE capacity.", "title": "ViewAccountSPICECapacity", "type": "string" + }, + "ZendeskAction": { + "type": "string" } }, "type": "object" @@ -266106,7 +270832,7 @@ "type": "array" }, "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick Suite user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick Suite user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick Suite ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", "title": "Principal", "type": "string" } @@ -270066,7 +274792,7 @@ "items": { "type": "string" }, - "markdownDescription": "An array of Amazon Resource Names (ARNs) for Quick Suite users or groups.", + "markdownDescription": "An array of Amazon Resource Names (ARNs) for Quick users or groups.", "title": "Principals", "type": "array" } @@ -271425,7 +276151,7 @@ "type": "array" }, "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick Suite user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick Suite user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick Suite ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", "title": "Principal", "type": "string" } @@ -272684,7 +277410,7 @@ "type": "array" }, "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick Suite user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick Suite user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick Suite ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", "title": "Principal", "type": "string" }, @@ -273149,7 +277875,7 @@ "additionalProperties": false, "properties": { "RefreshType": { - "markdownDescription": "The type of refresh that a dataset undergoes. Valid values are as follows:\n\n- `FULL_REFRESH` : A complete refresh of a dataset.\n- `INCREMENTAL_REFRESH` : A partial refresh of some rows of a dataset, based on the time window specified.\n\nFor more information on full and incremental refreshes, see [Refreshing SPICE data](https://docs.aws.amazon.com/quicksight/latest/user/refreshing-imported-data.html) in the *Quick Suite User Guide* .", + "markdownDescription": "The type of refresh that a dataset undergoes. Valid values are as follows:\n\n- `FULL_REFRESH` : A complete refresh of a dataset.\n- `INCREMENTAL_REFRESH` : A partial refresh of some rows of a dataset, based on the time window specified.\n\nFor more information on full and incremental refreshes, see [Refreshing SPICE data](https://docs.aws.amazon.com/quicksight/latest/user/refreshing-imported-data.html) in the *Quick User Guide* .", "title": "RefreshType", "type": "string" }, @@ -282932,7 +287658,7 @@ "type": "array" }, "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick Suite user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick Suite user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick Suite ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", "title": "Principal", "type": "string" } @@ -286734,7 +291460,7 @@ "type": "array" }, "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick Suite user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick Suite user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick Suite ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", "title": "Principal", "type": "string" } @@ -298661,35 +303387,783 @@ "Properties": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", - "title": "Comment", + "Comment": { + "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", + "title": "Comment", + "type": "string" + }, + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneId", + "type": "string" + }, + "HostedZoneName": { + "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneName", + "type": "string" + }, + "RecordSets": { + "items": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.RecordSet" + }, + "markdownDescription": "A complex type that contains one `RecordSet` element for each record that you want to create.", + "title": "RecordSets", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53::RecordSetGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Route53::RecordSetGroup.AliasTarget": { + "additionalProperties": false, + "properties": { + "DNSName": { + "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", + "title": "DNSName", + "type": "string" + }, + "EvaluateTargetHealth": { + "markdownDescription": "*Applies only to alias records with any routing policy:* When `EvaluateTargetHealth` is `true` , an alias record inherits the health of the referenced AWS resource, such as an ELB load balancer or another record in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", + "title": "EvaluateTargetHealth", + "type": "boolean" + }, + "HostedZoneId": { + "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing endpoints and quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", + "title": "HostedZoneId", + "type": "string" + } + }, + "required": [ + "DNSName", + "HostedZoneId" + ], + "type": "object" + }, + "AWS::Route53::RecordSetGroup.CidrRoutingConfig": { + "additionalProperties": false, + "properties": { + "CollectionId": { + "markdownDescription": "The CIDR collection ID.", + "title": "CollectionId", + "type": "string" + }, + "LocationName": { + "markdownDescription": "The CIDR collection location name.", + "title": "LocationName", + "type": "string" + } + }, + "required": [ + "CollectionId", + "LocationName" + ], + "type": "object" + }, + "AWS::Route53::RecordSetGroup.Coordinates": { + "additionalProperties": false, + "properties": { + "Latitude": { + "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", + "title": "Latitude", + "type": "string" + }, + "Longitude": { + "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", + "title": "Longitude", + "type": "string" + } + }, + "required": [ + "Latitude", + "Longitude" + ], + "type": "object" + }, + "AWS::Route53::RecordSetGroup.GeoLocation": { + "additionalProperties": false, + "properties": { + "ContinentCode": { + "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", + "title": "ContinentCode", + "type": "string" + }, + "CountryCode": { + "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", + "title": "CountryCode", + "type": "string" + }, + "SubdivisionCode": { + "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", + "title": "SubdivisionCode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53::RecordSetGroup.GeoProximityLocation": { + "additionalProperties": false, + "properties": { + "AWSRegion": { + "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", + "title": "AWSRegion", + "type": "string" + }, + "Bias": { + "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", + "title": "Bias", + "type": "number" + }, + "Coordinates": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.Coordinates", + "markdownDescription": "Contains the longitude and latitude for a geographic region.", + "title": "Coordinates" + }, + "LocalZoneGroup": { + "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", + "title": "LocalZoneGroup", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53::RecordSetGroup.RecordSet": { + "additionalProperties": false, + "properties": { + "AliasTarget": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.AliasTarget", + "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", + "title": "AliasTarget" + }, + "CidrRoutingConfig": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.CidrRoutingConfig", + "markdownDescription": "", + "title": "CidrRoutingConfig" + }, + "Failover": { + "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", + "title": "Failover", + "type": "string" + }, + "GeoLocation": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoLocation", + "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", + "title": "GeoLocation" + }, + "GeoProximityLocation": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoProximityLocation", + "markdownDescription": "A complex type that contains information about a geographic location.", + "title": "GeoProximityLocation" + }, + "HealthCheckId": { + "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", + "title": "HealthCheckId", + "type": "string" + }, + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .\n\nDo not provide the `HostedZoneId` if it is already defined in `AWS::Route53::RecordSetGroup` . The creation fails if `HostedZoneId` is defined in both.", + "title": "HostedZoneId", + "type": "string" + }, + "HostedZoneName": { + "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneName", + "type": "string" + }, + "MultiValueAnswer": { + "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", + "title": "MultiValueAnswer", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of the record that you want to create, update, or delete.\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", + "title": "Name", + "type": "string" + }, + "Region": { + "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", + "title": "Region", + "type": "string" + }, + "ResourceRecords": { + "items": { + "type": "string" + }, + "markdownDescription": "Information about the records that you want to create. Each record should be in the format appropriate for the record type specified by the `Type` property. For information about different record types and their record formats, see [Values That You Specify When You Create or Edit Amazon Route 53 Records](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values.html) in the *Amazon Route 53 Developer Guide* .", + "title": "ResourceRecords", + "type": "array" + }, + "SetIdentifier": { + "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", + "title": "SetIdentifier", + "type": "string" + }, + "TTL": { + "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", + "title": "TTL", + "type": "string" + }, + "Type": { + "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", + "title": "Type", + "type": "string" + }, + "Weight": { + "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "AWS::Route53GlobalResolver::AccessSource": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Cidr": { + "type": "string" + }, + "ClientToken": { + "type": "string" + }, + "DnsViewId": { + "type": "string" + }, + "IpAddressType": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "Protocol": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "Cidr", + "DnsViewId", + "Protocol" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53GlobalResolver::AccessSource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53GlobalResolver::AccessToken": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClientToken": { + "type": "string" + }, + "DnsViewId": { + "type": "string" + }, + "ExpiresAt": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "DnsViewId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53GlobalResolver::AccessToken" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53GlobalResolver::DnsView": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClientToken": { + "type": "string" + }, + "Description": { + "type": "string" + }, + "DnssecValidation": { + "type": "string" + }, + "EdnsClientSubnet": { + "type": "string" + }, + "FirewallRulesFailOpen": { + "type": "string" + }, + "GlobalResolverId": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "GlobalResolverId", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53GlobalResolver::DnsView" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53GlobalResolver::FirewallDomainList": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClientToken": { + "type": "string" + }, + "Description": { + "type": "string" + }, + "DomainFileUrl": { + "type": "string" + }, + "Domains": { + "items": { + "type": "string" + }, + "type": "array" + }, + "GlobalResolverId": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "GlobalResolverId", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53GlobalResolver::FirewallDomainList" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53GlobalResolver::FirewallRule": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Action": { + "type": "string" + }, + "BlockOverrideDnsType": { + "type": "string" + }, + "BlockOverrideDomain": { + "type": "string" + }, + "BlockOverrideTtl": { + "type": "number" + }, + "BlockResponse": { + "type": "string" + }, + "ClientToken": { + "type": "string" + }, + "ConfidenceThreshold": { + "type": "string" + }, + "Description": { + "type": "string" + }, + "DnsAdvancedProtection": { + "type": "string" + }, + "DnsViewId": { + "type": "string" + }, + "FirewallDomainListId": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "Priority": { + "type": "number" + }, + "QType": { + "type": "string" + } + }, + "required": [ + "Action", + "DnsViewId", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53GlobalResolver::FirewallRule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53GlobalResolver::GlobalResolver": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClientToken": { "type": "string" }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneId", + "Description": { "type": "string" }, - "HostedZoneName": { - "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneName", + "IpAddressType": { "type": "string" }, - "RecordSets": { + "Name": { + "type": "string" + }, + "ObservabilityRegion": { + "type": "string" + }, + "Regions": { "items": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.RecordSet" + "type": "string" + }, + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A complex type that contains one `RecordSet` element for each record that you want to create.", - "title": "RecordSets", "type": "array" } }, + "required": [ + "Name", + "Regions" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53::RecordSetGroup" + "AWS::Route53GlobalResolver::GlobalResolver" ], "type": "string" }, @@ -298703,212 +304177,81 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::Route53::RecordSetGroup.AliasTarget": { - "additionalProperties": false, - "properties": { - "DNSName": { - "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", - "title": "DNSName", - "type": "string" - }, - "EvaluateTargetHealth": { - "markdownDescription": "*Applies only to alias records with any routing policy:* When `EvaluateTargetHealth` is `true` , an alias record inherits the health of the referenced AWS resource, such as an ELB load balancer or another record in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", - "title": "EvaluateTargetHealth", - "type": "boolean" - }, - "HostedZoneId": { - "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing endpoints and quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", - "title": "HostedZoneId", - "type": "string" - } - }, - "required": [ - "DNSName", - "HostedZoneId" - ], - "type": "object" - }, - "AWS::Route53::RecordSetGroup.CidrRoutingConfig": { - "additionalProperties": false, - "properties": { - "CollectionId": { - "markdownDescription": "The CIDR collection ID.", - "title": "CollectionId", - "type": "string" - }, - "LocationName": { - "markdownDescription": "The CIDR collection location name.", - "title": "LocationName", - "type": "string" - } - }, - "required": [ - "CollectionId", - "LocationName" - ], - "type": "object" - }, - "AWS::Route53::RecordSetGroup.Coordinates": { - "additionalProperties": false, - "properties": { - "Latitude": { - "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", - "title": "Latitude", - "type": "string" - }, - "Longitude": { - "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", - "title": "Longitude", - "type": "string" - } - }, - "required": [ - "Latitude", - "Longitude" + "Type", + "Properties" ], "type": "object" }, - "AWS::Route53::RecordSetGroup.GeoLocation": { - "additionalProperties": false, - "properties": { - "ContinentCode": { - "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", - "title": "ContinentCode", - "type": "string" - }, - "CountryCode": { - "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", - "title": "CountryCode", - "type": "string" - }, - "SubdivisionCode": { - "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", - "title": "SubdivisionCode", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Route53::RecordSetGroup.GeoProximityLocation": { + "AWS::Route53GlobalResolver::HostedZoneAssociation": { "additionalProperties": false, "properties": { - "AWSRegion": { - "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", - "title": "AWSRegion", - "type": "string" - }, - "Bias": { - "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", - "title": "Bias", - "type": "number" - }, - "Coordinates": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.Coordinates", - "markdownDescription": "Contains the longitude and latitude for a geographic region.", - "title": "Coordinates" - }, - "LocalZoneGroup": { - "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", - "title": "LocalZoneGroup", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Route53::RecordSetGroup.RecordSet": { - "additionalProperties": false, - "properties": { - "AliasTarget": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.AliasTarget", - "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", - "title": "AliasTarget" - }, - "CidrRoutingConfig": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.CidrRoutingConfig", - "markdownDescription": "", - "title": "CidrRoutingConfig" - }, - "Failover": { - "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", - "title": "Failover", - "type": "string" - }, - "GeoLocation": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoLocation", - "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", - "title": "GeoLocation" - }, - "GeoProximityLocation": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoProximityLocation", - "markdownDescription": "A complex type that contains information about a geographic location.", - "title": "GeoProximityLocation" - }, - "HealthCheckId": { - "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", - "title": "HealthCheckId", - "type": "string" - }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .\n\nDo not provide the `HostedZoneId` if it is already defined in `AWS::Route53::RecordSetGroup` . The creation fails if `HostedZoneId` is defined in both.", - "title": "HostedZoneId", + "Condition": { "type": "string" }, - "HostedZoneName": { - "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MultiValueAnswer": { - "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", - "title": "MultiValueAnswer", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The name of the record that you want to create, update, or delete.\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", - "title": "Name", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Region": { - "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", - "title": "Region", - "type": "string" + "Metadata": { + "type": "object" }, - "ResourceRecords": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "HostedZoneId": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "ResourceArn": { + "type": "string" + } }, - "markdownDescription": "Information about the records that you want to create. Each record should be in the format appropriate for the record type specified by the `Type` property. For information about different record types and their record formats, see [Values That You Specify When You Create or Edit Amazon Route 53 Records](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values.html) in the *Amazon Route 53 Developer Guide* .", - "title": "ResourceRecords", - "type": "array" - }, - "SetIdentifier": { - "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", - "title": "SetIdentifier", - "type": "string" - }, - "TTL": { - "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", - "title": "TTL", - "type": "string" + "required": [ + "HostedZoneId", + "Name", + "ResourceArn" + ], + "type": "object" }, "Type": { - "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", - "title": "Type", + "enum": [ + "AWS::Route53GlobalResolver::HostedZoneAssociation" + ], "type": "string" }, - "Weight": { - "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", - "title": "Weight", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Name", - "Type" + "Type", + "Properties" ], "type": "object" }, @@ -301589,6 +306932,12 @@ "title": "BucketName", "type": "string" }, + "BucketNamePrefix": { + "type": "string" + }, + "BucketNamespace": { + "type": "string" + }, "CorsConfiguration": { "$ref": "#/definitions/AWS::S3::Bucket.CorsConfiguration", "markdownDescription": "Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide* .", @@ -340038,44 +345387,360 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Specifies the text description for the workflow.", - "title": "Description", + "Description": { + "markdownDescription": "Specifies the text description for the workflow.", + "title": "Description", + "type": "string" + }, + "OnExceptionSteps": { + "items": { + "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" + }, + "markdownDescription": "Specifies the steps (actions) to take if errors are encountered during execution of the workflow.", + "title": "OnExceptionSteps", + "type": "array" + }, + "Steps": { + "items": { + "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" + }, + "markdownDescription": "Specifies the details for the steps that are in the specified workflow.", + "title": "Steps", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs that can be used to group and search for workflows. Tags are metadata attached to workflows for any purpose.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Steps" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Transfer::Workflow" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Transfer::Workflow.CopyStepDetails": { + "additionalProperties": false, + "properties": { + "DestinationFileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3FileLocation", + "markdownDescription": "Specifies the location for the file being copied. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", + "title": "DestinationFileLocation" + }, + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "OverwriteExisting": { + "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", + "title": "OverwriteExisting", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.CustomStepDetails": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + }, + "Target": { + "markdownDescription": "The ARN for the Lambda function that is being called.", + "title": "Target", + "type": "string" + }, + "TimeoutSeconds": { + "markdownDescription": "Timeout, in seconds, for the step.", + "title": "TimeoutSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.DecryptStepDetails": { + "additionalProperties": false, + "properties": { + "DestinationFileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.InputFileLocation", + "markdownDescription": "Specifies the location for the file being decrypted. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", + "title": "DestinationFileLocation" + }, + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "OverwriteExisting": { + "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", + "title": "OverwriteExisting", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of encryption used. Currently, this value must be `PGP` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "DestinationFileLocation", + "Type" + ], + "type": "object" + }, + "AWS::Transfer::Workflow.DeleteStepDetails": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.EfsInputFileLocation": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "The identifier of the file system, assigned by Amazon EFS.", + "title": "FileSystemId", + "type": "string" + }, + "Path": { + "markdownDescription": "The pathname for the folder being used by a workflow.", + "title": "Path", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.InputFileLocation": { + "additionalProperties": false, + "properties": { + "EfsFileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.EfsInputFileLocation", + "markdownDescription": "Specifies the details for the Amazon Elastic File System (Amazon EFS) file that's being decrypted.", + "title": "EfsFileLocation" + }, + "S3FileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", + "markdownDescription": "Specifies the details for the Amazon S3 file that's being copied or decrypted.", + "title": "S3FileLocation" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.S3FileLocation": { + "additionalProperties": false, + "properties": { + "S3FileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", + "markdownDescription": "Specifies the details for the file location for the file that's being used in the workflow. Only applicable if you are using Amazon S3 storage.", + "title": "S3FileLocation" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.S3InputFileLocation": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "Specifies the S3 bucket for the customer input file.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The name assigned to the file when it was created in Amazon S3. You use the object key to retrieve the object.", + "title": "Key", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.S3Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The name assigned to the tag that you create.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value that corresponds to the key.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::Transfer::Workflow.TagStepDetails": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3Tag" + }, + "markdownDescription": "Array that contains from 1 to 10 key/value pairs.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.WorkflowStep": { + "additionalProperties": false, + "properties": { + "CopyStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.CopyStepDetails", + "markdownDescription": "Details for a step that performs a file copy.\n\nConsists of the following values:\n\n- A description\n- An Amazon S3 location for the destination of the file copy.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .", + "title": "CopyStepDetails" + }, + "CustomStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.CustomStepDetails", + "markdownDescription": "Details for a step that invokes an AWS Lambda function.\n\nConsists of the Lambda function's name, target, and timeout (in seconds).", + "title": "CustomStepDetails" + }, + "DecryptStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.DecryptStepDetails", + "markdownDescription": "Details for a step that decrypts an encrypted file.\n\nConsists of the following values:\n\n- A descriptive name\n- An Amazon S3 or Amazon Elastic File System (Amazon EFS) location for the source file to decrypt.\n- An S3 or Amazon EFS location for the destination of the file decryption.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n- The type of encryption that's used. Currently, only PGP encryption is supported.", + "title": "DecryptStepDetails" + }, + "DeleteStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.DeleteStepDetails", + "markdownDescription": "Details for a step that deletes the file.", + "title": "DeleteStepDetails" + }, + "TagStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.TagStepDetails", + "markdownDescription": "Details for a step that creates one or more tags.\n\nYou specify one or more tags. Each tag contains a key-value pair.", + "title": "TagStepDetails" + }, + "Type": { + "markdownDescription": "Currently, the following step types are supported.\n\n- *`COPY`* - Copy the file to another location.\n- *`CUSTOM`* - Perform a custom step with an AWS Lambda function target.\n- *`DECRYPT`* - Decrypt a file that was encrypted before it was uploaded.\n- *`DELETE`* - Delete the file.\n- *`TAG`* - Add a tag to the file.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::UXC::AccountCustomization": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccountColor": { "type": "string" }, - "OnExceptionSteps": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" - }, - "markdownDescription": "Specifies the steps (actions) to take if errors are encountered during execution of the workflow.", - "title": "OnExceptionSteps", - "type": "array" - }, - "Steps": { + "VisibleRegions": { "items": { - "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" + "type": "string" }, - "markdownDescription": "Specifies the details for the steps that are in the specified workflow.", - "title": "Steps", "type": "array" }, - "Tags": { + "VisibleServices": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "Key-value pairs that can be used to group and search for workflows. Tags are metadata attached to workflows for any purpose.", - "title": "Tags", "type": "array" } }, - "required": [ - "Steps" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Workflow" + "AWS::UXC::AccountCustomization" ], "type": "string" }, @@ -340089,253 +345754,10 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Transfer::Workflow.CopyStepDetails": { - "additionalProperties": false, - "properties": { - "DestinationFileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3FileLocation", - "markdownDescription": "Specifies the location for the file being copied. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", - "title": "DestinationFileLocation" - }, - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "OverwriteExisting": { - "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", - "title": "OverwriteExisting", - "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Workflow.CustomStepDetails": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" - }, - "Target": { - "markdownDescription": "The ARN for the Lambda function that is being called.", - "title": "Target", - "type": "string" - }, - "TimeoutSeconds": { - "markdownDescription": "Timeout, in seconds, for the step.", - "title": "TimeoutSeconds", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Transfer::Workflow.DecryptStepDetails": { - "additionalProperties": false, - "properties": { - "DestinationFileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.InputFileLocation", - "markdownDescription": "Specifies the location for the file being decrypted. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", - "title": "DestinationFileLocation" - }, - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "OverwriteExisting": { - "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", - "title": "OverwriteExisting", - "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of encryption used. Currently, this value must be `PGP` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "DestinationFileLocation", "Type" ], "type": "object" }, - "AWS::Transfer::Workflow.DeleteStepDetails": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Workflow.EfsInputFileLocation": { - "additionalProperties": false, - "properties": { - "FileSystemId": { - "markdownDescription": "The identifier of the file system, assigned by Amazon EFS.", - "title": "FileSystemId", - "type": "string" - }, - "Path": { - "markdownDescription": "The pathname for the folder being used by a workflow.", - "title": "Path", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Workflow.InputFileLocation": { - "additionalProperties": false, - "properties": { - "EfsFileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.EfsInputFileLocation", - "markdownDescription": "Specifies the details for the Amazon Elastic File System (Amazon EFS) file that's being decrypted.", - "title": "EfsFileLocation" - }, - "S3FileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", - "markdownDescription": "Specifies the details for the Amazon S3 file that's being copied or decrypted.", - "title": "S3FileLocation" - } - }, - "type": "object" - }, - "AWS::Transfer::Workflow.S3FileLocation": { - "additionalProperties": false, - "properties": { - "S3FileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", - "markdownDescription": "Specifies the details for the file location for the file that's being used in the workflow. Only applicable if you are using Amazon S3 storage.", - "title": "S3FileLocation" - } - }, - "type": "object" - }, - "AWS::Transfer::Workflow.S3InputFileLocation": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "Specifies the S3 bucket for the customer input file.", - "title": "Bucket", - "type": "string" - }, - "Key": { - "markdownDescription": "The name assigned to the file when it was created in Amazon S3. You use the object key to retrieve the object.", - "title": "Key", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Workflow.S3Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The name assigned to the tag that you create.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value that corresponds to the key.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::Transfer::Workflow.TagStepDetails": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3Tag" - }, - "markdownDescription": "Array that contains from 1 to 10 key/value pairs.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Transfer::Workflow.WorkflowStep": { - "additionalProperties": false, - "properties": { - "CopyStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.CopyStepDetails", - "markdownDescription": "Details for a step that performs a file copy.\n\nConsists of the following values:\n\n- A description\n- An Amazon S3 location for the destination of the file copy.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .", - "title": "CopyStepDetails" - }, - "CustomStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.CustomStepDetails", - "markdownDescription": "Details for a step that invokes an AWS Lambda function.\n\nConsists of the Lambda function's name, target, and timeout (in seconds).", - "title": "CustomStepDetails" - }, - "DecryptStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.DecryptStepDetails", - "markdownDescription": "Details for a step that decrypts an encrypted file.\n\nConsists of the following values:\n\n- A descriptive name\n- An Amazon S3 or Amazon Elastic File System (Amazon EFS) location for the source file to decrypt.\n- An S3 or Amazon EFS location for the destination of the file decryption.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n- The type of encryption that's used. Currently, only PGP encryption is supported.", - "title": "DecryptStepDetails" - }, - "DeleteStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.DeleteStepDetails", - "markdownDescription": "Details for a step that deletes the file.", - "title": "DeleteStepDetails" - }, - "TagStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.TagStepDetails", - "markdownDescription": "Details for a step that creates one or more tags.\n\nYou specify one or more tags. Each tag contains a key-value pair.", - "title": "TagStepDetails" - }, - "Type": { - "markdownDescription": "Currently, the following step types are supported.\n\n- *`COPY`* - Copy the file to another location.\n- *`CUSTOM`* - Perform a custom step with an AWS Lambda function target.\n- *`DECRYPT`* - Decrypt a file that was encrypted before it was uploaded.\n- *`DELETE`* - Delete the file.\n- *`TAG`* - Add a tag to the file.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, "AWS::VerifiedPermissions::IdentitySource": { "additionalProperties": false, "properties": { @@ -340904,11 +346326,6 @@ "AWS::VerifiedPermissions::PolicyStore.SchemaDefinition": { "additionalProperties": false, "properties": { - "CedarFormat": { - "markdownDescription": "", - "title": "CedarFormat", - "type": "string" - }, "CedarJson": { "markdownDescription": "A JSON string representation of the schema supported by applications that use this policy store. For more information, see [Policy store schema](https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html) in the AVP User Guide.", "title": "CedarJson", @@ -354464,18 +359881,6 @@ }, "type": "object" }, - "AWS::WorkspacesInstances::WorkspaceInstance.InstanceMarketOptionsRequest": { - "additionalProperties": false, - "properties": { - "MarketType": { - "type": "string" - }, - "SpotOptions": { - "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.SpotMarketOptions" - } - }, - "type": "object" - }, "AWS::WorkspacesInstances::WorkspaceInstance.InstanceMetadataOptionsRequest": { "additionalProperties": false, "properties": { @@ -354575,9 +359980,6 @@ "ImageId": { "type": "string" }, - "InstanceMarketOptions": { - "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.InstanceMarketOptionsRequest" - }, "InstanceType": { "type": "string" }, @@ -354681,24 +360083,6 @@ }, "type": "object" }, - "AWS::WorkspacesInstances::WorkspaceInstance.SpotMarketOptions": { - "additionalProperties": false, - "properties": { - "InstanceInterruptionBehavior": { - "type": "string" - }, - "MaxPrice": { - "type": "string" - }, - "SpotInstanceType": { - "type": "string" - }, - "ValidUntilUtc": { - "type": "string" - } - }, - "type": "object" - }, "AWS::WorkspacesInstances::WorkspaceInstance.TagSpecification": { "additionalProperties": false, "properties": { @@ -354964,6 +360348,22 @@ ], "type": "object" }, + "AWS::XRay::SamplingRule.SamplingRateBoost": { + "additionalProperties": false, + "properties": { + "CooldownWindowMinutes": { + "type": "number" + }, + "MaxRate": { + "type": "number" + } + }, + "required": [ + "CooldownWindowMinutes", + "MaxRate" + ], + "type": "object" + }, "AWS::XRay::SamplingRule.SamplingRule": { "additionalProperties": false, "properties": { @@ -355018,6 +360418,9 @@ "title": "RuleName", "type": "string" }, + "SamplingRateBoost": { + "$ref": "#/definitions/AWS::XRay::SamplingRule.SamplingRateBoost" + }, "ServiceName": { "markdownDescription": "Matches the `name` that the service uses to identify itself in segments.", "title": "ServiceName", @@ -364543,6 +369946,9 @@ { "$ref": "#/definitions/AWS::Batch::JobQueue" }, + { + "$ref": "#/definitions/AWS::Batch::QuotaShare" + }, { "$ref": "#/definitions/AWS::Batch::SchedulingPolicy" }, @@ -364603,9 +370009,15 @@ { "$ref": "#/definitions/AWS::BedrockAgentCore::BrowserCustom" }, + { + "$ref": "#/definitions/AWS::BedrockAgentCore::BrowserProfile" + }, { "$ref": "#/definitions/AWS::BedrockAgentCore::CodeInterpreterCustom" }, + { + "$ref": "#/definitions/AWS::BedrockAgentCore::Evaluator" + }, { "$ref": "#/definitions/AWS::BedrockAgentCore::Gateway" }, @@ -364615,6 +370027,15 @@ { "$ref": "#/definitions/AWS::BedrockAgentCore::Memory" }, + { + "$ref": "#/definitions/AWS::BedrockAgentCore::OnlineEvaluationConfig" + }, + { + "$ref": "#/definitions/AWS::BedrockAgentCore::Policy" + }, + { + "$ref": "#/definitions/AWS::BedrockAgentCore::PolicyEngine" + }, { "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime" }, @@ -364624,6 +370045,9 @@ { "$ref": "#/definitions/AWS::BedrockAgentCore::WorkloadIdentity" }, + { + "$ref": "#/definitions/AWS::BedrockMantle::Project" + }, { "$ref": "#/definitions/AWS::Billing::BillingView" }, @@ -364720,6 +370144,12 @@ { "$ref": "#/definitions/AWS::CleanRooms::PrivacyBudgetTemplate" }, + { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithm" + }, + { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation" + }, { "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset" }, @@ -364996,6 +370426,9 @@ { "$ref": "#/definitions/AWS::Comprehend::Flywheel" }, + { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule" + }, { "$ref": "#/definitions/AWS::Config::AggregationAuthorization" }, @@ -365038,6 +370471,12 @@ { "$ref": "#/definitions/AWS::Connect::ContactFlowModule" }, + { + "$ref": "#/definitions/AWS::Connect::ContactFlowModuleAlias" + }, + { + "$ref": "#/definitions/AWS::Connect::ContactFlowModuleVersion" + }, { "$ref": "#/definitions/AWS::Connect::ContactFlowVersion" }, @@ -365155,6 +370594,9 @@ { "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType" }, + { + "$ref": "#/definitions/AWS::CustomerProfiles::Recommender" + }, { "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition" }, @@ -365377,6 +370819,27 @@ { "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection" }, + { + "$ref": "#/definitions/AWS::DirectConnect::Connection" + }, + { + "$ref": "#/definitions/AWS::DirectConnect::DirectConnectGateway" + }, + { + "$ref": "#/definitions/AWS::DirectConnect::DirectConnectGatewayAssociation" + }, + { + "$ref": "#/definitions/AWS::DirectConnect::Lag" + }, + { + "$ref": "#/definitions/AWS::DirectConnect::PrivateVirtualInterface" + }, + { + "$ref": "#/definitions/AWS::DirectConnect::PublicVirtualInterface" + }, + { + "$ref": "#/definitions/AWS::DirectConnect::TransitVirtualInterface" + }, { "$ref": "#/definitions/AWS::DirectoryService::MicrosoftAD" }, @@ -365479,6 +370942,9 @@ { "$ref": "#/definitions/AWS::EC2::IPAMPrefixListResolver" }, + { + "$ref": "#/definitions/AWS::EC2::IPAMPrefixListResolverTarget" + }, { "$ref": "#/definitions/AWS::EC2::IPAMResourceDiscovery" }, @@ -365602,6 +371068,9 @@ { "$ref": "#/definitions/AWS::EC2::SpotFleet" }, + { + "$ref": "#/definitions/AWS::EC2::SqlHaStandbyDetectedInstance" + }, { "$ref": "#/definitions/AWS::EC2::Subnet" }, @@ -365935,6 +371404,9 @@ { "$ref": "#/definitions/AWS::Elasticsearch::Domain" }, + { + "$ref": "#/definitions/AWS::ElementalInference::Feed" + }, { "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow" }, @@ -366106,6 +371578,9 @@ { "$ref": "#/definitions/AWS::GlobalAccelerator::Listener" }, + { + "$ref": "#/definitions/AWS::Glue::Catalog" + }, { "$ref": "#/definitions/AWS::Glue::Classifier" }, @@ -366421,6 +371896,9 @@ { "$ref": "#/definitions/AWS::InspectorV2::Filter" }, + { + "$ref": "#/definitions/AWS::Interconnect::Connection" + }, { "$ref": "#/definitions/AWS::InternetMonitor::Monitor" }, @@ -367270,6 +372748,9 @@ { "$ref": "#/definitions/AWS::ObservabilityAdmin::S3TableIntegration" }, + { + "$ref": "#/definitions/AWS::ObservabilityAdmin::TelemetryEnrichment" + }, { "$ref": "#/definitions/AWS::ObservabilityAdmin::TelemetryPipelines" }, @@ -367303,6 +372784,9 @@ { "$ref": "#/definitions/AWS::OpenSearchServerless::Collection" }, + { + "$ref": "#/definitions/AWS::OpenSearchServerless::CollectionGroup" + }, { "$ref": "#/definitions/AWS::OpenSearchServerless::Index" }, @@ -367768,6 +373252,27 @@ { "$ref": "#/definitions/AWS::Route53::RecordSetGroup" }, + { + "$ref": "#/definitions/AWS::Route53GlobalResolver::AccessSource" + }, + { + "$ref": "#/definitions/AWS::Route53GlobalResolver::AccessToken" + }, + { + "$ref": "#/definitions/AWS::Route53GlobalResolver::DnsView" + }, + { + "$ref": "#/definitions/AWS::Route53GlobalResolver::FirewallDomainList" + }, + { + "$ref": "#/definitions/AWS::Route53GlobalResolver::FirewallRule" + }, + { + "$ref": "#/definitions/AWS::Route53GlobalResolver::GlobalResolver" + }, + { + "$ref": "#/definitions/AWS::Route53GlobalResolver::HostedZoneAssociation" + }, { "$ref": "#/definitions/AWS::Route53Profiles::Profile" }, @@ -368437,6 +373942,9 @@ { "$ref": "#/definitions/AWS::Transfer::Workflow" }, + { + "$ref": "#/definitions/AWS::UXC::AccountCustomization" + }, { "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource" }, diff --git a/schema_source/cloudformation-docs.json b/schema_source/cloudformation-docs.json index cfd2522a3..f8d81c4e8 100644 --- a/schema_source/cloudformation-docs.json +++ b/schema_source/cloudformation-docs.json @@ -40596,7 +40596,7 @@ }, "AWS::QuickSight::Analysis ResourcePermission": { "Actions": "The IAM action to grant or revoke permissions on.", - "Principal": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick Suite user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick Suite user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick Suite ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)" + "Principal": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)" }, "AWS::QuickSight::Analysis RollingDateConfiguration": { "DataSetIdentifier": "The data set that is used in the rolling date configuration.", @@ -43682,7 +43682,7 @@ }, "AWS::QuickSight::Dashboard ResourcePermission": { "Actions": "The IAM action to grant or revoke permissions on.", - "Principal": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick Suite user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick Suite user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick Suite ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)" + "Principal": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)" }, "AWS::QuickSight::Dashboard RollingDateConfiguration": { "DataSetIdentifier": "The data set that is used in the rolling date configuration.", @@ -44504,7 +44504,7 @@ }, "AWS::QuickSight::DataSet ColumnLevelPermissionRule": { "ColumnNames": "An array of column names.", - "Principals": "An array of Amazon Resource Names (ARNs) for Quick Suite users or groups." + "Principals": "An array of Amazon Resource Names (ARNs) for Quick users or groups." }, "AWS::QuickSight::DataSet ColumnTag": { "ColumnDescription": "A description for a column.", @@ -44706,7 +44706,7 @@ "Type": "The type of join that it is." }, "AWS::QuickSight::DataSet JoinKeyProperties": { - "UniqueKey": "A value that indicates that a row in a table is uniquely identified by the columns in a join key. This is used by Quick Suite to optimize query performance." + "UniqueKey": "A value that indicates that a row in a table is uniquely identified by the columns in a join key. This is used by Quick to optimize query performance." }, "AWS::QuickSight::DataSet JoinOperandProperties": { "OutputColumnNameOverrides": "A list of column name overrides to apply to the join operand's output columns." @@ -44813,7 +44813,7 @@ }, "AWS::QuickSight::DataSet ResourcePermission": { "Actions": "The IAM action to grant or revoke permisions on", - "Principal": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick Suite user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick Suite user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick Suite ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)" + "Principal": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)" }, "AWS::QuickSight::DataSet RowLevelPermissionConfiguration": { "RowLevelPermissionDataSet": "", @@ -45075,7 +45075,7 @@ }, "AWS::QuickSight::DataSource ResourcePermission": { "Actions": "The IAM action to grant or revoke permissions on.", - "Principal": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick Suite user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick Suite user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick Suite ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "Principal": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", "Resource": "" }, "AWS::QuickSight::DataSource S3Parameters": { @@ -45156,7 +45156,7 @@ "DayOfWeek": "The day of the week that you want to schedule the refresh on. This value is required for weekly and monthly refresh intervals." }, "AWS::QuickSight::RefreshSchedule RefreshScheduleMap": { - "RefreshType": "The type of refresh that a dataset undergoes. Valid values are as follows:\n\n- `FULL_REFRESH` : A complete refresh of a dataset.\n- `INCREMENTAL_REFRESH` : A partial refresh of some rows of a dataset, based on the time window specified.\n\nFor more information on full and incremental refreshes, see [Refreshing SPICE data](https://docs.aws.amazon.com/quicksight/latest/user/refreshing-imported-data.html) in the *Quick Suite User Guide* .", + "RefreshType": "The type of refresh that a dataset undergoes. Valid values are as follows:\n\n- `FULL_REFRESH` : A complete refresh of a dataset.\n- `INCREMENTAL_REFRESH` : A partial refresh of some rows of a dataset, based on the time window specified.\n\nFor more information on full and incremental refreshes, see [Refreshing SPICE data](https://docs.aws.amazon.com/quicksight/latest/user/refreshing-imported-data.html) in the *Quick User Guide* .", "ScheduleFrequency": "The frequency for the refresh schedule.", "ScheduleId": "An identifier for the refresh schedule.", "StartAfterDateTime": "Time after which the refresh schedule can be started, expressed in `YYYY-MM-DDTHH:MM:SS` format." @@ -47204,7 +47204,7 @@ }, "AWS::QuickSight::Template ResourcePermission": { "Actions": "The IAM action to grant or revoke permissions on.", - "Principal": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick Suite user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick Suite user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick Suite ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)" + "Principal": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)" }, "AWS::QuickSight::Template RollingDateConfiguration": { "DataSetIdentifier": "The data set that is used in the rolling date configuration.", @@ -47993,7 +47993,7 @@ }, "AWS::QuickSight::Theme ResourcePermission": { "Actions": "The IAM action to grant or revoke permissions on.", - "Principal": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick Suite user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick Suite user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick Suite ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)" + "Principal": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)" }, "AWS::QuickSight::Theme SheetStyle": { "Tile": "The display options for tiles.", diff --git a/schema_source/cloudformation.schema.json b/schema_source/cloudformation.schema.json index b1cf5918d..9c5f2150b 100644 --- a/schema_source/cloudformation.schema.json +++ b/schema_source/cloudformation.schema.json @@ -2869,6 +2869,12 @@ "markdownDescription": "A parallel configuration execution block.", "title": "ParallelConfig" }, + "RdsCreateCrossRegionReadReplicaConfig": { + "$ref": "#/definitions/AWS::ARCRegionSwitch::Plan.RdsCreateCrossRegionReplicaConfiguration" + }, + "RdsPromoteReadReplicaConfig": { + "$ref": "#/definitions/AWS::ARCRegionSwitch::Plan.RdsPromoteReadReplicaConfiguration" + }, "RegionSwitchPlanConfig": { "$ref": "#/definitions/AWS::ARCRegionSwitch::Plan.RegionSwitchPlanConfiguration", "markdownDescription": "A Region switch plan execution block.", @@ -3011,6 +3017,60 @@ ], "type": "object" }, + "AWS::ARCRegionSwitch::Plan.RdsCreateCrossRegionReplicaConfiguration": { + "additionalProperties": false, + "properties": { + "CrossAccountRole": { + "type": "string" + }, + "DbInstanceArnMap": { + "additionalProperties": true, + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "type": "object" + }, + "ExternalId": { + "type": "string" + }, + "TimeoutMinutes": { + "type": "number" + } + }, + "required": [ + "DbInstanceArnMap" + ], + "type": "object" + }, + "AWS::ARCRegionSwitch::Plan.RdsPromoteReadReplicaConfiguration": { + "additionalProperties": false, + "properties": { + "CrossAccountRole": { + "type": "string" + }, + "DbInstanceArnMap": { + "additionalProperties": true, + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "type": "object" + }, + "ExternalId": { + "type": "string" + }, + "TimeoutMinutes": { + "type": "number" + } + }, + "required": [ + "DbInstanceArnMap" + ], + "type": "object" + }, "AWS::ARCRegionSwitch::Plan.RegionSwitchPlanConfiguration": { "additionalProperties": false, "properties": { @@ -20909,6 +20969,21 @@ "title": "Name", "type": "string" }, + "RootVolumeConfig": { + "$ref": "#/definitions/AWS::AppStream::ImageBuilder.VolumeConfig" + }, + "SoftwaresToInstall": { + "items": { + "type": "string" + }, + "type": "array" + }, + "SoftwaresToUninstall": { + "items": { + "type": "string" + }, + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -20986,6 +21061,15 @@ }, "type": "object" }, + "AWS::AppStream::ImageBuilder.VolumeConfig": { + "additionalProperties": false, + "properties": { + "VolumeSizeInGb": { + "type": "number" + } + }, + "type": "object" + }, "AWS::AppStream::ImageBuilder.VpcConfig": { "additionalProperties": false, "properties": { @@ -27535,6 +27619,12 @@ "markdownDescription": "The EC2 instance capacity distribution across Availability Zones for the Auto Scaling group.", "title": "AvailabilityZoneDistribution" }, + "AvailabilityZoneIds": { + "items": { + "type": "string" + }, + "type": "array" + }, "AvailabilityZoneImpairmentPolicy": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.AvailabilityZoneImpairmentPolicy", "markdownDescription": "The Availability Zone impairment policy for the Auto Scaling group.", @@ -33121,6 +33211,9 @@ "title": "PlacementGroup", "type": "string" }, + "ScalingPolicy": { + "$ref": "#/definitions/AWS::Batch::ComputeEnvironment.ComputeScalingPolicy" + }, "SecurityGroupIds": { "items": { "type": "string" @@ -33171,6 +33264,15 @@ ], "type": "object" }, + "AWS::Batch::ComputeEnvironment.ComputeScalingPolicy": { + "additionalProperties": false, + "properties": { + "MinScaleDownDelayMinutes": { + "type": "number" + } + }, + "type": "object" + }, "AWS::Batch::ComputeEnvironment.Ec2ConfigurationObject": { "additionalProperties": false, "properties": { @@ -35271,6 +35373,145 @@ ], "type": "object" }, + "AWS::Batch::QuotaShare": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CapacityLimits": { + "items": { + "$ref": "#/definitions/AWS::Batch::QuotaShare.QuotaShareCapacityLimit" + }, + "type": "array" + }, + "JobQueue": { + "type": "string" + }, + "PreemptionConfiguration": { + "$ref": "#/definitions/AWS::Batch::QuotaShare.QuotaSharePreemptionConfiguration" + }, + "QuotaShareName": { + "type": "string" + }, + "ResourceSharingConfiguration": { + "$ref": "#/definitions/AWS::Batch::QuotaShare.QuotaShareResourceSharingConfiguration" + }, + "State": { + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "CapacityLimits", + "JobQueue", + "PreemptionConfiguration", + "QuotaShareName", + "ResourceSharingConfiguration" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Batch::QuotaShare" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Batch::QuotaShare.QuotaShareCapacityLimit": { + "additionalProperties": false, + "properties": { + "CapacityUnit": { + "type": "string" + }, + "MaxCapacity": { + "type": "number" + } + }, + "required": [ + "CapacityUnit", + "MaxCapacity" + ], + "type": "object" + }, + "AWS::Batch::QuotaShare.QuotaSharePreemptionConfiguration": { + "additionalProperties": false, + "properties": { + "InSharePreemption": { + "type": "string" + } + }, + "required": [ + "InSharePreemption" + ], + "type": "object" + }, + "AWS::Batch::QuotaShare.QuotaShareResourceSharingConfiguration": { + "additionalProperties": false, + "properties": { + "BorrowLimit": { + "type": "number" + }, + "Strategy": { + "type": "string" + } + }, + "required": [ + "Strategy" + ], + "type": "object" + }, "AWS::Batch::SchedulingPolicy": { "additionalProperties": false, "properties": { @@ -35316,6 +35557,9 @@ "title": "Name", "type": "string" }, + "QuotaSharePolicy": { + "$ref": "#/definitions/AWS::Batch::SchedulingPolicy.QuotaSharePolicy" + }, "Tags": { "additionalProperties": true, "markdownDescription": "The tags that you apply to the scheduling policy to help you categorize and organize your resources. Each tag consists of a key and an optional value. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in *AWS General Reference* .\n\nThese tags can be updated or removed using the [TagResource](https://docs.aws.amazon.com/batch/latest/APIReference/API_TagResource.html) and [UntagResource](https://docs.aws.amazon.com/batch/latest/APIReference/API_UntagResource.html) API operations.", @@ -35374,6 +35618,15 @@ }, "type": "object" }, + "AWS::Batch::SchedulingPolicy.QuotaSharePolicy": { + "additionalProperties": false, + "properties": { + "IdleResourceAssignmentStrategy": { + "type": "string" + } + }, + "type": "object" + }, "AWS::Batch::SchedulingPolicy.ShareAttributes": { "additionalProperties": false, "properties": { @@ -43826,7 +44079,7 @@ ], "type": "object" }, - "AWS::BedrockAgentCore::CodeInterpreterCustom": { + "AWS::BedrockAgentCore::BrowserProfile": { "additionalProperties": false, "properties": { "Condition": { @@ -43862,46 +44115,29 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The code interpreter description.", - "title": "Description", - "type": "string" - }, - "ExecutionRoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the execution role.", - "title": "ExecutionRoleArn", "type": "string" }, "Name": { - "markdownDescription": "The name of the code interpreter.", - "title": "Name", "type": "string" }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::BedrockAgentCore::CodeInterpreterCustom.CodeInterpreterNetworkConfiguration", - "markdownDescription": "The network configuration for a code interpreter. This structure defines how the code interpreter connects to the network.", - "title": "NetworkConfiguration" - }, "Tags": { "additionalProperties": true, - "markdownDescription": "The tags for the code interpreter.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, - "title": "Tags", "type": "object" } }, "required": [ - "Name", - "NetworkConfiguration" + "Name" ], "type": "object" }, "Type": { "enum": [ - "AWS::BedrockAgentCore::CodeInterpreterCustom" + "AWS::BedrockAgentCore::BrowserProfile" ], "type": "string" }, @@ -43920,52 +44156,359 @@ ], "type": "object" }, - "AWS::BedrockAgentCore::CodeInterpreterCustom.CodeInterpreterNetworkConfiguration": { - "additionalProperties": false, - "properties": { - "NetworkMode": { - "markdownDescription": "The network mode.", - "title": "NetworkMode", - "type": "string" - }, - "VpcConfig": { - "$ref": "#/definitions/AWS::BedrockAgentCore::CodeInterpreterCustom.VpcConfig", - "markdownDescription": "", - "title": "VpcConfig" - } - }, - "required": [ - "NetworkMode" - ], - "type": "object" - }, - "AWS::BedrockAgentCore::CodeInterpreterCustom.VpcConfig": { - "additionalProperties": false, - "properties": { - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "SecurityGroups", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "Subnets", - "type": "array" - } - }, - "required": [ - "SecurityGroups", - "Subnets" - ], - "type": "object" - }, - "AWS::BedrockAgentCore::Gateway": { + "AWS::BedrockAgentCore::CodeInterpreterCustom": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The code interpreter description.", + "title": "Description", + "type": "string" + }, + "ExecutionRoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the execution role.", + "title": "ExecutionRoleArn", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the code interpreter.", + "title": "Name", + "type": "string" + }, + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::BedrockAgentCore::CodeInterpreterCustom.CodeInterpreterNetworkConfiguration", + "markdownDescription": "The network configuration for a code interpreter. This structure defines how the code interpreter connects to the network.", + "title": "NetworkConfiguration" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags for the code interpreter.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "Name", + "NetworkConfiguration" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::BedrockAgentCore::CodeInterpreterCustom" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::CodeInterpreterCustom.CodeInterpreterNetworkConfiguration": { + "additionalProperties": false, + "properties": { + "NetworkMode": { + "markdownDescription": "The network mode.", + "title": "NetworkMode", + "type": "string" + }, + "VpcConfig": { + "$ref": "#/definitions/AWS::BedrockAgentCore::CodeInterpreterCustom.VpcConfig", + "markdownDescription": "", + "title": "VpcConfig" + } + }, + "required": [ + "NetworkMode" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::CodeInterpreterCustom.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Subnets", + "type": "array" + } + }, + "required": [ + "SecurityGroups", + "Subnets" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Evaluator": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "type": "string" + }, + "EvaluatorConfig": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Evaluator.EvaluatorConfig" + }, + "EvaluatorName": { + "type": "string" + }, + "Level": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "EvaluatorConfig", + "EvaluatorName", + "Level" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::BedrockAgentCore::Evaluator" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Evaluator.BedrockEvaluatorModelConfig": { + "additionalProperties": false, + "properties": { + "AdditionalModelRequestFields": { + "type": "object" + }, + "InferenceConfig": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Evaluator.InferenceConfiguration" + }, + "ModelId": { + "type": "string" + } + }, + "required": [ + "ModelId" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Evaluator.CategoricalScaleDefinition": { + "additionalProperties": false, + "properties": { + "Definition": { + "type": "string" + }, + "Label": { + "type": "string" + } + }, + "required": [ + "Definition", + "Label" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Evaluator.EvaluatorConfig": { + "additionalProperties": false, + "properties": { + "LlmAsAJudge": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Evaluator.LlmAsAJudgeEvaluatorConfig" + } + }, + "required": [ + "LlmAsAJudge" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Evaluator.EvaluatorModelConfig": { + "additionalProperties": false, + "properties": { + "BedrockEvaluatorModelConfig": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Evaluator.BedrockEvaluatorModelConfig" + } + }, + "required": [ + "BedrockEvaluatorModelConfig" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Evaluator.InferenceConfiguration": { + "additionalProperties": false, + "properties": { + "MaxTokens": { + "type": "number" + }, + "Temperature": { + "type": "number" + }, + "TopP": { + "type": "number" + } + }, + "type": "object" + }, + "AWS::BedrockAgentCore::Evaluator.LlmAsAJudgeEvaluatorConfig": { + "additionalProperties": false, + "properties": { + "Instructions": { + "type": "string" + }, + "ModelConfig": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Evaluator.EvaluatorModelConfig" + }, + "RatingScale": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Evaluator.RatingScale" + } + }, + "required": [ + "Instructions", + "ModelConfig", + "RatingScale" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Evaluator.NumericalScaleDefinition": { + "additionalProperties": false, + "properties": { + "Definition": { + "type": "string" + }, + "Label": { + "type": "string" + }, + "Value": { + "type": "number" + } + }, + "required": [ + "Definition", + "Label", + "Value" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Evaluator.RatingScale": { + "additionalProperties": false, + "properties": { + "Categorical": { + "items": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Evaluator.CategoricalScaleDefinition" + }, + "type": "array" + }, + "Numerical": { + "items": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Evaluator.NumericalScaleDefinition" + }, + "type": "array" + } + }, + "type": "object" + }, + "AWS::BedrockAgentCore::Gateway": { "additionalProperties": false, "properties": { "Condition": { @@ -44038,6 +44581,9 @@ "title": "Name", "type": "string" }, + "PolicyEngineConfiguration": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Gateway.GatewayPolicyEngineConfiguration" + }, "ProtocolConfiguration": { "$ref": "#/definitions/AWS::BedrockAgentCore::Gateway.GatewayProtocolConfiguration", "markdownDescription": "The protocol configuration for the gateway target.", @@ -44247,6 +44793,22 @@ ], "type": "object" }, + "AWS::BedrockAgentCore::Gateway.GatewayPolicyEngineConfiguration": { + "additionalProperties": false, + "properties": { + "Arn": { + "type": "string" + }, + "Mode": { + "type": "string" + } + }, + "required": [ + "Arn", + "Mode" + ], + "type": "object" + }, "AWS::BedrockAgentCore::Gateway.GatewayProtocolConfiguration": { "additionalProperties": false, "properties": { @@ -44928,6 +45490,9 @@ "title": "Name", "type": "string" }, + "StreamDeliveryResources": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Memory.StreamDeliveryResources" + }, "Tags": { "additionalProperties": true, "markdownDescription": "The tags for the resources.", @@ -44967,6 +45532,21 @@ ], "type": "object" }, + "AWS::BedrockAgentCore::Memory.ContentConfiguration": { + "additionalProperties": false, + "properties": { + "Level": { + "type": "string" + }, + "Type": { + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, "AWS::BedrockAgentCore::Memory.CustomConfigurationInput": { "additionalProperties": false, "properties": { @@ -45234,6 +45814,25 @@ }, "type": "object" }, + "AWS::BedrockAgentCore::Memory.KinesisResource": { + "additionalProperties": false, + "properties": { + "ContentConfigurations": { + "items": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Memory.ContentConfiguration" + }, + "type": "array" + }, + "DataStreamArn": { + "type": "string" + } + }, + "required": [ + "ContentConfigurations", + "DataStreamArn" + ], + "type": "object" + }, "AWS::BedrockAgentCore::Memory.MemoryStrategy": { "additionalProperties": false, "properties": { @@ -45408,6 +46007,30 @@ ], "type": "object" }, + "AWS::BedrockAgentCore::Memory.StreamDeliveryResource": { + "additionalProperties": false, + "properties": { + "Kinesis": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Memory.KinesisResource" + } + }, + "type": "object" + }, + "AWS::BedrockAgentCore::Memory.StreamDeliveryResources": { + "additionalProperties": false, + "properties": { + "Resources": { + "items": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Memory.StreamDeliveryResource" + }, + "type": "array" + } + }, + "required": [ + "Resources" + ], + "type": "object" + }, "AWS::BedrockAgentCore::Memory.SummaryMemoryStrategy": { "additionalProperties": false, "properties": { @@ -45642,7 +46265,7 @@ ], "type": "object" }, - "AWS::BedrockAgentCore::Runtime": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig": { "additionalProperties": false, "properties": { "Condition": { @@ -45677,85 +46300,49 @@ "Properties": { "additionalProperties": false, "properties": { - "AgentRuntimeArtifact": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.AgentRuntimeArtifact", - "markdownDescription": "The artifact of the agent.", - "title": "AgentRuntimeArtifact" + "DataSourceConfig": { + "$ref": "#/definitions/AWS::BedrockAgentCore::OnlineEvaluationConfig.DataSourceConfig" }, - "AgentRuntimeName": { - "markdownDescription": "The name of the AgentCore Runtime endpoint.", - "title": "AgentRuntimeName", + "Description": { "type": "string" }, - "AuthorizerConfiguration": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.AuthorizerConfiguration", - "markdownDescription": "Represents inbound authorization configuration options used to authenticate incoming requests.", - "title": "AuthorizerConfiguration" - }, - "Description": { - "markdownDescription": "The agent runtime description.", - "title": "Description", + "EvaluationExecutionRoleArn": { "type": "string" }, - "EnvironmentVariables": { - "additionalProperties": true, - "markdownDescription": "The environment variables for the agent.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "Evaluators": { + "items": { + "$ref": "#/definitions/AWS::BedrockAgentCore::OnlineEvaluationConfig.EvaluatorReference" }, - "title": "EnvironmentVariables", - "type": "object" - }, - "LifecycleConfiguration": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.LifecycleConfiguration", - "markdownDescription": "", - "title": "LifecycleConfiguration" - }, - "NetworkConfiguration": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.NetworkConfiguration", - "markdownDescription": "The network configuration.", - "title": "NetworkConfiguration" + "type": "array" }, - "ProtocolConfiguration": { - "markdownDescription": "The protocol configuration for an agent runtime. This structure defines how the agent runtime communicates with clients.", - "title": "ProtocolConfiguration", + "ExecutionStatus": { "type": "string" }, - "RequestHeaderConfiguration": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.RequestHeaderConfiguration", - "markdownDescription": "", - "title": "RequestHeaderConfiguration" - }, - "RoleArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for for the role.", - "title": "RoleArn", + "OnlineEvaluationConfigName": { "type": "string" }, + "Rule": { + "$ref": "#/definitions/AWS::BedrockAgentCore::OnlineEvaluationConfig.Rule" + }, "Tags": { - "additionalProperties": true, - "markdownDescription": "The tags for the agent.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } + "items": { + "$ref": "#/definitions/Tag" }, - "title": "Tags", - "type": "object" + "type": "array" } }, "required": [ - "AgentRuntimeArtifact", - "AgentRuntimeName", - "NetworkConfiguration", - "RoleArn" + "DataSourceConfig", + "EvaluationExecutionRoleArn", + "Evaluators", + "OnlineEvaluationConfigName", + "Rule" ], "type": "object" }, "Type": { "enum": [ - "AWS::BedrockAgentCore::Runtime" + "AWS::BedrockAgentCore::OnlineEvaluationConfig" ], "type": "string" }, @@ -45774,295 +46361,751 @@ ], "type": "object" }, - "AWS::BedrockAgentCore::Runtime.AgentRuntimeArtifact": { - "additionalProperties": false, - "properties": { - "CodeConfiguration": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.CodeConfiguration", - "markdownDescription": "", - "title": "CodeConfiguration" - }, - "ContainerConfiguration": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.ContainerConfiguration", - "markdownDescription": "Representation of a container configuration.", - "title": "ContainerConfiguration" - } - }, - "type": "object" - }, - "AWS::BedrockAgentCore::Runtime.AuthorizerConfiguration": { - "additionalProperties": false, - "properties": { - "CustomJWTAuthorizer": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.CustomJWTAuthorizerConfiguration", - "markdownDescription": "Represents inbound authorization configuration options used to authenticate incoming requests.", - "title": "CustomJWTAuthorizer" - } - }, - "type": "object" - }, - "AWS::BedrockAgentCore::Runtime.AuthorizingClaimMatchValueType": { - "additionalProperties": false, - "properties": { - "ClaimMatchOperator": { - "type": "string" - }, - "ClaimMatchValue": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.ClaimMatchValueType" - } - }, - "required": [ - "ClaimMatchOperator", - "ClaimMatchValue" - ], - "type": "object" - }, - "AWS::BedrockAgentCore::Runtime.ClaimMatchValueType": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig.CloudWatchLogsInputConfig": { "additionalProperties": false, "properties": { - "MatchValueString": { - "type": "string" + "LogGroupNames": { + "items": { + "type": "string" + }, + "type": "array" }, - "MatchValueStringList": { + "ServiceNames": { "items": { "type": "string" }, "type": "array" } }, + "required": [ + "LogGroupNames", + "ServiceNames" + ], "type": "object" }, - "AWS::BedrockAgentCore::Runtime.Code": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig.CloudWatchOutputConfig": { "additionalProperties": false, "properties": { - "S3": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.S3Location", - "markdownDescription": "", - "title": "S3" + "LogGroupName": { + "type": "string" } }, "type": "object" }, - "AWS::BedrockAgentCore::Runtime.CodeConfiguration": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig.DataSourceConfig": { "additionalProperties": false, "properties": { - "Code": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.Code", - "markdownDescription": "", - "title": "Code" - }, - "EntryPoint": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "EntryPoint", - "type": "array" - }, - "Runtime": { - "markdownDescription": "", - "title": "Runtime", - "type": "string" + "CloudWatchLogs": { + "$ref": "#/definitions/AWS::BedrockAgentCore::OnlineEvaluationConfig.CloudWatchLogsInputConfig" } }, "required": [ - "Code", - "EntryPoint", - "Runtime" + "CloudWatchLogs" ], "type": "object" }, - "AWS::BedrockAgentCore::Runtime.ContainerConfiguration": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig.EvaluatorReference": { "additionalProperties": false, "properties": { - "ContainerUri": { - "markdownDescription": "The container Uri.", - "title": "ContainerUri", + "EvaluatorId": { "type": "string" } }, "required": [ - "ContainerUri" + "EvaluatorId" ], "type": "object" }, - "AWS::BedrockAgentCore::Runtime.CustomClaimValidationType": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig.Filter": { "additionalProperties": false, "properties": { - "AuthorizingClaimMatchValue": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.AuthorizingClaimMatchValueType" - }, - "InboundTokenClaimName": { + "Key": { "type": "string" }, - "InboundTokenClaimValueType": { + "Operator": { "type": "string" - } - }, - "required": [ - "AuthorizingClaimMatchValue", - "InboundTokenClaimName", - "InboundTokenClaimValueType" - ], - "type": "object" - }, - "AWS::BedrockAgentCore::Runtime.CustomJWTAuthorizerConfiguration": { - "additionalProperties": false, - "properties": { - "AllowedAudience": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents inbound authorization configuration options used to authenticate incoming requests.", - "title": "AllowedAudience", - "type": "array" }, - "AllowedClients": { - "items": { - "type": "string" - }, - "markdownDescription": "Represents individual client IDs that are validated in the incoming JWT token validation process.", - "title": "AllowedClients", - "type": "array" - }, - "AllowedScopes": { - "items": { - "type": "string" - }, - "type": "array" - }, - "CustomClaims": { - "items": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.CustomClaimValidationType" - }, - "type": "array" - }, - "DiscoveryUrl": { - "markdownDescription": "The configuration authorization.", - "title": "DiscoveryUrl", - "type": "string" + "Value": { + "$ref": "#/definitions/AWS::BedrockAgentCore::OnlineEvaluationConfig.FilterValue" } }, "required": [ - "DiscoveryUrl" + "Key", + "Operator", + "Value" ], "type": "object" }, - "AWS::BedrockAgentCore::Runtime.LifecycleConfiguration": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig.FilterValue": { "additionalProperties": false, "properties": { - "IdleRuntimeSessionTimeout": { - "markdownDescription": "", - "title": "IdleRuntimeSessionTimeout", - "type": "number" + "BooleanValue": { + "type": "boolean" }, - "MaxLifetime": { - "markdownDescription": "", - "title": "MaxLifetime", + "DoubleValue": { "type": "number" + }, + "StringValue": { + "type": "string" } }, "type": "object" }, - "AWS::BedrockAgentCore::Runtime.NetworkConfiguration": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig.OutputConfig": { "additionalProperties": false, "properties": { - "NetworkMode": { - "markdownDescription": "The network mode.", - "title": "NetworkMode", - "type": "string" - }, - "NetworkModeConfig": { - "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.VpcConfig", - "markdownDescription": "", - "title": "NetworkModeConfig" + "CloudWatchConfig": { + "$ref": "#/definitions/AWS::BedrockAgentCore::OnlineEvaluationConfig.CloudWatchOutputConfig" } }, - "required": [ - "NetworkMode" - ], "type": "object" }, - "AWS::BedrockAgentCore::Runtime.RequestHeaderConfiguration": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig.Rule": { "additionalProperties": false, "properties": { - "RequestHeaderAllowlist": { + "Filters": { "items": { - "type": "string" + "$ref": "#/definitions/AWS::BedrockAgentCore::OnlineEvaluationConfig.Filter" }, - "markdownDescription": "", - "title": "RequestHeaderAllowlist", "type": "array" - } - }, - "type": "object" - }, - "AWS::BedrockAgentCore::Runtime.S3Location": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "", - "title": "Bucket", - "type": "string" }, - "Prefix": { - "markdownDescription": "", - "title": "Prefix", - "type": "string" + "SamplingConfig": { + "$ref": "#/definitions/AWS::BedrockAgentCore::OnlineEvaluationConfig.SamplingConfig" }, - "VersionId": { - "markdownDescription": "", - "title": "VersionId", - "type": "string" + "SessionConfig": { + "$ref": "#/definitions/AWS::BedrockAgentCore::OnlineEvaluationConfig.SessionConfig" } }, "required": [ - "Bucket", - "Prefix" + "SamplingConfig" ], "type": "object" }, - "AWS::BedrockAgentCore::Runtime.VpcConfig": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig.SamplingConfig": { "additionalProperties": false, "properties": { - "SecurityGroups": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "SecurityGroups", - "type": "array" - }, - "Subnets": { - "items": { - "type": "string" - }, - "markdownDescription": "", - "title": "Subnets", - "type": "array" + "SamplingPercentage": { + "type": "number" } }, "required": [ - "SecurityGroups", - "Subnets" + "SamplingPercentage" ], "type": "object" }, - "AWS::BedrockAgentCore::Runtime.WorkloadIdentityDetails": { + "AWS::BedrockAgentCore::OnlineEvaluationConfig.SessionConfig": { "additionalProperties": false, "properties": { - "WorkloadIdentityArn": { - "markdownDescription": "The Amazon Resource Name (ARN) for the workload identity.", - "title": "WorkloadIdentityArn", - "type": "string" + "SessionTimeoutMinutes": { + "type": "number" } }, "required": [ - "WorkloadIdentityArn" + "SessionTimeoutMinutes" ], "type": "object" }, - "AWS::BedrockAgentCore::RuntimeEndpoint": { + "AWS::BedrockAgentCore::Policy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Definition": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Policy.PolicyDefinition" + }, + "Description": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "PolicyEngineId": { + "type": "string" + }, + "ValidationMode": { + "type": "string" + } + }, + "required": [ + "Definition", + "Name", + "PolicyEngineId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::BedrockAgentCore::Policy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Policy.CedarPolicy": { + "additionalProperties": false, + "properties": { + "Statement": { + "type": "string" + } + }, + "required": [ + "Statement" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Policy.PolicyDefinition": { + "additionalProperties": false, + "properties": { + "Cedar": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Policy.CedarPolicy" + } + }, + "required": [ + "Cedar" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::PolicyEngine": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "type": "string" + }, + "EncryptionKeyArn": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::BedrockAgentCore::PolicyEngine" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AgentRuntimeArtifact": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.AgentRuntimeArtifact", + "markdownDescription": "The artifact of the agent.", + "title": "AgentRuntimeArtifact" + }, + "AgentRuntimeName": { + "markdownDescription": "The name of the AgentCore Runtime endpoint.", + "title": "AgentRuntimeName", + "type": "string" + }, + "AuthorizerConfiguration": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.AuthorizerConfiguration", + "markdownDescription": "Represents inbound authorization configuration options used to authenticate incoming requests.", + "title": "AuthorizerConfiguration" + }, + "Description": { + "markdownDescription": "The agent runtime description.", + "title": "Description", + "type": "string" + }, + "EnvironmentVariables": { + "additionalProperties": true, + "markdownDescription": "The environment variables for the agent.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "EnvironmentVariables", + "type": "object" + }, + "LifecycleConfiguration": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.LifecycleConfiguration", + "markdownDescription": "", + "title": "LifecycleConfiguration" + }, + "NetworkConfiguration": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.NetworkConfiguration", + "markdownDescription": "The network configuration.", + "title": "NetworkConfiguration" + }, + "ProtocolConfiguration": { + "markdownDescription": "The protocol configuration for an agent runtime. This structure defines how the agent runtime communicates with clients.", + "title": "ProtocolConfiguration", + "type": "string" + }, + "RequestHeaderConfiguration": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.RequestHeaderConfiguration", + "markdownDescription": "", + "title": "RequestHeaderConfiguration" + }, + "RoleArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for for the role.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "The tags for the agent.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "AgentRuntimeArtifact", + "AgentRuntimeName", + "NetworkConfiguration", + "RoleArn" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::BedrockAgentCore::Runtime" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.AgentRuntimeArtifact": { + "additionalProperties": false, + "properties": { + "CodeConfiguration": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.CodeConfiguration", + "markdownDescription": "", + "title": "CodeConfiguration" + }, + "ContainerConfiguration": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.ContainerConfiguration", + "markdownDescription": "Representation of a container configuration.", + "title": "ContainerConfiguration" + } + }, + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.AuthorizerConfiguration": { + "additionalProperties": false, + "properties": { + "CustomJWTAuthorizer": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.CustomJWTAuthorizerConfiguration", + "markdownDescription": "Represents inbound authorization configuration options used to authenticate incoming requests.", + "title": "CustomJWTAuthorizer" + } + }, + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.AuthorizingClaimMatchValueType": { + "additionalProperties": false, + "properties": { + "ClaimMatchOperator": { + "type": "string" + }, + "ClaimMatchValue": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.ClaimMatchValueType" + } + }, + "required": [ + "ClaimMatchOperator", + "ClaimMatchValue" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.ClaimMatchValueType": { + "additionalProperties": false, + "properties": { + "MatchValueString": { + "type": "string" + }, + "MatchValueStringList": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.Code": { + "additionalProperties": false, + "properties": { + "S3": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.S3Location", + "markdownDescription": "", + "title": "S3" + } + }, + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.CodeConfiguration": { + "additionalProperties": false, + "properties": { + "Code": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.Code", + "markdownDescription": "", + "title": "Code" + }, + "EntryPoint": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "EntryPoint", + "type": "array" + }, + "Runtime": { + "markdownDescription": "", + "title": "Runtime", + "type": "string" + } + }, + "required": [ + "Code", + "EntryPoint", + "Runtime" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.ContainerConfiguration": { + "additionalProperties": false, + "properties": { + "ContainerUri": { + "markdownDescription": "The container Uri.", + "title": "ContainerUri", + "type": "string" + } + }, + "required": [ + "ContainerUri" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.CustomClaimValidationType": { + "additionalProperties": false, + "properties": { + "AuthorizingClaimMatchValue": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.AuthorizingClaimMatchValueType" + }, + "InboundTokenClaimName": { + "type": "string" + }, + "InboundTokenClaimValueType": { + "type": "string" + } + }, + "required": [ + "AuthorizingClaimMatchValue", + "InboundTokenClaimName", + "InboundTokenClaimValueType" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.CustomJWTAuthorizerConfiguration": { + "additionalProperties": false, + "properties": { + "AllowedAudience": { + "items": { + "type": "string" + }, + "markdownDescription": "Represents inbound authorization configuration options used to authenticate incoming requests.", + "title": "AllowedAudience", + "type": "array" + }, + "AllowedClients": { + "items": { + "type": "string" + }, + "markdownDescription": "Represents individual client IDs that are validated in the incoming JWT token validation process.", + "title": "AllowedClients", + "type": "array" + }, + "AllowedScopes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "CustomClaims": { + "items": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.CustomClaimValidationType" + }, + "type": "array" + }, + "DiscoveryUrl": { + "markdownDescription": "The configuration authorization.", + "title": "DiscoveryUrl", + "type": "string" + } + }, + "required": [ + "DiscoveryUrl" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.LifecycleConfiguration": { + "additionalProperties": false, + "properties": { + "IdleRuntimeSessionTimeout": { + "markdownDescription": "", + "title": "IdleRuntimeSessionTimeout", + "type": "number" + }, + "MaxLifetime": { + "markdownDescription": "", + "title": "MaxLifetime", + "type": "number" + } + }, + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.NetworkConfiguration": { + "additionalProperties": false, + "properties": { + "NetworkMode": { + "markdownDescription": "The network mode.", + "title": "NetworkMode", + "type": "string" + }, + "NetworkModeConfig": { + "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime.VpcConfig", + "markdownDescription": "", + "title": "NetworkModeConfig" + } + }, + "required": [ + "NetworkMode" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.RequestHeaderConfiguration": { + "additionalProperties": false, + "properties": { + "RequestHeaderAllowlist": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "RequestHeaderAllowlist", + "type": "array" + } + }, + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.S3Location": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "", + "title": "Bucket", + "type": "string" + }, + "Prefix": { + "markdownDescription": "", + "title": "Prefix", + "type": "string" + }, + "VersionId": { + "markdownDescription": "", + "title": "VersionId", + "type": "string" + } + }, + "required": [ + "Bucket", + "Prefix" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.VpcConfig": { + "additionalProperties": false, + "properties": { + "SecurityGroups": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "SecurityGroups", + "type": "array" + }, + "Subnets": { + "items": { + "type": "string" + }, + "markdownDescription": "", + "title": "Subnets", + "type": "array" + } + }, + "required": [ + "SecurityGroups", + "Subnets" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::Runtime.WorkloadIdentityDetails": { + "additionalProperties": false, + "properties": { + "WorkloadIdentityArn": { + "markdownDescription": "The Amazon Resource Name (ARN) for the workload identity.", + "title": "WorkloadIdentityArn", + "type": "string" + } + }, + "required": [ + "WorkloadIdentityArn" + ], + "type": "object" + }, + "AWS::BedrockAgentCore::RuntimeEndpoint": { "additionalProperties": false, "properties": { "Condition": { @@ -46239,6 +47282,77 @@ ], "type": "object" }, + "AWS::BedrockMantle::Project": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::BedrockMantle::Project" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, "AWS::Billing::BillingView": { "additionalProperties": false, "properties": { @@ -48686,6 +49800,9 @@ "Properties": { "additionalProperties": false, "properties": { + "Attributes": { + "$ref": "#/definitions/AWS::Cases::Field.FieldAttributes" + }, "Description": { "markdownDescription": "Description of the field.", "title": "Description", @@ -48742,6 +49859,27 @@ ], "type": "object" }, + "AWS::Cases::Field.FieldAttributes": { + "additionalProperties": false, + "properties": { + "Text": { + "$ref": "#/definitions/AWS::Cases::Field.TextAttributes" + } + }, + "type": "object" + }, + "AWS::Cases::Field.TextAttributes": { + "additionalProperties": false, + "properties": { + "IsMultiline": { + "type": "boolean" + } + }, + "required": [ + "IsMultiline" + ], + "type": "object" + }, "AWS::Cases::Layout": { "additionalProperties": false, "properties": { @@ -51416,6 +52554,9 @@ "AWS::CleanRooms::ConfiguredTable.AthenaTableReference": { "additionalProperties": false, "properties": { + "CatalogName": { + "type": "string" + }, "DatabaseName": { "markdownDescription": "The database name.", "title": "DatabaseName", @@ -52655,7 +53796,7 @@ }, "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset": { + "AWS::CleanRoomsML::ConfiguredModelAlgorithm": { "additionalProperties": false, "properties": { "Condition": { @@ -52691,47 +53832,39 @@ "additionalProperties": false, "properties": { "Description": { - "markdownDescription": "The description of the training dataset.", - "title": "Description", + "type": "string" + }, + "InferenceContainerConfig": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithm.InferenceContainerConfig" + }, + "KmsKeyArn": { "type": "string" }, "Name": { - "markdownDescription": "The name of the training dataset.", - "title": "Name", "type": "string" }, "RoleArn": { - "markdownDescription": "The ARN of the IAM role that Clean Rooms ML can assume to read the data referred to in the `dataSource` field of each dataset.\n\nPassing a role across accounts is not allowed. If you pass a role that isn't in your account, you get an `AccessDeniedException` error.", - "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "The optional metadata that you apply to the resource to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50.\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8.\n- Maximum value length - 256 Unicode characters in UTF-8.\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for keys as it is reserved. You cannot edit or delete tag keys with this prefix. Values can have this prefix. If a tag value has `aws` as its prefix but the key does not, then Clean Rooms ML considers it to be a user tag and will count against the limit of 50 tags. Tags with only the key prefix of `aws` do not count against your tags per resource limit.", - "title": "Tags", "type": "array" }, - "TrainingData": { - "items": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.Dataset" - }, - "markdownDescription": "An array of information that lists the Dataset objects, which specifies the dataset type and details on its location and schema. You must provide a role that has read access to these tables.", - "title": "TrainingData", - "type": "array" + "TrainingContainerConfig": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithm.ContainerConfig" } }, "required": [ "Name", - "RoleArn", - "TrainingData" + "RoleArn" ], "type": "object" }, "Type": { "enum": [ - "AWS::CleanRoomsML::TrainingDataset" + "AWS::CleanRoomsML::ConfiguredModelAlgorithm" ], "type": "string" }, @@ -52750,251 +53883,685 @@ ], "type": "object" }, - "AWS::CleanRoomsML::TrainingDataset.ColumnSchema": { + "AWS::CleanRoomsML::ConfiguredModelAlgorithm.ContainerConfig": { "additionalProperties": false, "properties": { - "ColumnName": { - "markdownDescription": "The name of a column.", - "title": "ColumnName", - "type": "string" - }, - "ColumnTypes": { + "Arguments": { "items": { "type": "string" }, - "markdownDescription": "The data type of column.", - "title": "ColumnTypes", "type": "array" - } - }, - "required": [ - "ColumnName", - "ColumnTypes" - ], - "type": "object" - }, - "AWS::CleanRoomsML::TrainingDataset.DataSource": { - "additionalProperties": false, - "properties": { - "GlueDataSource": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.GlueDataSource", - "markdownDescription": "A GlueDataSource object that defines the catalog ID, database name, and table name for the training data.", - "title": "GlueDataSource" - } - }, - "required": [ - "GlueDataSource" - ], - "type": "object" - }, - "AWS::CleanRoomsML::TrainingDataset.Dataset": { - "additionalProperties": false, - "properties": { - "InputConfig": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig", - "markdownDescription": "A DatasetInputConfig object that defines the data source and schema mapping.", - "title": "InputConfig" - }, - "Type": { - "markdownDescription": "What type of information is found in the dataset.", - "title": "Type", - "type": "string" - } - }, - "required": [ - "InputConfig", - "Type" - ], - "type": "object" - }, - "AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig": { - "additionalProperties": false, - "properties": { - "DataSource": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DataSource", - "markdownDescription": "A DataSource object that specifies the Glue data source for the training data.", - "title": "DataSource" }, - "Schema": { + "Entrypoint": { "items": { - "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.ColumnSchema" + "type": "string" }, - "markdownDescription": "The schema information for the training data.", - "title": "Schema", "type": "array" - } - }, - "required": [ - "DataSource", - "Schema" - ], - "type": "object" - }, - "AWS::CleanRoomsML::TrainingDataset.GlueDataSource": { - "additionalProperties": false, - "properties": { - "CatalogId": { - "markdownDescription": "The Glue catalog that contains the training data.", - "title": "CatalogId", - "type": "string" }, - "DatabaseName": { - "markdownDescription": "The Glue database that contains the training data.", - "title": "DatabaseName", + "ImageUri": { "type": "string" }, - "TableName": { - "markdownDescription": "The Glue table that contains the training data.", - "title": "TableName", - "type": "string" + "MetricDefinitions": { + "items": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithm.MetricDefinition" + }, + "type": "array" } }, "required": [ - "DatabaseName", - "TableName" + "ImageUri" ], "type": "object" }, - "AWS::Cloud9::EnvironmentEC2": { + "AWS::CleanRoomsML::ConfiguredModelAlgorithm.InferenceContainerConfig": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AutomaticStopTimeMinutes": { - "markdownDescription": "The number of minutes until the running instance is shut down after the environment was last used.", - "title": "AutomaticStopTimeMinutes", - "type": "number" - }, - "ConnectionType": { - "markdownDescription": "The connection type used for connecting to an Amazon EC2 environment. Valid values are `CONNECT_SSH` (default) and `CONNECT_SSM` (connected through AWS Systems Manager ).", - "title": "ConnectionType", - "type": "string" - }, - "Description": { - "markdownDescription": "The description of the environment to create.", - "title": "Description", - "type": "string" - }, - "ImageId": { - "markdownDescription": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. To choose an AMI for the instance, you must specify a valid AMI alias or a valid AWS Systems Manager path.\n\nFrom December 04, 2023, you will be required to include the `ImageId` parameter for the `CreateEnvironmentEC2` action. This change will be reflected across all direct methods of communicating with the API, such as AWS SDK, AWS CLI and AWS CloudFormation. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nSince Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04.\n\n*AMI aliases*\n\n- Amazon Linux 2: `amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `ubuntu-22.04-x86_64`\n\n*SSM paths*\n\n- Amazon Linux 2: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`", - "title": "ImageId", - "type": "string" - }, - "InstanceType": { - "markdownDescription": "The type of instance to connect to the environment (for example, `t2.micro` ).", - "title": "InstanceType", - "type": "string" - }, - "Name": { - "markdownDescription": "The name of the environment.", - "title": "Name", - "type": "string" - }, - "OwnerArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the environment owner. This ARN can be the ARN of any AWS Identity and Access Management principal. If this value is not specified, the ARN defaults to this environment's creator.", - "title": "OwnerArn", - "type": "string" - }, - "Repositories": { - "items": { - "$ref": "#/definitions/AWS::Cloud9::EnvironmentEC2.Repository" - }, - "markdownDescription": "Any AWS CodeCommit source code repositories to be cloned into the development environment.", - "title": "Repositories", - "type": "array" - }, - "SubnetId": { - "markdownDescription": "The ID of the subnet in Amazon Virtual Private Cloud (Amazon VPC) that AWS Cloud9 will use to communicate with the Amazon Elastic Compute Cloud (Amazon EC2) instance.", - "title": "SubnetId", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/Tag" - }, - "markdownDescription": "An array of key-value pairs that will be associated with the new AWS Cloud9 development environment.", - "title": "Tags", - "type": "array" - } - }, - "required": [ - "ImageId", - "InstanceType" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::Cloud9::EnvironmentEC2" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], + "ImageUri": { "type": "string" } }, "required": [ - "Type", - "Properties" + "ImageUri" ], "type": "object" }, - "AWS::Cloud9::EnvironmentEC2.Repository": { + "AWS::CleanRoomsML::ConfiguredModelAlgorithm.MetricDefinition": { "additionalProperties": false, "properties": { - "PathComponent": { - "markdownDescription": "The path within the development environment's default file system location to clone the AWS CodeCommit repository into. For example, `/REPOSITORY_NAME` would clone the repository into the `/home/USER_NAME/environment/REPOSITORY_NAME` directory in the environment.", - "title": "PathComponent", + "Name": { "type": "string" }, - "RepositoryUrl": { - "markdownDescription": "The clone URL of the AWS CodeCommit repository to be cloned. For example, for an AWS CodeCommit repository this might be `https://git-codecommit.us-east-2.amazonaws.com/v1/repos/REPOSITORY_NAME` .", - "title": "RepositoryUrl", + "Regex": { "type": "string" } }, "required": [ - "PathComponent", - "RepositoryUrl" + "Name", + "Regex" ], "type": "object" }, - "AWS::CloudFormation::CustomResource": { + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConfiguredModelAlgorithmArn": { + "type": "string" + }, + "Description": { + "type": "string" + }, + "MembershipIdentifier": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "PrivacyConfiguration": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.PrivacyConfiguration" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "ConfiguredModelAlgorithmArn", + "MembershipIdentifier", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.CustomEntityConfig": { + "additionalProperties": false, + "properties": { + "CustomDataIdentifiers": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "CustomDataIdentifiers" + ], + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.LogRedactionConfiguration": { + "additionalProperties": false, + "properties": { + "CustomEntityConfig": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.CustomEntityConfig" + }, + "EntitiesToRedact": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "EntitiesToRedact" + ], + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.LogsConfigurationPolicy": { + "additionalProperties": false, + "properties": { + "AllowedAccountIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "FilterPattern": { + "type": "string" + }, + "LogRedactionConfiguration": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.LogRedactionConfiguration" + }, + "LogType": { + "type": "string" + } + }, + "required": [ + "AllowedAccountIds" + ], + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.MetricsConfigurationPolicy": { + "additionalProperties": false, + "properties": { + "NoiseLevel": { + "type": "string" + } + }, + "required": [ + "NoiseLevel" + ], + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.PrivacyConfiguration": { + "additionalProperties": false, + "properties": { + "Policies": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.PrivacyConfigurationPolicies" + } + }, + "required": [ + "Policies" + ], + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.PrivacyConfigurationPolicies": { + "additionalProperties": false, + "properties": { + "TrainedModelExports": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelExportsConfigurationPolicy" + }, + "TrainedModelInferenceJobs": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelInferenceJobsConfigurationPolicy" + }, + "TrainedModels": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelsConfigurationPolicy" + } + }, + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelArtifactMaxSize": { + "additionalProperties": false, + "properties": { + "Unit": { + "type": "string" + }, + "Value": { + "type": "number" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelExportsConfigurationPolicy": { + "additionalProperties": false, + "properties": { + "FilesToExport": { + "items": { + "type": "string" + }, + "type": "array" + }, + "MaxSize": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelExportsMaxSize" + } + }, + "required": [ + "FilesToExport", + "MaxSize" + ], + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelExportsMaxSize": { + "additionalProperties": false, + "properties": { + "Unit": { + "type": "string" + }, + "Value": { + "type": "number" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelInferenceJobsConfigurationPolicy": { + "additionalProperties": false, + "properties": { + "ContainerLogs": { + "items": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.LogsConfigurationPolicy" + }, + "type": "array" + }, + "MaxOutputSize": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelInferenceMaxOutputSize" + } + }, + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelInferenceMaxOutputSize": { + "additionalProperties": false, + "properties": { + "Unit": { + "type": "string" + }, + "Value": { + "type": "number" + } + }, + "required": [ + "Unit", + "Value" + ], + "type": "object" + }, + "AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelsConfigurationPolicy": { + "additionalProperties": false, + "properties": { + "ContainerLogs": { + "items": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.LogsConfigurationPolicy" + }, + "type": "array" + }, + "ContainerMetrics": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.MetricsConfigurationPolicy" + }, + "MaxArtifactSize": { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation.TrainedModelArtifactMaxSize" + } + }, + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "markdownDescription": "The description of the training dataset.", + "title": "Description", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the training dataset.", + "title": "Name", + "type": "string" + }, + "RoleArn": { + "markdownDescription": "The ARN of the IAM role that Clean Rooms ML can assume to read the data referred to in the `dataSource` field of each dataset.\n\nPassing a role across accounts is not allowed. If you pass a role that isn't in your account, you get an `AccessDeniedException` error.", + "title": "RoleArn", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "The optional metadata that you apply to the resource to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50.\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8.\n- Maximum value length - 256 Unicode characters in UTF-8.\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for keys as it is reserved. You cannot edit or delete tag keys with this prefix. Values can have this prefix. If a tag value has `aws` as its prefix but the key does not, then Clean Rooms ML considers it to be a user tag and will count against the limit of 50 tags. Tags with only the key prefix of `aws` do not count against your tags per resource limit.", + "title": "Tags", + "type": "array" + }, + "TrainingData": { + "items": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.Dataset" + }, + "markdownDescription": "An array of information that lists the Dataset objects, which specifies the dataset type and details on its location and schema. You must provide a role that has read access to these tables.", + "title": "TrainingData", + "type": "array" + } + }, + "required": [ + "Name", + "RoleArn", + "TrainingData" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CleanRoomsML::TrainingDataset" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset.ColumnSchema": { + "additionalProperties": false, + "properties": { + "ColumnName": { + "markdownDescription": "The name of a column.", + "title": "ColumnName", + "type": "string" + }, + "ColumnTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The data type of column.", + "title": "ColumnTypes", + "type": "array" + } + }, + "required": [ + "ColumnName", + "ColumnTypes" + ], + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset.DataSource": { + "additionalProperties": false, + "properties": { + "GlueDataSource": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.GlueDataSource", + "markdownDescription": "A GlueDataSource object that defines the catalog ID, database name, and table name for the training data.", + "title": "GlueDataSource" + } + }, + "required": [ + "GlueDataSource" + ], + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset.Dataset": { + "additionalProperties": false, + "properties": { + "InputConfig": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig", + "markdownDescription": "A DatasetInputConfig object that defines the data source and schema mapping.", + "title": "InputConfig" + }, + "Type": { + "markdownDescription": "What type of information is found in the dataset.", + "title": "Type", + "type": "string" + } + }, + "required": [ + "InputConfig", + "Type" + ], + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig": { + "additionalProperties": false, + "properties": { + "DataSource": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DataSource", + "markdownDescription": "A DataSource object that specifies the Glue data source for the training data.", + "title": "DataSource" + }, + "Schema": { + "items": { + "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.ColumnSchema" + }, + "markdownDescription": "The schema information for the training data.", + "title": "Schema", + "type": "array" + } + }, + "required": [ + "DataSource", + "Schema" + ], + "type": "object" + }, + "AWS::CleanRoomsML::TrainingDataset.GlueDataSource": { + "additionalProperties": false, + "properties": { + "CatalogId": { + "markdownDescription": "The Glue catalog that contains the training data.", + "title": "CatalogId", + "type": "string" + }, + "DatabaseName": { + "markdownDescription": "The Glue database that contains the training data.", + "title": "DatabaseName", + "type": "string" + }, + "TableName": { + "markdownDescription": "The Glue table that contains the training data.", + "title": "TableName", + "type": "string" + } + }, + "required": [ + "DatabaseName", + "TableName" + ], + "type": "object" + }, + "AWS::Cloud9::EnvironmentEC2": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AutomaticStopTimeMinutes": { + "markdownDescription": "The number of minutes until the running instance is shut down after the environment was last used.", + "title": "AutomaticStopTimeMinutes", + "type": "number" + }, + "ConnectionType": { + "markdownDescription": "The connection type used for connecting to an Amazon EC2 environment. Valid values are `CONNECT_SSH` (default) and `CONNECT_SSM` (connected through AWS Systems Manager ).", + "title": "ConnectionType", + "type": "string" + }, + "Description": { + "markdownDescription": "The description of the environment to create.", + "title": "Description", + "type": "string" + }, + "ImageId": { + "markdownDescription": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. To choose an AMI for the instance, you must specify a valid AMI alias or a valid AWS Systems Manager path.\n\nFrom December 04, 2023, you will be required to include the `ImageId` parameter for the `CreateEnvironmentEC2` action. This change will be reflected across all direct methods of communicating with the API, such as AWS SDK, AWS CLI and AWS CloudFormation. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nSince Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04.\n\n*AMI aliases*\n\n- Amazon Linux 2: `amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `ubuntu-22.04-x86_64`\n\n*SSM paths*\n\n- Amazon Linux 2: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`", + "title": "ImageId", + "type": "string" + }, + "InstanceType": { + "markdownDescription": "The type of instance to connect to the environment (for example, `t2.micro` ).", + "title": "InstanceType", + "type": "string" + }, + "Name": { + "markdownDescription": "The name of the environment.", + "title": "Name", + "type": "string" + }, + "OwnerArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the environment owner. This ARN can be the ARN of any AWS Identity and Access Management principal. If this value is not specified, the ARN defaults to this environment's creator.", + "title": "OwnerArn", + "type": "string" + }, + "Repositories": { + "items": { + "$ref": "#/definitions/AWS::Cloud9::EnvironmentEC2.Repository" + }, + "markdownDescription": "Any AWS CodeCommit source code repositories to be cloned into the development environment.", + "title": "Repositories", + "type": "array" + }, + "SubnetId": { + "markdownDescription": "The ID of the subnet in Amazon Virtual Private Cloud (Amazon VPC) that AWS Cloud9 will use to communicate with the Amazon Elastic Compute Cloud (Amazon EC2) instance.", + "title": "SubnetId", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of key-value pairs that will be associated with the new AWS Cloud9 development environment.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "ImageId", + "InstanceType" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Cloud9::EnvironmentEC2" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Cloud9::EnvironmentEC2.Repository": { + "additionalProperties": false, + "properties": { + "PathComponent": { + "markdownDescription": "The path within the development environment's default file system location to clone the AWS CodeCommit repository into. For example, `/REPOSITORY_NAME` would clone the repository into the `/home/USER_NAME/environment/REPOSITORY_NAME` directory in the environment.", + "title": "PathComponent", + "type": "string" + }, + "RepositoryUrl": { + "markdownDescription": "The clone URL of the AWS CodeCommit repository to be cloned. For example, for an AWS CodeCommit repository this might be `https://git-codecommit.us-east-2.amazonaws.com/v1/repos/REPOSITORY_NAME` .", + "title": "RepositoryUrl", + "type": "string" + } + }, + "required": [ + "PathComponent", + "RepositoryUrl" + ], + "type": "object" + }, + "AWS::CloudFormation::CustomResource": { "additionalProperties": false, "properties": { "Condition": { @@ -60478,10 +62045,6 @@ "type": "string" } }, - "required": [ - "ComparisonOperator", - "EvaluationPeriods" - ], "type": "object" }, "Type": { @@ -60500,8 +62063,7 @@ } }, "required": [ - "Type", - "Properties" + "Type" ], "type": "object" }, @@ -69722,7 +71284,7 @@ ], "type": "object" }, - "AWS::Config::AggregationAuthorization": { + "AWS::ComputeOptimizer::AutomationRule": { "additionalProperties": false, "properties": { "Condition": { @@ -69757,34 +71319,55 @@ "Properties": { "additionalProperties": false, "properties": { - "AuthorizedAccountId": { - "markdownDescription": "The 12-digit account ID of the account authorized to aggregate data.", - "title": "AuthorizedAccountId", + "Criteria": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.Criteria" + }, + "Description": { "type": "string" }, - "AuthorizedAwsRegion": { - "markdownDescription": "The region authorized to collect aggregated data.", - "title": "AuthorizedAwsRegion", + "Name": { + "type": "string" + }, + "OrganizationConfiguration": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.OrganizationConfiguration" + }, + "Priority": { + "type": "string" + }, + "RecommendedActionTypes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "RuleType": { + "type": "string" + }, + "Schedule": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.Schedule" + }, + "Status": { "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "An array of tag object.", - "title": "Tags", "type": "array" } }, "required": [ - "AuthorizedAccountId", - "AuthorizedAwsRegion" + "Name", + "RecommendedActionTypes", + "RuleType", + "Schedule", + "Status" ], "type": "object" }, "Type": { "enum": [ - "AWS::Config::AggregationAuthorization" + "AWS::ComputeOptimizer::AutomationRule" ], "type": "string" }, @@ -69803,241 +71386,469 @@ ], "type": "object" }, - "AWS::Config::ConfigRule": { + "AWS::ComputeOptimizer::AutomationRule.Criteria": { "additionalProperties": false, "properties": { - "Condition": { - "type": "string" + "EbsVolumeSizeInGib": { + "items": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.IntegerCriteriaCondition" + }, + "type": "array" }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "EbsVolumeType": { + "items": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.StringCriteriaCondition" + }, + "type": "array" }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] + "EstimatedMonthlySavings": { + "items": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.DoubleCriteriaCondition" + }, + "type": "array" }, - "Metadata": { - "type": "object" + "LookBackPeriodInDays": { + "items": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.IntegerCriteriaCondition" + }, + "type": "array" }, - "Properties": { - "additionalProperties": false, - "properties": { - "Compliance": { - "$ref": "#/definitions/AWS::Config::ConfigRule.Compliance", - "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant and provides the number of contributors that affect the compliance.", - "title": "Compliance" - }, - "ConfigRuleName": { - "markdownDescription": "A name for the AWS Config rule. If you don't specify a name, CloudFormation generates a unique physical ID and uses that ID for the rule name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .", - "title": "ConfigRuleName", - "type": "string" - }, - "Description": { - "markdownDescription": "The description that you provide for the AWS Config rule.", - "title": "Description", - "type": "string" - }, - "EvaluationModes": { - "items": { - "$ref": "#/definitions/AWS::Config::ConfigRule.EvaluationModeConfiguration" - }, - "markdownDescription": "The modes the AWS Config rule can be evaluated in. The valid values are distinct objects. By default, the value is Detective evaluation mode only.", - "title": "EvaluationModes", - "type": "array" - }, - "InputParameters": { - "markdownDescription": "A string, in JSON format, that is passed to the AWS Config rule Lambda function.", - "title": "InputParameters", - "type": "object" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. You can specify a value for `MaximumExecutionFrequency` when:\n\n- You are using an AWS managed rule that is triggered at a periodic frequency.\n- Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see [ConfigSnapshotDeliveryProperties](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html) .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", - "title": "MaximumExecutionFrequency", - "type": "string" - }, - "Scope": { - "$ref": "#/definitions/AWS::Config::ConfigRule.Scope", - "markdownDescription": "Defines which resources can trigger an evaluation for the rule. The scope can include one or more resource types, a combination of one resource type and one resource ID, or a combination of a tag key and value. Specify a scope to constrain the resources that can trigger an evaluation for the rule. If you do not specify a scope, evaluations are triggered when any resource in the recording group changes.", - "title": "Scope" - }, - "Source": { - "$ref": "#/definitions/AWS::Config::ConfigRule.Source", - "markdownDescription": "Provides the rule owner ( `AWS` for managed rules, `CUSTOM_POLICY` for Custom Policy rules, and `CUSTOM_LAMBDA` for Custom Lambda rules), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.", - "title": "Source" - } + "Region": { + "items": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.StringCriteriaCondition" }, - "required": [ - "Source" - ], - "type": "object" + "type": "array" }, - "Type": { - "enum": [ - "AWS::Config::ConfigRule" - ], - "type": "string" + "ResourceArn": { + "items": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.StringCriteriaCondition" + }, + "type": "array" }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" + "ResourceTag": { + "items": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.ResourceTagsCriteriaCondition" + }, + "type": "array" + }, + "RestartNeeded": { + "items": { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule.StringCriteriaCondition" + }, + "type": "array" } }, - "required": [ - "Type", - "Properties" - ], "type": "object" }, - "AWS::Config::ConfigRule.Compliance": { + "AWS::ComputeOptimizer::AutomationRule.DoubleCriteriaCondition": { "additionalProperties": false, "properties": { - "Type": { - "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant.\n\nA resource is compliant if it complies with all of the AWS Config rules that evaluate it. A resource is noncompliant if it does not comply with one or more of these rules.\n\nA rule is compliant if all of the resources that the rule evaluates comply with it. A rule is noncompliant if any of these resources do not comply.\n\nAWS Config returns the `INSUFFICIENT_DATA` value when no evaluation results are available for the AWS resource or AWS Config rule.\n\nFor the `Compliance` data type, AWS Config supports only `COMPLIANT` , `NON_COMPLIANT` , and `INSUFFICIENT_DATA` values. AWS Config does not support the `NOT_APPLICABLE` value for the `Compliance` data type.", - "title": "Type", + "Comparison": { "type": "string" + }, + "Values": { + "items": { + "type": "number" + }, + "type": "array" } }, "type": "object" }, - "AWS::Config::ConfigRule.CustomPolicyDetails": { + "AWS::ComputeOptimizer::AutomationRule.IntegerCriteriaCondition": { "additionalProperties": false, "properties": { - "EnableDebugLogDelivery": { - "markdownDescription": "The boolean expression for enabling debug logging for your AWS Config Custom Policy rule. The default value is `false` .", - "title": "EnableDebugLogDelivery", - "type": "boolean" - }, - "PolicyRuntime": { - "markdownDescription": "The runtime system for your AWS Config Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", - "title": "PolicyRuntime", + "Comparison": { "type": "string" }, - "PolicyText": { - "markdownDescription": "The policy definition containing the logic for your AWS Config Custom Policy rule.", - "title": "PolicyText", - "type": "string" + "Values": { + "items": { + "type": "number" + }, + "type": "array" } }, "type": "object" }, - "AWS::Config::ConfigRule.EvaluationModeConfiguration": { + "AWS::ComputeOptimizer::AutomationRule.OrganizationConfiguration": { "additionalProperties": false, "properties": { - "Mode": { - "markdownDescription": "The mode of an evaluation. The valid values are Detective or Proactive.", - "title": "Mode", + "AccountIds": { + "items": { + "type": "string" + }, + "type": "array" + }, + "RuleApplyOrder": { "type": "string" } }, "type": "object" }, - "AWS::Config::ConfigRule.Scope": { + "AWS::ComputeOptimizer::AutomationRule.ResourceTagsCriteriaCondition": { "additionalProperties": false, "properties": { - "ComplianceResourceId": { - "markdownDescription": "The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for `ComplianceResourceTypes` .", - "title": "ComplianceResourceId", + "Comparison": { "type": "string" }, - "ComplianceResourceTypes": { + "Key": { + "type": "string" + }, + "Values": { "items": { "type": "string" }, - "markdownDescription": "The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for `ComplianceResourceId` .", - "title": "ComplianceResourceTypes", "type": "array" - }, - "TagKey": { - "markdownDescription": "The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule.", - "title": "TagKey", - "type": "string" - }, - "TagValue": { - "markdownDescription": "The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for `TagValue` , you must also specify a value for `TagKey` .", - "title": "TagValue", - "type": "string" } }, "type": "object" }, - "AWS::Config::ConfigRule.Source": { + "AWS::ComputeOptimizer::AutomationRule.Schedule": { "additionalProperties": false, "properties": { - "CustomPolicyDetails": { - "$ref": "#/definitions/AWS::Config::ConfigRule.CustomPolicyDetails", - "markdownDescription": "Provides the runtime system, policy definition, and whether debug logging is enabled. Required when owner is set to `CUSTOM_POLICY` .", - "title": "CustomPolicyDetails" + "ExecutionWindowInMinutes": { + "type": "number" }, - "Owner": { - "markdownDescription": "Indicates whether AWS or the customer owns and manages the AWS Config rule.\n\nAWS Config Managed Rules are predefined rules owned by AWS . For more information, see [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) in the *AWS Config developer guide* .\n\nAWS Config Custom Rules are rules that you can develop either with Guard ( `CUSTOM_POLICY` ) or AWS Lambda ( `CUSTOM_LAMBDA` ). For more information, see [AWS Config Custom Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html) in the *AWS Config developer guide* .", - "title": "Owner", + "ScheduleExpression": { "type": "string" }, - "SourceDetails": { - "items": { - "$ref": "#/definitions/AWS::Config::ConfigRule.SourceDetail" - }, - "markdownDescription": "Provides the source and the message types that cause AWS Config to evaluate your AWS resources against a rule. It also provides the frequency with which you want AWS Config to run evaluations for the rule if the trigger type is periodic.\n\nIf the owner is set to `CUSTOM_POLICY` , the only acceptable values for the AWS Config rule trigger message type are `ConfigurationItemChangeNotification` and `OversizedConfigurationItemChangeNotification` .", - "title": "SourceDetails", - "type": "array" - }, - "SourceIdentifier": { - "markdownDescription": "For AWS Config Managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) .\n\nFor AWS Config Custom Lambda rules, the identifier is the Amazon Resource Name (ARN) of the rule's AWS Lambda function, such as `arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name` .\n\nFor AWS Config Custom Policy rules, this field will be ignored.", - "title": "SourceIdentifier", + "ScheduleExpressionTimezone": { "type": "string" } }, - "required": [ - "Owner" - ], "type": "object" }, - "AWS::Config::ConfigRule.SourceDetail": { + "AWS::ComputeOptimizer::AutomationRule.StringCriteriaCondition": { "additionalProperties": false, "properties": { - "EventSource": { - "markdownDescription": "The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.", - "title": "EventSource", - "type": "string" - }, - "MaximumExecutionFrequency": { - "markdownDescription": "The frequency at which you want AWS Config to run evaluations for a custom rule with a periodic trigger. If you specify a value for `MaximumExecutionFrequency` , then `MessageType` must use the `ScheduledNotification` value.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.\n> \n> Based on the valid value you choose, AWS Config runs evaluations once for each valid value. For example, if you choose `Three_Hours` , AWS Config runs evaluations once every three hours. In this case, `Three_Hours` is the frequency of this rule.", - "title": "MaximumExecutionFrequency", + "Comparison": { "type": "string" }, - "MessageType": { - "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .\n- `ConfigurationSnapshotDeliveryCompleted` - Triggers a periodic evaluation when AWS Config delivers a configuration snapshot.\n\nIf you want your custom rule to be triggered by configuration changes, specify two SourceDetail objects, one for `ConfigurationItemChangeNotification` and one for `OversizedConfigurationItemChangeNotification` .", - "title": "MessageType", - "type": "string" + "Values": { + "items": { + "type": "string" + }, + "type": "array" } }, - "required": [ - "EventSource", - "MessageType" - ], "type": "object" }, - "AWS::Config::ConfigurationAggregator": { + "AWS::Config::AggregationAuthorization": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AuthorizedAccountId": { + "markdownDescription": "The 12-digit account ID of the account authorized to aggregate data.", + "title": "AuthorizedAccountId", + "type": "string" + }, + "AuthorizedAwsRegion": { + "markdownDescription": "The region authorized to collect aggregated data.", + "title": "AuthorizedAwsRegion", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "An array of tag object.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "AuthorizedAccountId", + "AuthorizedAwsRegion" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Config::AggregationAuthorization" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Config::ConfigRule": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Compliance": { + "$ref": "#/definitions/AWS::Config::ConfigRule.Compliance", + "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant and provides the number of contributors that affect the compliance.", + "title": "Compliance" + }, + "ConfigRuleName": { + "markdownDescription": "A name for the AWS Config rule. If you don't specify a name, CloudFormation generates a unique physical ID and uses that ID for the rule name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .", + "title": "ConfigRuleName", + "type": "string" + }, + "Description": { + "markdownDescription": "The description that you provide for the AWS Config rule.", + "title": "Description", + "type": "string" + }, + "EvaluationModes": { + "items": { + "$ref": "#/definitions/AWS::Config::ConfigRule.EvaluationModeConfiguration" + }, + "markdownDescription": "The modes the AWS Config rule can be evaluated in. The valid values are distinct objects. By default, the value is Detective evaluation mode only.", + "title": "EvaluationModes", + "type": "array" + }, + "InputParameters": { + "markdownDescription": "A string, in JSON format, that is passed to the AWS Config rule Lambda function.", + "title": "InputParameters", + "type": "object" + }, + "MaximumExecutionFrequency": { + "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. You can specify a value for `MaximumExecutionFrequency` when:\n\n- You are using an AWS managed rule that is triggered at a periodic frequency.\n- Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see [ConfigSnapshotDeliveryProperties](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html) .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", + "title": "MaximumExecutionFrequency", + "type": "string" + }, + "Scope": { + "$ref": "#/definitions/AWS::Config::ConfigRule.Scope", + "markdownDescription": "Defines which resources can trigger an evaluation for the rule. The scope can include one or more resource types, a combination of one resource type and one resource ID, or a combination of a tag key and value. Specify a scope to constrain the resources that can trigger an evaluation for the rule. If you do not specify a scope, evaluations are triggered when any resource in the recording group changes.", + "title": "Scope" + }, + "Source": { + "$ref": "#/definitions/AWS::Config::ConfigRule.Source", + "markdownDescription": "Provides the rule owner ( `AWS` for managed rules, `CUSTOM_POLICY` for Custom Policy rules, and `CUSTOM_LAMBDA` for Custom Lambda rules), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.", + "title": "Source" + } + }, + "required": [ + "Source" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Config::ConfigRule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Config::ConfigRule.Compliance": { + "additionalProperties": false, + "properties": { + "Type": { + "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant.\n\nA resource is compliant if it complies with all of the AWS Config rules that evaluate it. A resource is noncompliant if it does not comply with one or more of these rules.\n\nA rule is compliant if all of the resources that the rule evaluates comply with it. A rule is noncompliant if any of these resources do not comply.\n\nAWS Config returns the `INSUFFICIENT_DATA` value when no evaluation results are available for the AWS resource or AWS Config rule.\n\nFor the `Compliance` data type, AWS Config supports only `COMPLIANT` , `NON_COMPLIANT` , and `INSUFFICIENT_DATA` values. AWS Config does not support the `NOT_APPLICABLE` value for the `Compliance` data type.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Config::ConfigRule.CustomPolicyDetails": { + "additionalProperties": false, + "properties": { + "EnableDebugLogDelivery": { + "markdownDescription": "The boolean expression for enabling debug logging for your AWS Config Custom Policy rule. The default value is `false` .", + "title": "EnableDebugLogDelivery", + "type": "boolean" + }, + "PolicyRuntime": { + "markdownDescription": "The runtime system for your AWS Config Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", + "title": "PolicyRuntime", + "type": "string" + }, + "PolicyText": { + "markdownDescription": "The policy definition containing the logic for your AWS Config Custom Policy rule.", + "title": "PolicyText", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Config::ConfigRule.EvaluationModeConfiguration": { + "additionalProperties": false, + "properties": { + "Mode": { + "markdownDescription": "The mode of an evaluation. The valid values are Detective or Proactive.", + "title": "Mode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Config::ConfigRule.Scope": { + "additionalProperties": false, + "properties": { + "ComplianceResourceId": { + "markdownDescription": "The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for `ComplianceResourceTypes` .", + "title": "ComplianceResourceId", + "type": "string" + }, + "ComplianceResourceTypes": { + "items": { + "type": "string" + }, + "markdownDescription": "The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for `ComplianceResourceId` .", + "title": "ComplianceResourceTypes", + "type": "array" + }, + "TagKey": { + "markdownDescription": "The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule.", + "title": "TagKey", + "type": "string" + }, + "TagValue": { + "markdownDescription": "The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for `TagValue` , you must also specify a value for `TagKey` .", + "title": "TagValue", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Config::ConfigRule.Source": { + "additionalProperties": false, + "properties": { + "CustomPolicyDetails": { + "$ref": "#/definitions/AWS::Config::ConfigRule.CustomPolicyDetails", + "markdownDescription": "Provides the runtime system, policy definition, and whether debug logging is enabled. Required when owner is set to `CUSTOM_POLICY` .", + "title": "CustomPolicyDetails" + }, + "Owner": { + "markdownDescription": "Indicates whether AWS or the customer owns and manages the AWS Config rule.\n\nAWS Config Managed Rules are predefined rules owned by AWS . For more information, see [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) in the *AWS Config developer guide* .\n\nAWS Config Custom Rules are rules that you can develop either with Guard ( `CUSTOM_POLICY` ) or AWS Lambda ( `CUSTOM_LAMBDA` ). For more information, see [AWS Config Custom Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html) in the *AWS Config developer guide* .", + "title": "Owner", + "type": "string" + }, + "SourceDetails": { + "items": { + "$ref": "#/definitions/AWS::Config::ConfigRule.SourceDetail" + }, + "markdownDescription": "Provides the source and the message types that cause AWS Config to evaluate your AWS resources against a rule. It also provides the frequency with which you want AWS Config to run evaluations for the rule if the trigger type is periodic.\n\nIf the owner is set to `CUSTOM_POLICY` , the only acceptable values for the AWS Config rule trigger message type are `ConfigurationItemChangeNotification` and `OversizedConfigurationItemChangeNotification` .", + "title": "SourceDetails", + "type": "array" + }, + "SourceIdentifier": { + "markdownDescription": "For AWS Config Managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) .\n\nFor AWS Config Custom Lambda rules, the identifier is the Amazon Resource Name (ARN) of the rule's AWS Lambda function, such as `arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name` .\n\nFor AWS Config Custom Policy rules, this field will be ignored.", + "title": "SourceIdentifier", + "type": "string" + } + }, + "required": [ + "Owner" + ], + "type": "object" + }, + "AWS::Config::ConfigRule.SourceDetail": { + "additionalProperties": false, + "properties": { + "EventSource": { + "markdownDescription": "The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.", + "title": "EventSource", + "type": "string" + }, + "MaximumExecutionFrequency": { + "markdownDescription": "The frequency at which you want AWS Config to run evaluations for a custom rule with a periodic trigger. If you specify a value for `MaximumExecutionFrequency` , then `MessageType` must use the `ScheduledNotification` value.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.\n> \n> Based on the valid value you choose, AWS Config runs evaluations once for each valid value. For example, if you choose `Three_Hours` , AWS Config runs evaluations once every three hours. In this case, `Three_Hours` is the frequency of this rule.", + "title": "MaximumExecutionFrequency", + "type": "string" + }, + "MessageType": { + "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .\n- `ConfigurationSnapshotDeliveryCompleted` - Triggers a periodic evaluation when AWS Config delivers a configuration snapshot.\n\nIf you want your custom rule to be triggered by configuration changes, specify two SourceDetail objects, one for `ConfigurationItemChangeNotification` and one for `OversizedConfigurationItemChangeNotification` .", + "title": "MessageType", + "type": "string" + } + }, + "required": [ + "EventSource", + "MessageType" + ], + "type": "object" + }, + "AWS::Config::ConfigurationAggregator": { "additionalProperties": false, "properties": { "Condition": { @@ -71682,6 +73493,150 @@ ], "type": "object" }, + "AWS::Connect::ContactFlowModuleAlias": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ContactFlowModuleId": { + "type": "string" + }, + "ContactFlowModuleVersion": { + "type": "number" + }, + "Description": { + "type": "string" + }, + "Name": { + "type": "string" + } + }, + "required": [ + "ContactFlowModuleId", + "ContactFlowModuleVersion", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Connect::ContactFlowModuleAlias" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Connect::ContactFlowModuleVersion": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ContactFlowModuleId": { + "type": "string" + }, + "Description": { + "type": "string" + } + }, + "required": [ + "ContactFlowModuleId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Connect::ContactFlowModuleVersion" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, "AWS::Connect::ContactFlowVersion": { "additionalProperties": false, "properties": { @@ -74415,6 +76370,12 @@ "Properties": { "additionalProperties": false, "properties": { + "AdditionalEmailAddresses": { + "items": { + "$ref": "#/definitions/AWS::Connect::Queue.EmailAddress" + }, + "type": "array" + }, "Description": { "markdownDescription": "The description of the queue.", "title": "Description", @@ -74500,6 +76461,18 @@ ], "type": "object" }, + "AWS::Connect::Queue.EmailAddress": { + "additionalProperties": false, + "properties": { + "EmailAddressArn": { + "type": "string" + } + }, + "required": [ + "EmailAddressArn" + ], + "type": "object" + }, "AWS::Connect::Queue.OutboundCallerConfig": { "additionalProperties": false, "properties": { @@ -75476,6 +77449,12 @@ "title": "AllowedAccessControlTags", "type": "array" }, + "AllowedFlowModules": { + "items": { + "$ref": "#/definitions/AWS::Connect::SecurityProfile.FlowModule" + }, + "type": "array" + }, "Applications": { "items": { "$ref": "#/definitions/AWS::Connect::SecurityProfile.Application" @@ -75579,6 +77558,9 @@ "markdownDescription": "Namespace of the application that you want to give access to.", "title": "Namespace", "type": "string" + }, + "Type": { + "type": "string" } }, "required": [ @@ -75598,6 +77580,22 @@ }, "type": "object" }, + "AWS::Connect::SecurityProfile.FlowModule": { + "additionalProperties": false, + "properties": { + "FlowModuleId": { + "type": "string" + }, + "Type": { + "type": "string" + } + }, + "required": [ + "FlowModuleId", + "Type" + ], + "type": "object" + }, "AWS::Connect::SecurityProfile.GranularAccessControlConfiguration": { "additionalProperties": false, "properties": { @@ -79564,6 +81562,9 @@ "title": "ObjectTypeNames", "type": "array" }, + "Scope": { + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -80084,6 +82085,9 @@ "title": "SourceLastUpdatedTimestampFormat", "type": "string" }, + "SourcePriority": { + "type": "number" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -80204,6 +82208,187 @@ }, "type": "object" }, + "AWS::CustomerProfiles::Recommender": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Description": { + "type": "string" + }, + "DomainName": { + "type": "string" + }, + "RecommenderConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Recommender.RecommenderConfig" + }, + "RecommenderName": { + "type": "string" + }, + "RecommenderRecipeName": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "DomainName", + "RecommenderName", + "RecommenderRecipeName" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::CustomerProfiles::Recommender" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Recommender.EventParameters": { + "additionalProperties": false, + "properties": { + "EventType": { + "type": "string" + }, + "EventValueThreshold": { + "type": "number" + } + }, + "required": [ + "EventType" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Recommender.EventsConfig": { + "additionalProperties": false, + "properties": { + "EventParametersList": { + "items": { + "$ref": "#/definitions/AWS::CustomerProfiles::Recommender.EventParameters" + }, + "type": "array" + } + }, + "required": [ + "EventParametersList" + ], + "type": "object" + }, + "AWS::CustomerProfiles::Recommender.Metrics": { + "additionalProperties": false, + "properties": { + "coverage": { + "type": "number" + }, + "freshness": { + "type": "number" + }, + "hit": { + "type": "number" + }, + "popularity": { + "type": "number" + }, + "recall": { + "type": "number" + }, + "similarity": { + "type": "number" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::Recommender.RecommenderConfig": { + "additionalProperties": false, + "properties": { + "EventsConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Recommender.EventsConfig" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::Recommender.RecommenderUpdate": { + "additionalProperties": false, + "properties": { + "CreationDateTime": { + "type": "string" + }, + "FailureReason": { + "type": "string" + }, + "LastUpdatedDateTime": { + "type": "string" + }, + "RecommenderConfig": { + "$ref": "#/definitions/AWS::CustomerProfiles::Recommender.RecommenderConfig" + }, + "Status": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::CustomerProfiles::Recommender.TrainingMetrics": { + "additionalProperties": false, + "properties": { + "Metrics": { + "$ref": "#/definitions/AWS::CustomerProfiles::Recommender.Metrics" + }, + "Time": { + "type": "string" + } + }, + "type": "object" + }, "AWS::CustomerProfiles::SegmentDefinition": { "additionalProperties": false, "properties": { @@ -81494,6 +83679,12 @@ "AWS::DLM::LifecyclePolicy.FastRestoreRule": { "additionalProperties": false, "properties": { + "AvailabilityZoneIds": { + "items": { + "type": "string" + }, + "type": "array" + }, "AvailabilityZones": { "items": { "type": "string" @@ -88258,6 +90449,46 @@ ], "type": "object" }, + "AWS::DataSync::LocationFSxONTAP.CmkSecretConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::LocationFSxONTAP.CustomSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretAccessRoleArn": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "required": [ + "SecretAccessRoleArn", + "SecretArn" + ], + "type": "object" + }, + "AWS::DataSync::LocationFSxONTAP.ManagedSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretArn": { + "type": "string" + } + }, + "required": [ + "SecretArn" + ], + "type": "object" + }, "AWS::DataSync::LocationFSxONTAP.NFS": { "additionalProperties": false, "properties": { @@ -88302,11 +90533,20 @@ "AWS::DataSync::LocationFSxONTAP.SMB": { "additionalProperties": false, "properties": { + "CmkSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.CmkSecretConfig" + }, + "CustomSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.CustomSecretConfig" + }, "Domain": { "markdownDescription": "Specifies the name of the Windows domain that your storage virtual machine (SVM) belongs to.\n\nIf you have multiple domains in your environment, configuring this setting makes sure that DataSync connects to the right SVM.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right SVM.", "title": "Domain", "type": "string" }, + "ManagedSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.ManagedSecretConfig" + }, "MountOptions": { "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.SmbMountOptions", "markdownDescription": "Specifies how DataSync can access a location using the SMB protocol.", @@ -88325,7 +90565,6 @@ }, "required": [ "MountOptions", - "Password", "User" ], "type": "object" @@ -88506,6 +90745,12 @@ "Properties": { "additionalProperties": false, "properties": { + "CmkSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxWindows.CmkSecretConfig" + }, + "CustomSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationFSxWindows.CustomSecretConfig" + }, "Domain": { "markdownDescription": "Specifies the name of the Windows domain that the FSx for Windows File Server file system belongs to.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right file system.", "title": "Domain", @@ -88575,6 +90820,46 @@ ], "type": "object" }, + "AWS::DataSync::LocationFSxWindows.CmkSecretConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::LocationFSxWindows.CustomSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretAccessRoleArn": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "required": [ + "SecretAccessRoleArn", + "SecretArn" + ], + "type": "object" + }, + "AWS::DataSync::LocationFSxWindows.ManagedSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretArn": { + "type": "string" + } + }, + "required": [ + "SecretArn" + ], + "type": "object" + }, "AWS::DataSync::LocationHDFS": { "additionalProperties": false, "properties": { @@ -88628,6 +90913,12 @@ "title": "BlockSize", "type": "number" }, + "CmkSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationHDFS.CmkSecretConfig" + }, + "CustomSecretConfig": { + "$ref": "#/definitions/AWS::DataSync::LocationHDFS.CustomSecretConfig" + }, "KerberosKeytab": { "markdownDescription": "The Kerberos key table (keytab) that contains mappings between the defined Kerberos principal and the encrypted keys. Provide the base64-encoded file text. If `KERBEROS` is specified for `AuthType` , this value is required.", "title": "KerberosKeytab", @@ -88713,6 +91004,46 @@ ], "type": "object" }, + "AWS::DataSync::LocationHDFS.CmkSecretConfig": { + "additionalProperties": false, + "properties": { + "KmsKeyArn": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::DataSync::LocationHDFS.CustomSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretAccessRoleArn": { + "type": "string" + }, + "SecretArn": { + "type": "string" + } + }, + "required": [ + "SecretAccessRoleArn", + "SecretArn" + ], + "type": "object" + }, + "AWS::DataSync::LocationHDFS.ManagedSecretConfig": { + "additionalProperties": false, + "properties": { + "SecretArn": { + "type": "string" + } + }, + "required": [ + "SecretArn" + ], + "type": "object" + }, "AWS::DataSync::LocationHDFS.NameNode": { "additionalProperties": false, "properties": { @@ -93266,6 +95597,9 @@ "Properties": { "additionalProperties": false, "properties": { + "CostScaleFactor": { + "type": "number" + }, "Description": { "markdownDescription": "A description of the farm that helps identify what the farm is used for.\n\n> This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field.", "title": "Description", @@ -95080,6 +97414,9 @@ "title": "Description", "type": "string" }, + "KmsKeyArn": { + "type": "string" + }, "Name": { "markdownDescription": "The name of the Agent Space.", "title": "Name", @@ -95087,6 +97424,12 @@ }, "OperatorApp": { "$ref": "#/definitions/AWS::DevOpsAgent::AgentSpace.OperatorApp" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" } }, "required": [ @@ -95780,11 +98123,20 @@ "Properties": { "additionalProperties": false, "properties": { + "KmsKeyArn": { + "type": "string" + }, "ServiceDetails": { "$ref": "#/definitions/AWS::DevOpsAgent::Service.ServiceDetails" }, "ServiceType": { "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" } }, "required": [ @@ -96537,7 +98889,7 @@ }, "type": "object" }, - "AWS::DirectoryService::MicrosoftAD": { + "AWS::DirectConnect::Connection": { "additionalProperties": false, "properties": { "Condition": { @@ -96572,52 +98924,41 @@ "Properties": { "additionalProperties": false, "properties": { - "CreateAlias": { - "markdownDescription": "Specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, CloudFormation does not create an alias.\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", - "title": "CreateAlias", - "type": "boolean" - }, - "Edition": { - "markdownDescription": "AWS Managed Microsoft AD is available in two editions: `Standard` and `Enterprise` . `Enterprise` is the default.", - "title": "Edition", + "Bandwidth": { "type": "string" }, - "EnableSso": { - "markdownDescription": "Whether to enable single sign-on for a Microsoft Active Directory in AWS . Single sign-on allows users in your directory to access certain AWS services from a computer joined to the directory without having to enter their credentials separately. If you don't specify a value, CloudFormation disables single sign-on by default.", - "title": "EnableSso", - "type": "boolean" + "ConnectionName": { + "type": "string" }, - "Name": { - "markdownDescription": "The fully qualified domain name for the AWS Managed Microsoft AD directory, such as `corp.example.com` . This name will resolve inside your VPC only. It does not need to be publicly resolvable.", - "title": "Name", + "LagId": { "type": "string" }, - "Password": { - "markdownDescription": "The password for the default administrative user named `Admin` .\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *Directory Service API Reference* .", - "title": "Password", + "Location": { "type": "string" }, - "ShortName": { - "markdownDescription": "The NetBIOS name for your domain, such as `CORP` . If you don't specify a NetBIOS name, it will default to the first part of your directory DNS. For example, `CORP` for the directory DNS `corp.example.com` .", - "title": "ShortName", + "ProviderName": { "type": "string" }, - "VpcSettings": { - "$ref": "#/definitions/AWS::DirectoryService::MicrosoftAD.VpcSettings", - "markdownDescription": "Specifies the VPC settings of the Microsoft AD directory server in AWS .", - "title": "VpcSettings" + "RequestMACSec": { + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" } }, "required": [ - "Name", - "Password", - "VpcSettings" + "Bandwidth", + "ConnectionName", + "Location" ], "type": "object" }, "Type": { "enum": [ - "AWS::DirectoryService::MicrosoftAD" + "AWS::DirectConnect::Connection" ], "type": "string" }, @@ -96636,30 +98977,748 @@ ], "type": "object" }, - "AWS::DirectoryService::MicrosoftAD.VpcSettings": { + "AWS::DirectConnect::DirectConnectGateway": { "additionalProperties": false, "properties": { - "SubnetIds": { - "items": { - "type": "string" + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AmazonSideAsn": { + "type": "string" + }, + "DirectConnectGatewayName": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } }, - "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. Directory Service specifies a directory server and a DNS server in each of these subnets.", - "title": "SubnetIds", - "type": "array" + "required": [ + "DirectConnectGatewayName" + ], + "type": "object" }, - "VpcId": { - "markdownDescription": "The identifier of the VPC in which to create the directory.", - "title": "VpcId", + "Type": { + "enum": [ + "AWS::DirectConnect::DirectConnectGateway" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" } }, "required": [ - "SubnetIds", - "VpcId" + "Type", + "Properties" ], "type": "object" }, - "AWS::DirectoryService::SimpleAD": { + "AWS::DirectConnect::DirectConnectGatewayAssociation": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AcceptDirectConnectGatewayAssociationProposalRoleArn": { + "type": "string" + }, + "AllowedPrefixesToDirectConnectGateway": { + "items": { + "type": "string" + }, + "type": "array" + }, + "AssociatedGatewayId": { + "type": "string" + }, + "DirectConnectGatewayId": { + "type": "string" + } + }, + "required": [ + "AssociatedGatewayId", + "DirectConnectGatewayId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DirectConnect::DirectConnectGatewayAssociation" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::DirectConnect::Lag": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ConnectionsBandwidth": { + "type": "string" + }, + "LagName": { + "type": "string" + }, + "Location": { + "type": "string" + }, + "MinimumLinks": { + "type": "number" + }, + "ProviderName": { + "type": "string" + }, + "RequestMACSec": { + "type": "boolean" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "ConnectionsBandwidth", + "LagName", + "Location" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DirectConnect::Lag" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::DirectConnect::PrivateVirtualInterface": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllocatePrivateVirtualInterfaceRoleArn": { + "type": "string" + }, + "BgpPeers": { + "items": { + "$ref": "#/definitions/AWS::DirectConnect::PrivateVirtualInterface.BgpPeer" + }, + "type": "array" + }, + "ConnectionId": { + "type": "string" + }, + "DirectConnectGatewayId": { + "type": "string" + }, + "EnableSiteLink": { + "type": "boolean" + }, + "Mtu": { + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, + "VirtualGatewayId": { + "type": "string" + }, + "VirtualInterfaceName": { + "type": "string" + }, + "Vlan": { + "type": "number" + } + }, + "required": [ + "BgpPeers", + "ConnectionId", + "VirtualInterfaceName", + "Vlan" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DirectConnect::PrivateVirtualInterface" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::DirectConnect::PrivateVirtualInterface.BgpPeer": { + "additionalProperties": false, + "properties": { + "AddressFamily": { + "type": "string" + }, + "AmazonAddress": { + "type": "string" + }, + "Asn": { + "type": "string" + }, + "AuthKey": { + "type": "string" + }, + "BgpPeerId": { + "type": "string" + }, + "CustomerAddress": { + "type": "string" + } + }, + "required": [ + "AddressFamily", + "Asn" + ], + "type": "object" + }, + "AWS::DirectConnect::PublicVirtualInterface": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllocatePublicVirtualInterfaceRoleArn": { + "type": "string" + }, + "BgpPeers": { + "items": { + "$ref": "#/definitions/AWS::DirectConnect::PublicVirtualInterface.BgpPeer" + }, + "type": "array" + }, + "ConnectionId": { + "type": "string" + }, + "RouteFilterPrefixes": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, + "VirtualInterfaceName": { + "type": "string" + }, + "Vlan": { + "type": "number" + } + }, + "required": [ + "BgpPeers", + "ConnectionId", + "VirtualInterfaceName", + "Vlan" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DirectConnect::PublicVirtualInterface" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::DirectConnect::PublicVirtualInterface.BgpPeer": { + "additionalProperties": false, + "properties": { + "AddressFamily": { + "type": "string" + }, + "AmazonAddress": { + "type": "string" + }, + "Asn": { + "type": "string" + }, + "AuthKey": { + "type": "string" + }, + "BgpPeerId": { + "type": "string" + }, + "CustomerAddress": { + "type": "string" + } + }, + "required": [ + "AddressFamily", + "Asn" + ], + "type": "object" + }, + "AWS::DirectConnect::TransitVirtualInterface": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllocateTransitVirtualInterfaceRoleArn": { + "type": "string" + }, + "BgpPeers": { + "items": { + "$ref": "#/definitions/AWS::DirectConnect::TransitVirtualInterface.BgpPeer" + }, + "type": "array" + }, + "ConnectionId": { + "type": "string" + }, + "DirectConnectGatewayId": { + "type": "string" + }, + "EnableSiteLink": { + "type": "boolean" + }, + "Mtu": { + "type": "number" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, + "VirtualInterfaceName": { + "type": "string" + }, + "Vlan": { + "type": "number" + } + }, + "required": [ + "BgpPeers", + "ConnectionId", + "DirectConnectGatewayId", + "VirtualInterfaceName", + "Vlan" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DirectConnect::TransitVirtualInterface" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::DirectConnect::TransitVirtualInterface.BgpPeer": { + "additionalProperties": false, + "properties": { + "AddressFamily": { + "type": "string" + }, + "AmazonAddress": { + "type": "string" + }, + "Asn": { + "type": "string" + }, + "AuthKey": { + "type": "string" + }, + "BgpPeerId": { + "type": "string" + }, + "CustomerAddress": { + "type": "string" + } + }, + "required": [ + "AddressFamily", + "Asn" + ], + "type": "object" + }, + "AWS::DirectoryService::MicrosoftAD": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CreateAlias": { + "markdownDescription": "Specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, CloudFormation does not create an alias.\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", + "title": "CreateAlias", + "type": "boolean" + }, + "Edition": { + "markdownDescription": "AWS Managed Microsoft AD is available in two editions: `Standard` and `Enterprise` . `Enterprise` is the default.", + "title": "Edition", + "type": "string" + }, + "EnableSso": { + "markdownDescription": "Whether to enable single sign-on for a Microsoft Active Directory in AWS . Single sign-on allows users in your directory to access certain AWS services from a computer joined to the directory without having to enter their credentials separately. If you don't specify a value, CloudFormation disables single sign-on by default.", + "title": "EnableSso", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The fully qualified domain name for the AWS Managed Microsoft AD directory, such as `corp.example.com` . This name will resolve inside your VPC only. It does not need to be publicly resolvable.", + "title": "Name", + "type": "string" + }, + "Password": { + "markdownDescription": "The password for the default administrative user named `Admin` .\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *Directory Service API Reference* .", + "title": "Password", + "type": "string" + }, + "ShortName": { + "markdownDescription": "The NetBIOS name for your domain, such as `CORP` . If you don't specify a NetBIOS name, it will default to the first part of your directory DNS. For example, `CORP` for the directory DNS `corp.example.com` .", + "title": "ShortName", + "type": "string" + }, + "VpcSettings": { + "$ref": "#/definitions/AWS::DirectoryService::MicrosoftAD.VpcSettings", + "markdownDescription": "Specifies the VPC settings of the Microsoft AD directory server in AWS .", + "title": "VpcSettings" + } + }, + "required": [ + "Name", + "Password", + "VpcSettings" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DirectoryService::MicrosoftAD" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::DirectoryService::MicrosoftAD.VpcSettings": { + "additionalProperties": false, + "properties": { + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. Directory Service specifies a directory server and a DNS server in each of these subnets.", + "title": "SubnetIds", + "type": "array" + }, + "VpcId": { + "markdownDescription": "The identifier of the VPC in which to create the directory.", + "title": "VpcId", + "type": "string" + } + }, + "required": [ + "SubnetIds", + "VpcId" + ], + "type": "object" + }, + "AWS::DirectoryService::SimpleAD": { "additionalProperties": false, "properties": { "Condition": { @@ -100336,6 +103395,9 @@ "title": "ReplaceUnhealthyInstances", "type": "boolean" }, + "ReservedCapacityOptions": { + "$ref": "#/definitions/AWS::EC2::EC2Fleet.ReservedCapacityOptionsRequest" + }, "SpotOptions": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.SpotOptionsRequest", "markdownDescription": "Describes the configuration of Spot Instances in an EC2 Fleet.", @@ -100999,6 +104061,18 @@ }, "type": "object" }, + "AWS::EC2::EC2Fleet.ReservedCapacityOptionsRequest": { + "additionalProperties": false, + "properties": { + "ReservationTypes": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, "AWS::EC2::EC2Fleet.SpotOptionsRequest": { "additionalProperties": false, "properties": { @@ -102419,6 +105493,92 @@ ], "type": "object" }, + "AWS::EC2::IPAMPrefixListResolverTarget": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "DesiredVersion": { + "type": "number" + }, + "IpamPrefixListResolverId": { + "type": "string" + }, + "PrefixListId": { + "type": "string" + }, + "PrefixListRegion": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, + "TrackLatestVersion": { + "type": "boolean" + } + }, + "required": [ + "IpamPrefixListResolverId", + "PrefixListId", + "PrefixListRegion", + "TrackLatestVersion" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::IPAMPrefixListResolverTarget" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, "AWS::EC2::IPAMResourceDiscovery": { "additionalProperties": false, "properties": { @@ -103584,6 +106744,30 @@ ], "type": "object" }, + "AWS::EC2::InstanceConnectEndpoint.InstanceConnectEndpointDnsNames": { + "additionalProperties": false, + "properties": { + "DnsName": { + "type": "string" + }, + "FipsDnsName": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::EC2::InstanceConnectEndpoint.InstanceConnectEndpointPublicDnsNames": { + "additionalProperties": false, + "properties": { + "Dualstack": { + "$ref": "#/definitions/AWS::EC2::InstanceConnectEndpoint.InstanceConnectEndpointDnsNames" + }, + "Ipv4": { + "$ref": "#/definitions/AWS::EC2::InstanceConnectEndpoint.InstanceConnectEndpointDnsNames" + } + }, + "type": "object" + }, "AWS::EC2::InternetGateway": { "additionalProperties": false, "properties": { @@ -110273,6 +113457,74 @@ }, "type": "object" }, + "AWS::EC2::SqlHaStandbyDetectedInstance": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "InstanceId": { + "type": "string" + }, + "SqlServerCredentials": { + "type": "string" + } + }, + "required": [ + "InstanceId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::EC2::SqlHaStandbyDetectedInstance" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, "AWS::EC2::Subnet": { "additionalProperties": false, "properties": { @@ -116983,6 +120235,18 @@ }, "type": "object" }, + "AWS::ECS::CapacityProvider.CapacityReservationRequest": { + "additionalProperties": false, + "properties": { + "ReservationGroupArn": { + "type": "string" + }, + "ReservationPreference": { + "type": "string" + } + }, + "type": "object" + }, "AWS::ECS::CapacityProvider.InfrastructureOptimization": { "additionalProperties": false, "properties": { @@ -117002,6 +120266,9 @@ "title": "CapacityOptionType", "type": "string" }, + "CapacityReservations": { + "$ref": "#/definitions/AWS::ECS::CapacityProvider.CapacityReservationRequest" + }, "Ec2InstanceProfileArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile that Amazon ECS applies to Amazon ECS Managed Instances. This instance profile must include the necessary permissions for your tasks to access AWS services and resources.\n\nFor more information, see [Amazon ECS instance profile for Managed Instances](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/managed-instances-instance-profile.html) in the *Amazon ECS Developer Guide* .", "title": "Ec2InstanceProfileArn", @@ -117010,6 +120277,9 @@ "FipsEnabled": { "type": "boolean" }, + "InstanceMetadataTagsPropagation": { + "type": "boolean" + }, "InstanceRequirements": { "$ref": "#/definitions/AWS::ECS::CapacityProvider.InstanceRequirementsRequest", "markdownDescription": "The instance requirements. You can specify:\n\n- The instance types\n- Instance requirements such as vCPU count, memory, network performance, and accelerator specifications\n\nAmazon ECS automatically selects the instances that match the specified criteria.", @@ -122181,9 +125451,6 @@ "type": "array" } }, - "required": [ - "RemoteNodeNetworks" - ], "type": "object" }, "AWS::EKS::Cluster.RemoteNodeNetwork": { @@ -123125,7 +126392,7 @@ }, "Configurations": { "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + "$ref": "#/definitions/AWS::EMR::Cluster.EMRConfiguration" }, "markdownDescription": "Applies only to Amazon EMR releases 4.x and later. The list of configurations that are supplied to the Amazon EMR cluster.", "title": "Configurations", @@ -123181,6 +126448,9 @@ "markdownDescription": "Creates or updates a managed scaling policy for an Amazon EMR cluster. The managed scaling policy defines the limits for resources, such as Amazon EC2 instances that can be added or terminated from a cluster. The policy only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", "title": "ManagedScalingPolicy" }, + "MonitoringConfiguration": { + "$ref": "#/definitions/AWS::EMR::Cluster.MonitoringConfiguration" + }, "Name": { "markdownDescription": "The name of the cluster. This parameter can't contain the characters <, >, $, |, or ` (backtick).", "title": "Name", @@ -123239,11 +126509,6 @@ "markdownDescription": "A list of tags associated with a cluster.", "title": "Tags", "type": "array" - }, - "VisibleToAllUsers": { - "markdownDescription": "Indicates whether the cluster is visible to all IAM users of the AWS account associated with the cluster. If this value is set to `true` , all IAM users of that AWS account can view and manage the cluster if they have the proper policy permissions set. If this value is `false` , only the IAM user that created the cluster can view and manage it. This value can be changed using the SetVisibleToAllUsers action.\n\n> When you create clusters directly through the EMR console or API, this value is set to `true` by default. However, for `AWS::EMR::Cluster` resources in CloudFormation, the default is `false` .", - "title": "VisibleToAllUsers", - "type": "boolean" } }, "required": [ @@ -123424,6 +126689,30 @@ ], "type": "object" }, + "AWS::EMR::Cluster.CloudWatchLogConfiguration": { + "additionalProperties": false, + "properties": { + "Enabled": { + "type": "boolean" + }, + "EncryptionKeyArn": { + "type": "string" + }, + "LogGroupName": { + "type": "string" + }, + "LogStreamNamePrefix": { + "type": "string" + }, + "LogTypes": { + "type": "object" + } + }, + "required": [ + "Enabled" + ], + "type": "object" + }, "AWS::EMR::Cluster.ComputeLimits": { "additionalProperties": false, "properties": { @@ -123460,31 +126749,25 @@ ], "type": "object" }, - "AWS::EMR::Cluster.Configuration": { + "AWS::EMR::Cluster.EMRConfiguration": { "additionalProperties": false, "properties": { "Classification": { - "markdownDescription": "The classification within a configuration.", - "title": "Classification", "type": "string" }, "ConfigurationProperties": { "additionalProperties": true, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, - "title": "ConfigurationProperties", "type": "object" }, "Configurations": { "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + "$ref": "#/definitions/AWS::EMR::Cluster.EMRConfiguration" }, - "markdownDescription": "A list of additional configurations to apply within a configuration object.", - "title": "Configurations", "type": "array" } }, @@ -123649,7 +126932,7 @@ }, "Configurations": { "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + "$ref": "#/definitions/AWS::EMR::Cluster.EMRConfiguration" }, "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nThe list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).", "title": "Configurations", @@ -123707,7 +126990,7 @@ }, "Configurations": { "items": { - "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" + "$ref": "#/definitions/AWS::EMR::Cluster.EMRConfiguration" }, "markdownDescription": "A configuration classification that applies when provisioning cluster instances, which can include configurations for applications and software that run on the cluster.", "title": "Configurations", @@ -123952,6 +127235,15 @@ ], "type": "object" }, + "AWS::EMR::Cluster.MonitoringConfiguration": { + "additionalProperties": false, + "properties": { + "CloudWatchLogConfiguration": { + "$ref": "#/definitions/AWS::EMR::Cluster.CloudWatchLogConfiguration" + } + }, + "type": "object" + }, "AWS::EMR::Cluster.OnDemandCapacityReservationOptions": { "additionalProperties": false, "properties": { @@ -127833,14 +131125,6 @@ "title": "CacheParameterGroupName", "type": "string" }, - "CacheSecurityGroupNames": { - "items": { - "type": "string" - }, - "markdownDescription": "A list of cache security group names to associate with this replication group.", - "title": "CacheSecurityGroupNames", - "type": "array" - }, "CacheSubnetGroupName": { "markdownDescription": "The name of the cache subnet group to be used for the replication group.\n\n> If you're going to launch your cluster in an Amazon VPC, you need to create a subnet group before you start creating a cluster. For more information, see [AWS::ElastiCache::SubnetGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-subnetgroup.html) .", "title": "CacheSubnetGroupName", @@ -128079,6 +131363,18 @@ }, "type": "object" }, + "AWS::ElastiCache::ReplicationGroup.Endpoint": { + "additionalProperties": false, + "properties": { + "Address": { + "type": "string" + }, + "Port": { + "type": "string" + } + }, + "type": "object" + }, "AWS::ElastiCache::ReplicationGroup.KinesisFirehoseDestinationDetails": { "additionalProperties": false, "properties": { @@ -128159,6 +131455,30 @@ }, "type": "object" }, + "AWS::ElastiCache::ReplicationGroup.ReadEndPoint": { + "additionalProperties": false, + "properties": { + "Addresses": { + "type": "string" + }, + "AddressesList": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Ports": { + "type": "string" + }, + "PortsList": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, "AWS::ElastiCache::SecurityGroup": { "additionalProperties": false, "properties": { @@ -132227,6 +135547,131 @@ }, "type": "object" }, + "AWS::ElementalInference::Feed": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + }, + "Outputs": { + "items": { + "$ref": "#/definitions/AWS::ElementalInference::Feed.GetOutput" + }, + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "Name", + "Outputs" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ElementalInference::Feed" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::ElementalInference::Feed.ClippingConfig": { + "additionalProperties": false, + "properties": { + "CallbackMetadata": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::ElementalInference::Feed.GetOutput": { + "additionalProperties": false, + "properties": { + "Description": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "OutputConfig": { + "$ref": "#/definitions/AWS::ElementalInference::Feed.OutputConfig" + }, + "Status": { + "type": "string" + } + }, + "required": [ + "Name", + "OutputConfig", + "Status" + ], + "type": "object" + }, + "AWS::ElementalInference::Feed.OutputConfig": { + "additionalProperties": false, + "properties": { + "Clipping": { + "$ref": "#/definitions/AWS::ElementalInference::Feed.ClippingConfig" + }, + "Cropping": { + "type": "object" + } + }, + "type": "object" + }, "AWS::EntityResolution::IdMappingWorkflow": { "additionalProperties": false, "properties": { @@ -137804,6 +141249,21 @@ }, "type": "object" }, + "AWS::FSx::FileSystem.FsrmConfiguration": { + "additionalProperties": false, + "properties": { + "EventLogDestination": { + "type": "string" + }, + "FsrmServiceEnabled": { + "type": "boolean" + } + }, + "required": [ + "FsrmServiceEnabled" + ], + "type": "object" + }, "AWS::FSx::FileSystem.LustreConfiguration": { "additionalProperties": false, "properties": { @@ -138256,6 +141716,9 @@ "markdownDescription": "The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for Windows file system. By default, Amazon FSx automatically provisions 3 IOPS per GiB of storage capacity. You can provision additional IOPS per GiB of storage, up to the maximum limit associated with your chosen throughput capacity.", "title": "DiskIopsConfiguration" }, + "FsrmConfiguration": { + "$ref": "#/definitions/AWS::FSx::FileSystem.FsrmConfiguration" + }, "PreferredSubnetId": { "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` . This specifies the subnet in which you want the preferred file server to be located. For in- AWS applications, we recommend that you launch your clients in the same availability zone as your preferred file server to reduce cross-availability zone data transfer costs and minimize latency.", "title": "PreferredSubnetId", @@ -141202,6 +144665,9 @@ "title": "PerInstanceContainerGroupDefinitionName", "type": "string" }, + "PlayerGatewayMode": { + "type": "string" + }, "ScalingPolicies": { "items": { "$ref": "#/definitions/AWS::GameLift::ContainerFleet.ScalingPolicy" @@ -141385,6 +144851,9 @@ "markdownDescription": "", "title": "LocationCapacity" }, + "PlayerGatewayStatus": { + "type": "string" + }, "StoppedActions": { "items": { "type": "string" @@ -142032,6 +145501,12 @@ "title": "PeerVpcId", "type": "string" }, + "PlayerGatewayConfiguration": { + "$ref": "#/definitions/AWS::GameLift::Fleet.PlayerGatewayConfiguration" + }, + "PlayerGatewayMode": { + "type": "string" + }, "ResourceCreationLimitPolicy": { "$ref": "#/definitions/AWS::GameLift::Fleet.ResourceCreationLimitPolicy", "markdownDescription": "A policy that limits the number of game sessions that an individual player can create on instances in this fleet within a specified span of time.", @@ -142189,6 +145664,9 @@ "$ref": "#/definitions/AWS::GameLift::Fleet.LocationCapacity", "markdownDescription": "Current resource capacity settings for managed EC2 fleets and managed container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.\n\n*Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)", "title": "LocationCapacity" + }, + "PlayerGatewayStatus": { + "type": "string" } }, "required": [ @@ -142211,6 +145689,15 @@ ], "type": "object" }, + "AWS::GameLift::Fleet.PlayerGatewayConfiguration": { + "additionalProperties": false, + "properties": { + "GameServerIpProtocolSupported": { + "type": "string" + } + }, + "type": "object" + }, "AWS::GameLift::Fleet.ResourceCreationLimitPolicy": { "additionalProperties": false, "properties": { @@ -143679,6 +147166,212 @@ ], "type": "object" }, + "AWS::Glue::Catalog": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AllowFullTableExternalDataAccess": { + "type": "string" + }, + "CatalogProperties": { + "$ref": "#/definitions/AWS::Glue::Catalog.CatalogProperties" + }, + "CreateDatabaseDefaultPermissions": { + "items": { + "$ref": "#/definitions/AWS::Glue::Catalog.PrincipalPermissions" + }, + "type": "array" + }, + "CreateTableDefaultPermissions": { + "items": { + "$ref": "#/definitions/AWS::Glue::Catalog.PrincipalPermissions" + }, + "type": "array" + }, + "Description": { + "type": "string" + }, + "FederatedCatalog": { + "$ref": "#/definitions/AWS::Glue::Catalog.FederatedCatalog" + }, + "Name": { + "type": "string" + }, + "OverwriteChildResourcePermissionsWithDefault": { + "type": "string" + }, + "Parameters": { + "additionalProperties": true, + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, + "TargetRedshiftCatalog": { + "$ref": "#/definitions/AWS::Glue::Catalog.TargetRedshiftCatalog" + } + }, + "required": [ + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Glue::Catalog" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Glue::Catalog.CatalogProperties": { + "additionalProperties": false, + "properties": { + "CustomProperties": { + "additionalProperties": true, + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "type": "object" + }, + "DataLakeAccessProperties": { + "$ref": "#/definitions/AWS::Glue::Catalog.DataLakeAccessProperties" + } + }, + "type": "object" + }, + "AWS::Glue::Catalog.DataLakeAccessProperties": { + "additionalProperties": false, + "properties": { + "AllowFullTableExternalDataAccess": { + "type": "string" + }, + "CatalogType": { + "type": "string" + }, + "DataLakeAccess": { + "type": "boolean" + }, + "DataTransferRole": { + "type": "string" + }, + "KmsKey": { + "type": "string" + }, + "ManagedWorkgroupName": { + "type": "string" + }, + "ManagedWorkgroupStatus": { + "type": "string" + }, + "RedshiftDatabaseName": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Catalog.DataLakePrincipal": { + "additionalProperties": false, + "properties": { + "DataLakePrincipalIdentifier": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Catalog.FederatedCatalog": { + "additionalProperties": false, + "properties": { + "ConnectionName": { + "type": "string" + }, + "Identifier": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Catalog.PrincipalPermissions": { + "additionalProperties": false, + "properties": { + "Permissions": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Principal": { + "$ref": "#/definitions/AWS::Glue::Catalog.DataLakePrincipal" + } + }, + "type": "object" + }, + "AWS::Glue::Catalog.TargetRedshiftCatalog": { + "additionalProperties": false, + "properties": { + "CatalogArn": { + "type": "string" + } + }, + "required": [ + "CatalogArn" + ], + "type": "object" + }, "AWS::Glue::Classifier": { "additionalProperties": false, "properties": { @@ -161365,6 +165058,116 @@ ], "type": "object" }, + "AWS::Interconnect::Connection": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ActivationKey": { + "type": "string" + }, + "AttachPoint": { + "$ref": "#/definitions/AWS::Interconnect::Connection.AttachPoint" + }, + "Bandwidth": { + "type": "string" + }, + "Description": { + "type": "string" + }, + "EnvironmentId": { + "type": "string" + }, + "RemoteOwnerAccount": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "AttachPoint" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Interconnect::Connection" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Interconnect::Connection.AttachPoint": { + "additionalProperties": false, + "properties": { + "Arn": { + "type": "string" + }, + "DirectConnectGateway": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::Interconnect::Connection.Provider": { + "additionalProperties": false, + "properties": { + "CloudServiceProvider": { + "type": "string" + }, + "LastMileProvider": { + "type": "string" + } + }, + "type": "object" + }, "AWS::InternetMonitor::Monitor": { "additionalProperties": false, "properties": { @@ -194182,6 +197985,9 @@ "Properties": { "additionalProperties": false, "properties": { + "BearerTokenAuthenticationEnabled": { + "type": "boolean" + }, "DataProtectionPolicy": { "markdownDescription": "Creates a data protection policy and assigns it to the log group. A data protection policy can help safeguard sensitive data that's ingested by the log group by auditing and masking the sensitive log data. When a user who does not have permission to view masked data views a log event that includes masked data, the sensitive data is replaced by asterisks.", "title": "DataProtectionPolicy", @@ -200289,6 +204095,9 @@ "title": "AvailabilityZone", "type": "string" }, + "EncodingConfig": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.EncodingConfig" + }, "FlowSize": { "markdownDescription": "Determines the processing capacity and feature set of the flow. Set this optional parameter to LARGE if you want to enable NDI outputs on the flow.", "title": "FlowSize", @@ -200332,6 +204141,12 @@ "markdownDescription": "The settings for source monitoring.", "title": "SourceMonitoringConfig" }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, "VpcInterfaces": { "items": { "$ref": "#/definitions/AWS::MediaConnect::Flow.VpcInterface" @@ -200395,6 +204210,18 @@ }, "type": "object" }, + "AWS::MediaConnect::Flow.EncodingConfig": { + "additionalProperties": false, + "properties": { + "EncodingProfile": { + "type": "string" + }, + "VideoMaxBitrate": { + "type": "number" + } + }, + "type": "object" + }, "AWS::MediaConnect::Flow.Encryption": { "additionalProperties": false, "properties": { @@ -200403,31 +204230,11 @@ "title": "Algorithm", "type": "string" }, - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", - "title": "ConstantInitializationVector", - "type": "string" - }, - "DeviceId": { - "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "DeviceId", - "type": "string" - }, "KeyType": { "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", "title": "KeyType", "type": "string" }, - "Region": { - "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Region", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "ResourceId", - "type": "string" - }, "RoleArn": { "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", "title": "RoleArn", @@ -200437,11 +204244,6 @@ "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", "title": "SecretArn", "type": "string" - }, - "Url": { - "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Url", - "type": "string" } }, "required": [ @@ -200678,6 +204480,12 @@ "title": "MediaStreamType", "type": "string" }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, "VideoFormat": { "markdownDescription": "The resolution of the video.", "title": "VideoFormat", @@ -200784,6 +204592,15 @@ ], "type": "object" }, + "AWS::MediaConnect::Flow.NdiSourceSettings": { + "additionalProperties": false, + "properties": { + "SourceName": { + "type": "string" + } + }, + "type": "object" + }, "AWS::MediaConnect::Flow.SecretsManagerEncryptionKeyConfiguration": { "additionalProperties": false, "properties": { @@ -200886,6 +204703,9 @@ "title": "Name", "type": "string" }, + "NdiSourceSettings": { + "$ref": "#/definitions/AWS::MediaConnect::Flow.NdiSourceSettings" + }, "Protocol": { "markdownDescription": "The protocol that is used by the source. AWS CloudFormation does not currently support CDI or ST 2110 JPEG XS source protocols.\n\n> AWS Elemental MediaConnect no longer supports the Fujitsu QoS protocol. This reference is maintained for legacy purposes only.", "title": "Protocol", @@ -200901,16 +204721,6 @@ "markdownDescription": "The decryption configuration for the flow source when router integration is enabled.", "title": "RouterIntegrationTransitDecryption" }, - "SenderControlPort": { - "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", - "title": "SenderControlPort", - "type": "number" - }, - "SenderIpAddress": { - "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", - "title": "SenderIpAddress", - "type": "string" - }, "SourceArn": { "markdownDescription": "The ARN of the source.", "title": "SourceArn", @@ -200936,6 +204746,12 @@ "title": "StreamId", "type": "string" }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, "VpcInterfaceName": { "markdownDescription": "The name of the VPC interface that is used for this source.", "title": "VpcInterfaceName", @@ -201049,6 +204865,12 @@ "markdownDescription": "Subnet must be in the AZ of the Flow.", "title": "SubnetId", "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" } }, "required": [ @@ -201142,6 +204964,12 @@ "markdownDescription": "The AWS account IDs that you want to share your content with. The receiving accounts (subscribers) will be allowed to create their own flows using your content as the source.", "title": "Subscribers", "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" } }, "required": [ @@ -201181,31 +205009,11 @@ "title": "Algorithm", "type": "string" }, - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", - "title": "ConstantInitializationVector", - "type": "string" - }, - "DeviceId": { - "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "DeviceId", - "type": "string" - }, "KeyType": { "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", "title": "KeyType", "type": "string" }, - "Region": { - "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Region", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "ResourceId", - "type": "string" - }, "RoleArn": { "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", "title": "RoleArn", @@ -201215,11 +205023,6 @@ "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", "title": "SecretArn", "type": "string" - }, - "Url": { - "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Url", - "type": "string" } }, "required": [ @@ -201364,6 +205167,12 @@ "title": "StreamId", "type": "string" }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, "VpcInterfaceAttachment": { "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.VpcInterfaceAttachment", "markdownDescription": "The name of the VPC interface attachment to use for this output.", @@ -201629,11 +205438,6 @@ "title": "Description", "type": "string" }, - "EntitlementArn": { - "markdownDescription": "The ARN of the entitlement that allows you to subscribe to this flow. The entitlement is set by the flow originator, and the ARN is generated as part of the originator's flow.", - "title": "EntitlementArn", - "type": "string" - }, "FlowArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the flow this source is connected to. The flow must have Failover enabled to add an additional source.", "title": "FlowArn", @@ -201674,16 +205478,6 @@ "title": "Protocol", "type": "string" }, - "SenderControlPort": { - "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", - "title": "SenderControlPort", - "type": "number" - }, - "SenderIpAddress": { - "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", - "title": "SenderIpAddress", - "type": "string" - }, "SourceListenerAddress": { "markdownDescription": "Source IP or domain name for SRT-caller protocol.", "title": "SourceListenerAddress", @@ -201699,6 +205493,12 @@ "title": "StreamId", "type": "string" }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, "VpcInterfaceName": { "markdownDescription": "The name of the VPC interface to use for this source.", "title": "VpcInterfaceName", @@ -201712,6 +205512,7 @@ }, "required": [ "Description", + "FlowArn", "Name" ], "type": "object" @@ -201745,31 +205546,11 @@ "title": "Algorithm", "type": "string" }, - "ConstantInitializationVector": { - "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", - "title": "ConstantInitializationVector", - "type": "string" - }, - "DeviceId": { - "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "DeviceId", - "type": "string" - }, "KeyType": { "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", "title": "KeyType", "type": "string" }, - "Region": { - "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Region", - "type": "string" - }, - "ResourceId": { - "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "ResourceId", - "type": "string" - }, "RoleArn": { "markdownDescription": "The ARN of the role that you created during setup (when you set up MediaConnect as a trusted entity).", "title": "RoleArn", @@ -201779,11 +205560,6 @@ "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption.", "title": "SecretArn", "type": "string" - }, - "Url": { - "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", - "title": "Url", - "type": "string" } }, "required": [ @@ -203625,6 +207401,9 @@ "markdownDescription": "The encoding configuration for the output content.", "title": "EncoderSettings" }, + "InferenceSettings": { + "$ref": "#/definitions/AWS::MediaLive::Channel.InferenceSettings" + }, "InputAttachments": { "items": { "$ref": "#/definitions/AWS::MediaLive::Channel.InputAttachment" @@ -206840,6 +210619,15 @@ "properties": {}, "type": "object" }, + "AWS::MediaLive::Channel.InferenceSettings": { + "additionalProperties": false, + "properties": { + "FeedArn": { + "type": "string" + } + }, + "type": "object" + }, "AWS::MediaLive::Channel.InputAttachment": { "additionalProperties": false, "properties": { @@ -211501,12 +215289,6 @@ "type": "string" } }, - "required": [ - "Id", - "Password", - "Url", - "Username" - ], "type": "object" }, "AWS::MediaPackage::Channel.LogConfiguration": { @@ -221366,6 +225148,12 @@ "title": "DisplayName", "type": "string" }, + "IamRoles": { + "items": { + "$ref": "#/definitions/AWS::ODB::CloudAutonomousVmCluster.IamRole" + }, + "type": "array" + }, "IsMtlsEnabledVmCluster": { "markdownDescription": "Specifies whether mutual TLS (mTLS) authentication is enabled for the Autonomous VM cluster.", "title": "IsMtlsEnabledVmCluster", @@ -221442,6 +225230,21 @@ ], "type": "object" }, + "AWS::ODB::CloudAutonomousVmCluster.IamRole": { + "additionalProperties": false, + "properties": { + "AwsIntegration": { + "type": "string" + }, + "IamRoleArn": { + "type": "string" + }, + "Status": { + "type": "string" + } + }, + "type": "object" + }, "AWS::ODB::CloudAutonomousVmCluster.MaintenanceWindow": { "additionalProperties": false, "properties": { @@ -221779,6 +225582,12 @@ "title": "Hostname", "type": "string" }, + "IamRoles": { + "items": { + "$ref": "#/definitions/AWS::ODB::CloudVmCluster.IamRole" + }, + "type": "array" + }, "IsLocalBackupEnabled": { "markdownDescription": "Specifies whether database backups to local Exadata storage are enabled for the VM cluster.", "title": "IsLocalBackupEnabled", @@ -221971,6 +225780,21 @@ ], "type": "object" }, + "AWS::ODB::CloudVmCluster.IamRole": { + "additionalProperties": false, + "properties": { + "AwsIntegration": { + "type": "string" + }, + "IamRoleArn": { + "type": "string" + }, + "Status": { + "type": "string" + } + }, + "type": "object" + }, "AWS::ODB::OdbNetwork": { "additionalProperties": false, "properties": { @@ -222026,6 +225850,12 @@ "title": "ClientSubnetCidr", "type": "string" }, + "CrossRegionS3RestoreSources": { + "items": { + "type": "string" + }, + "type": "array" + }, "CustomDomainName": { "markdownDescription": "The domain name for the resources in the ODB network.", "title": "CustomDomainName", @@ -222046,6 +225876,12 @@ "title": "DisplayName", "type": "string" }, + "KmsAccess": { + "type": "string" + }, + "KmsPolicyDocument": { + "type": "string" + }, "S3Access": { "markdownDescription": "The configuration for Amazon S3 access from the ODB network.", "title": "S3Access", @@ -222056,6 +225892,12 @@ "title": "S3PolicyDocument", "type": "string" }, + "StsAccess": { + "type": "string" + }, + "StsPolicyDocument": { + "type": "string" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -222092,6 +225934,45 @@ ], "type": "object" }, + "AWS::ODB::OdbNetwork.CrossRegionS3RestoreSourcesAccess": { + "additionalProperties": false, + "properties": { + "Ipv4Addresses": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Region": { + "type": "string" + }, + "Status": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::ODB::OdbNetwork.KmsAccess": { + "additionalProperties": false, + "properties": { + "DomainName": { + "type": "string" + }, + "Ipv4Addresses": { + "items": { + "type": "string" + }, + "type": "array" + }, + "KmsPolicyDocument": { + "type": "string" + }, + "Status": { + "type": "string" + } + }, + "type": "object" + }, "AWS::ODB::OdbNetwork.ManagedS3BackupAccess": { "additionalProperties": false, "properties": { @@ -222114,6 +225995,15 @@ "AWS::ODB::OdbNetwork.ManagedServices": { "additionalProperties": false, "properties": { + "CrossRegionS3RestoreSourcesAccess": { + "items": { + "$ref": "#/definitions/AWS::ODB::OdbNetwork.CrossRegionS3RestoreSourcesAccess" + }, + "type": "array" + }, + "KmsAccess": { + "$ref": "#/definitions/AWS::ODB::OdbNetwork.KmsAccess" + }, "ManagedS3BackupAccess": { "$ref": "#/definitions/AWS::ODB::OdbNetwork.ManagedS3BackupAccess", "markdownDescription": "The managed Amazon S3 backup access configuration.", @@ -222147,6 +226037,9 @@ "markdownDescription": "The service network endpoint configuration.", "title": "ServiceNetworkEndpoint" }, + "StsAccess": { + "$ref": "#/definitions/AWS::ODB::OdbNetwork.StsAccess" + }, "ZeroEtlAccess": { "$ref": "#/definitions/AWS::ODB::OdbNetwork.ZeroEtlAccess", "markdownDescription": "The Zero-ETL access configuration.", @@ -222200,6 +226093,27 @@ }, "type": "object" }, + "AWS::ODB::OdbNetwork.StsAccess": { + "additionalProperties": false, + "properties": { + "DomainName": { + "type": "string" + }, + "Ipv4Addresses": { + "items": { + "type": "string" + }, + "type": "array" + }, + "Status": { + "type": "string" + }, + "StsPolicyDocument": { + "type": "string" + } + }, + "type": "object" + }, "AWS::ODB::OdbNetwork.ZeroEtlAccess": { "additionalProperties": false, "properties": { @@ -222274,6 +226188,12 @@ "title": "PeerNetworkId", "type": "string" }, + "PeerNetworkRouteTableIds": { + "items": { + "type": "string" + }, + "type": "array" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -222946,6 +226866,9 @@ "markdownDescription": "Configuration defining the backup region and an optional KMS key for the backup destination.", "title": "BackupConfiguration" }, + "LogGroupNameConfiguration": { + "$ref": "#/definitions/AWS::ObservabilityAdmin::OrganizationCentralizationRule.LogGroupNameConfiguration" + }, "LogsEncryptionConfiguration": { "$ref": "#/definitions/AWS::ObservabilityAdmin::OrganizationCentralizationRule.LogsEncryptionConfiguration", "markdownDescription": "The encryption configuration for centralization destination log groups.", @@ -222954,6 +226877,18 @@ }, "type": "object" }, + "AWS::ObservabilityAdmin::OrganizationCentralizationRule.LogGroupNameConfiguration": { + "additionalProperties": false, + "properties": { + "LogGroupNamePattern": { + "type": "string" + } + }, + "required": [ + "LogGroupNamePattern" + ], + "type": "object" + }, "AWS::ObservabilityAdmin::OrganizationCentralizationRule.LogsBackupConfiguration": { "additionalProperties": false, "properties": { @@ -223000,6 +226935,9 @@ "AWS::ObservabilityAdmin::OrganizationCentralizationRule.SourceLogsConfiguration": { "additionalProperties": false, "properties": { + "DataSourceSelectionCriteria": { + "type": "string" + }, "EncryptedLogGroupStrategy": { "markdownDescription": "A strategy determining whether to centralize source log groups that are encrypted with customer managed KMS keys (CMK). ALLOW will consider CMK encrypted source log groups for centralization while SKIP will skip CMK encrypted source log groups from centralization.", "title": "EncryptedLogGroupStrategy", @@ -223012,8 +226950,7 @@ } }, "required": [ - "EncryptedLogGroupStrategy", - "LogGroupSelectionCriteria" + "EncryptedLogGroupStrategy" ], "type": "object" }, @@ -223595,6 +227532,67 @@ ], "type": "object" }, + "AWS::ObservabilityAdmin::TelemetryEnrichment": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Scope": { + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::ObservabilityAdmin::TelemetryEnrichment" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, "AWS::ObservabilityAdmin::TelemetryPipelines": { "additionalProperties": false, "properties": { @@ -225581,6 +229579,9 @@ "markdownDescription": "The type of collection. Possible values are `SEARCH` , `TIMESERIES` , and `VECTORSEARCH` . For more information, see [Choosing a collection type](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-overview.html#serverless-usecase) .", "title": "Type", "type": "string" + }, + "VectorOptions": { + "$ref": "#/definitions/AWS::OpenSearchServerless::Collection.VectorOptions" } }, "required": [ @@ -225621,6 +229622,126 @@ }, "type": "object" }, + "AWS::OpenSearchServerless::Collection.FipsEndpoints": { + "additionalProperties": false, + "properties": { + "CollectionEndpoint": { + "type": "string" + }, + "DashboardEndpoint": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpenSearchServerless::Collection.VectorOptions": { + "additionalProperties": false, + "properties": { + "ServerlessVectorAcceleration": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::OpenSearchServerless::CollectionGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "CapacityLimits": { + "$ref": "#/definitions/AWS::OpenSearchServerless::CollectionGroup.CapacityLimits" + }, + "Description": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "StandbyReplicas": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "Name", + "StandbyReplicas" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::OpenSearchServerless::CollectionGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::OpenSearchServerless::CollectionGroup.CapacityLimits": { + "additionalProperties": false, + "properties": { + "MaxIndexingCapacityInOcu": { + "type": "number" + }, + "MaxSearchCapacityInOcu": { + "type": "number" + }, + "MinIndexingCapacityInOcu": { + "type": "number" + }, + "MinSearchCapacityInOcu": { + "type": "number" + } + }, + "type": "object" + }, "AWS::OpenSearchServerless::Index": { "additionalProperties": false, "properties": { @@ -226339,6 +230460,9 @@ "markdownDescription": "Settings container for integrating IAM Identity Center with OpenSearch UI applications, which enables enabling secure user authentication and access control across multiple data sources. This setup supports single sign-on (SSO) through IAM Identity Center, allowing centralized user management.", "title": "IamIdentityCenterOptions" }, + "KmsKeyArn": { + "type": "string" + }, "Name": { "markdownDescription": "The name of an OpenSearch application.", "title": "Name", @@ -226510,6 +230634,9 @@ "markdownDescription": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.", "title": "CognitoOptions" }, + "DeploymentStrategyOptions": { + "$ref": "#/definitions/AWS::OpenSearchService::Domain.DeploymentStrategyOptions" + }, "DomainEndpointOptions": { "$ref": "#/definitions/AWS::OpenSearchService::Domain.DomainEndpointOptions", "markdownDescription": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.", @@ -226788,6 +230915,15 @@ }, "type": "object" }, + "AWS::OpenSearchService::Domain.DeploymentStrategyOptions": { + "additionalProperties": false, + "properties": { + "DeploymentStrategy": { + "type": "string" + } + }, + "type": "object" + }, "AWS::OpenSearchService::Domain.DomainEndpointOptions": { "additionalProperties": false, "properties": { @@ -230672,6 +234808,9 @@ }, "title": "Tags", "type": "object" + }, + "VpcEndpointId": { + "type": "string" } }, "required": [ @@ -230894,6 +235033,22 @@ ], "type": "object" }, + "AWS::PCS::Cluster.CgroupCustomSetting": { + "additionalProperties": false, + "properties": { + "ParameterName": { + "type": "string" + }, + "ParameterValue": { + "type": "string" + } + }, + "required": [ + "ParameterName", + "ParameterValue" + ], + "type": "object" + }, "AWS::PCS::Cluster.Endpoint": { "additionalProperties": false, "properties": { @@ -231037,6 +235192,12 @@ "markdownDescription": "The shared Slurm key for authentication, also known as the *cluster secret* .", "title": "AuthKey" }, + "CgroupCustomSettings": { + "items": { + "$ref": "#/definitions/AWS::PCS::Cluster.CgroupCustomSetting" + }, + "type": "array" + }, "JwtAuth": { "$ref": "#/definitions/AWS::PCS::Cluster.JwtAuth", "markdownDescription": "The JWT authentication configuration for Slurm REST API access.", @@ -231059,6 +235220,12 @@ "$ref": "#/definitions/AWS::PCS::Cluster.SlurmRest", "markdownDescription": "The Slurm REST API configuration for the cluster.", "title": "SlurmRest" + }, + "SlurmdbdCustomSettings": { + "items": { + "$ref": "#/definitions/AWS::PCS::Cluster.SlurmdbdCustomSetting" + }, + "type": "array" } }, "type": "object" @@ -231097,236 +235264,13 @@ ], "type": "object" }, - "AWS::PCS::ComputeNodeGroup": { - "additionalProperties": false, - "properties": { - "Condition": { - "type": "string" - }, - "DeletionPolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - }, - "DependsOn": { - "anyOf": [ - { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - { - "items": { - "pattern": "^[a-zA-Z0-9]+$", - "type": "string" - }, - "type": "array" - } - ] - }, - "Metadata": { - "type": "object" - }, - "Properties": { - "additionalProperties": false, - "properties": { - "AmiId": { - "markdownDescription": "The ID of the Amazon Machine Image (AMI) that AWS PCS uses to launch instances. If not provided, AWS PCS uses the AMI ID specified in the custom launch template.", - "title": "AmiId", - "type": "string" - }, - "ClusterId": { - "markdownDescription": "The ID of the cluster of the compute node group.", - "title": "ClusterId", - "type": "string" - }, - "CustomLaunchTemplate": { - "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.CustomLaunchTemplate", - "markdownDescription": "An Amazon EC2 launch template AWS PCS uses to launch compute nodes.", - "title": "CustomLaunchTemplate" - }, - "IamInstanceProfileArn": { - "markdownDescription": "The Amazon Resource Name (ARN) of the IAM instance profile used to pass an IAM role when launching EC2 instances. The role contained in your instance profile must have the `pcs:RegisterComputeNodeGroupInstance` permission and the role name must start with `AWSPCS` or must have the path `/aws-pcs/` . For more information, see [IAM instance profiles for AWS PCS](https://docs.aws.amazon.com//pcs/latest/userguide/security-instance-profiles.html) in the *AWS PCS User Guide* .", - "title": "IamInstanceProfileArn", - "type": "string" - }, - "InstanceConfigs": { - "items": { - "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.InstanceConfig" - }, - "markdownDescription": "A list of EC2 instance configurations that AWS PCS can provision in the compute node group.", - "title": "InstanceConfigs", - "type": "array" - }, - "Name": { - "markdownDescription": "The name that identifies the compute node group.", - "title": "Name", - "type": "string" - }, - "PurchaseOption": { - "markdownDescription": "Specifies how EC2 instances are purchased on your behalf. AWS PCS supports On-Demand Instances, Spot Instances, and Amazon EC2 Capacity Blocks for ML. For more information, see [Amazon EC2 billing and purchasing options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-purchasing-options.html) in the *Amazon Elastic Compute Cloud User Guide* . For more information about AWS PCS support for Capacity Blocks, see [Using Amazon EC2 Capacity Blocks for ML with AWS PCS](https://docs.aws.amazon.com/pcs/latest/userguide/capacity-blocks.html) in the *AWS PCS User Guide* . If you don't provide this option, it defaults to On-Demand.", - "title": "PurchaseOption", - "type": "string" - }, - "ScalingConfiguration": { - "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.ScalingConfiguration", - "markdownDescription": "Specifies the boundaries of the compute node group auto scaling.", - "title": "ScalingConfiguration" - }, - "SlurmConfiguration": { - "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SlurmConfiguration", - "markdownDescription": "Additional options related to the Slurm scheduler.", - "title": "SlurmConfiguration" - }, - "SpotOptions": { - "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SpotOptions", - "markdownDescription": "Additional configuration when you specify `SPOT` as the `purchaseOption` for the `CreateComputeNodeGroup` API action.", - "title": "SpotOptions" - }, - "SubnetIds": { - "items": { - "type": "string" - }, - "markdownDescription": "The list of subnet IDs where instances are provisioned by the compute node group. The subnets must be in the same VPC as the cluster.", - "title": "SubnetIds", - "type": "array" - }, - "Tags": { - "additionalProperties": true, - "markdownDescription": "1 or more tags added to the resource. Each tag consists of a tag key and tag value. The tag value is optional and can be an empty string.", - "patternProperties": { - "^[a-zA-Z0-9]+$": { - "type": "string" - } - }, - "title": "Tags", - "type": "object" - } - }, - "required": [ - "ClusterId", - "CustomLaunchTemplate", - "IamInstanceProfileArn", - "InstanceConfigs", - "ScalingConfiguration", - "SubnetIds" - ], - "type": "object" - }, - "Type": { - "enum": [ - "AWS::PCS::ComputeNodeGroup" - ], - "type": "string" - }, - "UpdateReplacePolicy": { - "enum": [ - "Delete", - "Retain", - "Snapshot" - ], - "type": "string" - } - }, - "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::PCS::ComputeNodeGroup.CustomLaunchTemplate": { - "additionalProperties": false, - "properties": { - "TemplateId": { - "markdownDescription": "The ID of the EC2 launch template to use to provision instances.", - "title": "TemplateId", - "type": "string" - }, - "Version": { - "markdownDescription": "The version of the EC2 launch template to use to provision instances.", - "title": "Version", - "type": "string" - } - }, - "required": [ - "Version" - ], - "type": "object" - }, - "AWS::PCS::ComputeNodeGroup.ErrorInfo": { - "additionalProperties": false, - "properties": { - "Code": { - "markdownDescription": "The short-form error code.", - "title": "Code", - "type": "string" - }, - "Message": { - "markdownDescription": "The detailed error information.", - "title": "Message", - "type": "string" - } - }, - "type": "object" - }, - "AWS::PCS::ComputeNodeGroup.InstanceConfig": { - "additionalProperties": false, - "properties": { - "InstanceType": { - "markdownDescription": "The EC2 instance type that AWS PCS can provision in the compute node group.\n\nExample: `t2.xlarge`", - "title": "InstanceType", - "type": "string" - } - }, - "type": "object" - }, - "AWS::PCS::ComputeNodeGroup.ScalingConfiguration": { - "additionalProperties": false, - "properties": { - "MaxInstanceCount": { - "markdownDescription": "The upper bound of the number of instances allowed in the compute fleet.", - "title": "MaxInstanceCount", - "type": "number" - }, - "MinInstanceCount": { - "markdownDescription": "The lower bound of the number of instances allowed in the compute fleet.", - "title": "MinInstanceCount", - "type": "number" - } - }, - "required": [ - "MaxInstanceCount", - "MinInstanceCount" - ], - "type": "object" - }, - "AWS::PCS::ComputeNodeGroup.SlurmConfiguration": { - "additionalProperties": false, - "properties": { - "SlurmCustomSettings": { - "items": { - "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SlurmCustomSetting" - }, - "markdownDescription": "Additional Slurm-specific configuration that directly maps to Slurm settings.", - "title": "SlurmCustomSettings", - "type": "array" - } - }, - "type": "object" - }, - "AWS::PCS::ComputeNodeGroup.SlurmCustomSetting": { + "AWS::PCS::Cluster.SlurmdbdCustomSetting": { "additionalProperties": false, "properties": { "ParameterName": { - "markdownDescription": "AWS PCS supports custom Slurm settings for clusters, compute node groups, and queues. For more information, see [Configuring custom Slurm settings in AWS PCS](https://docs.aws.amazon.com//pcs/latest/userguide/slurm-custom-settings.html) in the *AWS PCS User Guide* .", - "title": "ParameterName", "type": "string" }, "ParameterValue": { - "markdownDescription": "The values for the configured Slurm settings.", - "title": "ParameterValue", "type": "string" } }, @@ -231336,18 +235280,257 @@ ], "type": "object" }, - "AWS::PCS::ComputeNodeGroup.SpotOptions": { - "additionalProperties": false, - "properties": { - "AllocationStrategy": { - "markdownDescription": "The Amazon EC2 allocation strategy AWS PCS uses to provision EC2 instances. AWS PCS supports *lowest price* , *capacity optimized* , and *price capacity optimized* . For more information, see [Use allocation strategies to determine how EC2 Fleet or Spot Fleet fulfills Spot and On-Demand capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-allocation-strategy.html) in the *Amazon Elastic Compute Cloud User Guide* . If you don't provide this option, it defaults to *price capacity optimized* .", - "title": "AllocationStrategy", - "type": "string" - } - }, - "type": "object" - }, - "AWS::PCS::Queue": { + "AWS::PCS::ComputeNodeGroup": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AmiId": { + "markdownDescription": "The ID of the Amazon Machine Image (AMI) that AWS PCS uses to launch instances. If not provided, AWS PCS uses the AMI ID specified in the custom launch template.", + "title": "AmiId", + "type": "string" + }, + "ClusterId": { + "markdownDescription": "The ID of the cluster of the compute node group.", + "title": "ClusterId", + "type": "string" + }, + "CustomLaunchTemplate": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.CustomLaunchTemplate", + "markdownDescription": "An Amazon EC2 launch template AWS PCS uses to launch compute nodes.", + "title": "CustomLaunchTemplate" + }, + "IamInstanceProfileArn": { + "markdownDescription": "The Amazon Resource Name (ARN) of the IAM instance profile used to pass an IAM role when launching EC2 instances. The role contained in your instance profile must have the `pcs:RegisterComputeNodeGroupInstance` permission and the role name must start with `AWSPCS` or must have the path `/aws-pcs/` . For more information, see [IAM instance profiles for AWS PCS](https://docs.aws.amazon.com//pcs/latest/userguide/security-instance-profiles.html) in the *AWS PCS User Guide* .", + "title": "IamInstanceProfileArn", + "type": "string" + }, + "InstanceConfigs": { + "items": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.InstanceConfig" + }, + "markdownDescription": "A list of EC2 instance configurations that AWS PCS can provision in the compute node group.", + "title": "InstanceConfigs", + "type": "array" + }, + "Name": { + "markdownDescription": "The name that identifies the compute node group.", + "title": "Name", + "type": "string" + }, + "PurchaseOption": { + "markdownDescription": "Specifies how EC2 instances are purchased on your behalf. AWS PCS supports On-Demand Instances, Spot Instances, and Amazon EC2 Capacity Blocks for ML. For more information, see [Amazon EC2 billing and purchasing options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-purchasing-options.html) in the *Amazon Elastic Compute Cloud User Guide* . For more information about AWS PCS support for Capacity Blocks, see [Using Amazon EC2 Capacity Blocks for ML with AWS PCS](https://docs.aws.amazon.com/pcs/latest/userguide/capacity-blocks.html) in the *AWS PCS User Guide* . If you don't provide this option, it defaults to On-Demand.", + "title": "PurchaseOption", + "type": "string" + }, + "ScalingConfiguration": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.ScalingConfiguration", + "markdownDescription": "Specifies the boundaries of the compute node group auto scaling.", + "title": "ScalingConfiguration" + }, + "SlurmConfiguration": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SlurmConfiguration", + "markdownDescription": "Additional options related to the Slurm scheduler.", + "title": "SlurmConfiguration" + }, + "SpotOptions": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SpotOptions", + "markdownDescription": "Additional configuration when you specify `SPOT` as the `purchaseOption` for the `CreateComputeNodeGroup` API action.", + "title": "SpotOptions" + }, + "SubnetIds": { + "items": { + "type": "string" + }, + "markdownDescription": "The list of subnet IDs where instances are provisioned by the compute node group. The subnets must be in the same VPC as the cluster.", + "title": "SubnetIds", + "type": "array" + }, + "Tags": { + "additionalProperties": true, + "markdownDescription": "1 or more tags added to the resource. Each tag consists of a tag key and tag value. The tag value is optional and can be an empty string.", + "patternProperties": { + "^[a-zA-Z0-9]+$": { + "type": "string" + } + }, + "title": "Tags", + "type": "object" + } + }, + "required": [ + "ClusterId", + "CustomLaunchTemplate", + "IamInstanceProfileArn", + "InstanceConfigs", + "ScalingConfiguration", + "SubnetIds" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::PCS::ComputeNodeGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup.CustomLaunchTemplate": { + "additionalProperties": false, + "properties": { + "TemplateId": { + "markdownDescription": "The ID of the EC2 launch template to use to provision instances.", + "title": "TemplateId", + "type": "string" + }, + "Version": { + "markdownDescription": "The version of the EC2 launch template to use to provision instances.", + "title": "Version", + "type": "string" + } + }, + "required": [ + "Version" + ], + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup.ErrorInfo": { + "additionalProperties": false, + "properties": { + "Code": { + "markdownDescription": "The short-form error code.", + "title": "Code", + "type": "string" + }, + "Message": { + "markdownDescription": "The detailed error information.", + "title": "Message", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup.InstanceConfig": { + "additionalProperties": false, + "properties": { + "InstanceType": { + "markdownDescription": "The EC2 instance type that AWS PCS can provision in the compute node group.\n\nExample: `t2.xlarge`", + "title": "InstanceType", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup.ScalingConfiguration": { + "additionalProperties": false, + "properties": { + "MaxInstanceCount": { + "markdownDescription": "The upper bound of the number of instances allowed in the compute fleet.", + "title": "MaxInstanceCount", + "type": "number" + }, + "MinInstanceCount": { + "markdownDescription": "The lower bound of the number of instances allowed in the compute fleet.", + "title": "MinInstanceCount", + "type": "number" + } + }, + "required": [ + "MaxInstanceCount", + "MinInstanceCount" + ], + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup.SlurmConfiguration": { + "additionalProperties": false, + "properties": { + "SlurmCustomSettings": { + "items": { + "$ref": "#/definitions/AWS::PCS::ComputeNodeGroup.SlurmCustomSetting" + }, + "markdownDescription": "Additional Slurm-specific configuration that directly maps to Slurm settings.", + "title": "SlurmCustomSettings", + "type": "array" + } + }, + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup.SlurmCustomSetting": { + "additionalProperties": false, + "properties": { + "ParameterName": { + "markdownDescription": "AWS PCS supports custom Slurm settings for clusters, compute node groups, and queues. For more information, see [Configuring custom Slurm settings in AWS PCS](https://docs.aws.amazon.com//pcs/latest/userguide/slurm-custom-settings.html) in the *AWS PCS User Guide* .", + "title": "ParameterName", + "type": "string" + }, + "ParameterValue": { + "markdownDescription": "The values for the configured Slurm settings.", + "title": "ParameterValue", + "type": "string" + } + }, + "required": [ + "ParameterName", + "ParameterValue" + ], + "type": "object" + }, + "AWS::PCS::ComputeNodeGroup.SpotOptions": { + "additionalProperties": false, + "properties": { + "AllocationStrategy": { + "markdownDescription": "The Amazon EC2 allocation strategy AWS PCS uses to provision EC2 instances. AWS PCS supports *lowest price* , *capacity optimized* , and *price capacity optimized* . For more information, see [Use allocation strategies to determine how EC2 Fleet or Spot Fleet fulfills Spot and On-Demand capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-allocation-strategy.html) in the *Amazon Elastic Compute Cloud User Guide* . If you don't provide this option, it defaults to *price capacity optimized* .", + "title": "AllocationStrategy", + "type": "string" + } + }, + "type": "object" + }, + "AWS::PCS::Queue": { "additionalProperties": false, "properties": { "Condition": { @@ -251282,7 +255465,7 @@ "type": "array" }, "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick Suite user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick Suite user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick Suite ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", "title": "Principal", "type": "string" } @@ -254896,17 +259079,89 @@ "title": "AddOrRunAnomalyDetectionForAnalyses", "type": "string" }, + "AmazonBedrockARSAction": { + "type": "string" + }, + "AmazonBedrockFSAction": { + "type": "string" + }, + "AmazonBedrockKRSAction": { + "type": "string" + }, + "AmazonSThreeAction": { + "type": "string" + }, "Analysis": { "markdownDescription": "The ability to perform analysis-related actions.", "title": "Analysis", "type": "string" }, + "ApproveFlowShareRequests": { + "type": "string" + }, + "AsanaAction": { + "type": "string" + }, "Automate": { "type": "string" }, + "BambooHRAction": { + "type": "string" + }, + "BoxAgentAction": { + "type": "string" + }, + "BuildCalculatedFieldWithQ": { + "type": "string" + }, + "CanvaAgentAction": { + "type": "string" + }, "ChatAgent": { "type": "string" }, + "ComprehendAction": { + "type": "string" + }, + "ComprehendMedicalAction": { + "type": "string" + }, + "ConfluenceAction": { + "type": "string" + }, + "CreateAndUpdateAmazonBedrockARSAction": { + "type": "string" + }, + "CreateAndUpdateAmazonBedrockFSAction": { + "type": "string" + }, + "CreateAndUpdateAmazonBedrockKRSAction": { + "type": "string" + }, + "CreateAndUpdateAmazonSThreeAction": { + "type": "string" + }, + "CreateAndUpdateAsanaAction": { + "type": "string" + }, + "CreateAndUpdateBambooHRAction": { + "type": "string" + }, + "CreateAndUpdateBoxAgentAction": { + "type": "string" + }, + "CreateAndUpdateCanvaAgentAction": { + "type": "string" + }, + "CreateAndUpdateComprehendAction": { + "type": "string" + }, + "CreateAndUpdateComprehendMedicalAction": { + "type": "string" + }, + "CreateAndUpdateConfluenceAction": { + "type": "string" + }, "CreateAndUpdateDashboardEmailReports": { "markdownDescription": "The ability to create and update email reports.", "title": "CreateAndUpdateDashboardEmailReports", @@ -254922,6 +259177,102 @@ "title": "CreateAndUpdateDatasets", "type": "string" }, + "CreateAndUpdateFactSetAction": { + "type": "string" + }, + "CreateAndUpdateGenericHTTPAction": { + "type": "string" + }, + "CreateAndUpdateGithubAction": { + "type": "string" + }, + "CreateAndUpdateGoogleCalendarAction": { + "type": "string" + }, + "CreateAndUpdateHubspotAction": { + "type": "string" + }, + "CreateAndUpdateHuggingFaceAction": { + "type": "string" + }, + "CreateAndUpdateIntercomAction": { + "type": "string" + }, + "CreateAndUpdateJiraAction": { + "type": "string" + }, + "CreateAndUpdateKnowledgeBases": { + "type": "string" + }, + "CreateAndUpdateLinearAction": { + "type": "string" + }, + "CreateAndUpdateMCPAction": { + "type": "string" + }, + "CreateAndUpdateMSExchangeAction": { + "type": "string" + }, + "CreateAndUpdateMSTeamsAction": { + "type": "string" + }, + "CreateAndUpdateMondayAction": { + "type": "string" + }, + "CreateAndUpdateNewRelicAction": { + "type": "string" + }, + "CreateAndUpdateNotionAction": { + "type": "string" + }, + "CreateAndUpdateOneDriveAction": { + "type": "string" + }, + "CreateAndUpdateOpenAPIAction": { + "type": "string" + }, + "CreateAndUpdatePagerDutyAction": { + "type": "string" + }, + "CreateAndUpdateSAPBillOfMaterialAction": { + "type": "string" + }, + "CreateAndUpdateSAPBusinessPartnerAction": { + "type": "string" + }, + "CreateAndUpdateSAPMaterialStockAction": { + "type": "string" + }, + "CreateAndUpdateSAPPhysicalInventoryAction": { + "type": "string" + }, + "CreateAndUpdateSAPProductMasterDataAction": { + "type": "string" + }, + "CreateAndUpdateSalesforceAction": { + "type": "string" + }, + "CreateAndUpdateSandPGMIAction": { + "type": "string" + }, + "CreateAndUpdateSandPGlobalEnergyAction": { + "type": "string" + }, + "CreateAndUpdateServiceNowAction": { + "type": "string" + }, + "CreateAndUpdateSharePointAction": { + "type": "string" + }, + "CreateAndUpdateSlackAction": { + "type": "string" + }, + "CreateAndUpdateSmartsheetAction": { + "type": "string" + }, + "CreateAndUpdateTextractAction": { + "type": "string" + }, "CreateAndUpdateThemes": { "markdownDescription": "The ability to export to Create and Update themes.", "title": "CreateAndUpdateThemes", @@ -254932,9 +259283,15 @@ "title": "CreateAndUpdateThresholdAlerts", "type": "string" }, + "CreateAndUpdateZendeskAction": { + "type": "string" + }, "CreateChatAgents": { "type": "string" }, + "CreateDashboardExecutiveSummaryWithQ": { + "type": "string" + }, "CreateSPICEDataset": { "markdownDescription": "The ability to create a SPICE dataset.", "title": "CreateSPICEDataset", @@ -254950,6 +259307,9 @@ "title": "Dashboard", "type": "string" }, + "EditVisualWithQ": { + "type": "string" + }, "ExportToCsv": { "markdownDescription": "The ability to export to CSV files from the UI.", "title": "ExportToCsv", @@ -254980,17 +259340,77 @@ "title": "ExportToPdfInScheduledReports", "type": "string" }, + "Extension": { + "type": "string" + }, + "FactSetAction": { + "type": "string" + }, "Flow": { "type": "string" }, + "GenericHTTPAction": { + "type": "string" + }, + "GithubAction": { + "type": "string" + }, + "GoogleCalendarAction": { + "type": "string" + }, + "HubspotAction": { + "type": "string" + }, + "HuggingFaceAction": { + "type": "string" + }, "IncludeContentInScheduledReportsEmail": { "markdownDescription": "The ability to include content in scheduled email reports.", "title": "IncludeContentInScheduledReportsEmail", "type": "string" }, + "IntercomAction": { + "type": "string" + }, + "JiraAction": { + "type": "string" + }, "KnowledgeBase": { "type": "string" }, + "LinearAction": { + "type": "string" + }, + "MCPAction": { + "type": "string" + }, + "MSExchangeAction": { + "type": "string" + }, + "MSTeamsAction": { + "type": "string" + }, + "ManageSharedFolders": { + "type": "string" + }, + "MondayAction": { + "type": "string" + }, + "NewRelicAction": { + "type": "string" + }, + "NotionAction": { + "type": "string" + }, + "OneDriveAction": { + "type": "string" + }, + "OpenAPIAction": { + "type": "string" + }, + "PagerDutyAction": { + "type": "string" + }, "PerformFlowUiTask": { "type": "string" }, @@ -255010,11 +259430,71 @@ "Research": { "type": "string" }, + "SAPBillOfMaterialAction": { + "type": "string" + }, + "SAPBusinessPartnerAction": { + "type": "string" + }, + "SAPMaterialStockAction": { + "type": "string" + }, + "SAPPhysicalInventoryAction": { + "type": "string" + }, + "SAPProductMasterDataAction": { + "type": "string" + }, + "SalesforceAction": { + "type": "string" + }, + "SandPGMIAction": { + "type": "string" + }, + "SandPGlobalEnergyAction": { + "type": "string" + }, + "ServiceNowAction": { + "type": "string" + }, + "ShareAmazonBedrockARSAction": { + "type": "string" + }, + "ShareAmazonBedrockFSAction": { + "type": "string" + }, + "ShareAmazonBedrockKRSAction": { + "type": "string" + }, + "ShareAmazonSThreeAction": { + "type": "string" + }, "ShareAnalyses": { "markdownDescription": "The ability to share analyses.", "title": "ShareAnalyses", "type": "string" }, + "ShareAsanaAction": { + "type": "string" + }, + "ShareBambooHRAction": { + "type": "string" + }, + "ShareBoxAgentAction": { + "type": "string" + }, + "ShareCanvaAgentAction": { + "type": "string" + }, + "ShareComprehendAction": { + "type": "string" + }, + "ShareComprehendMedicalAction": { + "type": "string" + }, + "ShareConfluenceAction": { + "type": "string" + }, "ShareDashboards": { "markdownDescription": "The ability to share dashboards.", "title": "ShareDashboards", @@ -255030,6 +259510,114 @@ "title": "ShareDatasets", "type": "string" }, + "ShareFactSetAction": { + "type": "string" + }, + "ShareGenericHTTPAction": { + "type": "string" + }, + "ShareGithubAction": { + "type": "string" + }, + "ShareGoogleCalendarAction": { + "type": "string" + }, + "ShareHubspotAction": { + "type": "string" + }, + "ShareHuggingFaceAction": { + "type": "string" + }, + "ShareIntercomAction": { + "type": "string" + }, + "ShareJiraAction": { + "type": "string" + }, + "ShareKnowledgeBases": { + "type": "string" + }, + "ShareLinearAction": { + "type": "string" + }, + "ShareMCPAction": { + "type": "string" + }, + "ShareMSExchangeAction": { + "type": "string" + }, + "ShareMSTeamsAction": { + "type": "string" + }, + "ShareMondayAction": { + "type": "string" + }, + "ShareNewRelicAction": { + "type": "string" + }, + "ShareNotionAction": { + "type": "string" + }, + "ShareOneDriveAction": { + "type": "string" + }, + "ShareOpenAPIAction": { + "type": "string" + }, + "SharePagerDutyAction": { + "type": "string" + }, + "SharePointAction": { + "type": "string" + }, + "ShareSAPBillOfMaterialAction": { + "type": "string" + }, + "ShareSAPBusinessPartnerAction": { + "type": "string" + }, + "ShareSAPMaterialStockAction": { + "type": "string" + }, + "ShareSAPPhysicalInventoryAction": { + "type": "string" + }, + "ShareSAPProductMasterDataAction": { + "type": "string" + }, + "ShareSalesforceAction": { + "type": "string" + }, + "ShareSandPGMIAction": { + "type": "string" + }, + "ShareSandPGlobalEnergyAction": { + "type": "string" + }, + "ShareServiceNowAction": { + "type": "string" + }, + "ShareSharePointAction": { + "type": "string" + }, + "ShareSlackAction": { + "type": "string" + }, + "ShareSmartsheetAction": { + "type": "string" + }, + "ShareTextractAction": { + "type": "string" + }, + "ShareZendeskAction": { + "type": "string" + }, + "SlackAction": { + "type": "string" + }, + "SmartsheetAction": { + "type": "string" + }, "Space": { "type": "string" }, @@ -255038,16 +259626,154 @@ "title": "SubscribeDashboardEmailReports", "type": "string" }, + "TextractAction": { + "type": "string" + }, + "Topic": { + "type": "string" + }, "UseAgentWebSearch": { "type": "string" }, + "UseAmazonBedrockARSAction": { + "type": "string" + }, + "UseAmazonBedrockFSAction": { + "type": "string" + }, + "UseAmazonBedrockKRSAction": { + "type": "string" + }, + "UseAmazonSThreeAction": { + "type": "string" + }, + "UseAsanaAction": { + "type": "string" + }, + "UseBambooHRAction": { + "type": "string" + }, "UseBedrockModels": { "type": "string" }, + "UseBoxAgentAction": { + "type": "string" + }, + "UseCanvaAgentAction": { + "type": "string" + }, + "UseComprehendAction": { + "type": "string" + }, + "UseComprehendMedicalAction": { + "type": "string" + }, + "UseConfluenceAction": { + "type": "string" + }, + "UseFactSetAction": { + "type": "string" + }, + "UseGenericHTTPAction": { + "type": "string" + }, + "UseGithubAction": { + "type": "string" + }, + "UseGoogleCalendarAction": { + "type": "string" + }, + "UseHubspotAction": { + "type": "string" + }, + "UseHuggingFaceAction": { + "type": "string" + }, + "UseIntercomAction": { + "type": "string" + }, + "UseJiraAction": { + "type": "string" + }, + "UseLinearAction": { + "type": "string" + }, + "UseMCPAction": { + "type": "string" + }, + "UseMSExchangeAction": { + "type": "string" + }, + "UseMSTeamsAction": { + "type": "string" + }, + "UseMondayAction": { + "type": "string" + }, + "UseNewRelicAction": { + "type": "string" + }, + "UseNotionAction": { + "type": "string" + }, + "UseOneDriveAction": { + "type": "string" + }, + "UseOpenAPIAction": { + "type": "string" + }, + "UsePagerDutyAction": { + "type": "string" + }, + "UseSAPBillOfMaterialAction": { + "type": "string" + }, + "UseSAPBusinessPartnerAction": { + "type": "string" + }, + "UseSAPMaterialStockAction": { + "type": "string" + }, + "UseSAPPhysicalInventoryAction": { + "type": "string" + }, + "UseSAPProductMasterDataAction": { + "type": "string" + }, + "UseSalesforceAction": { + "type": "string" + }, + "UseSandPGMIAction": { + "type": "string" + }, + "UseSandPGlobalEnergyAction": { + "type": "string" + }, + "UseServiceNowAction": { + "type": "string" + }, + "UseSharePointAction": { + "type": "string" + }, + "UseSlackAction": { + "type": "string" + }, + "UseSmartsheetAction": { + "type": "string" + }, + "UseTextractAction": { + "type": "string" + }, + "UseZendeskAction": { + "type": "string" + }, "ViewAccountSPICECapacity": { "markdownDescription": "The ability to view account SPICE capacity.", "title": "ViewAccountSPICECapacity", "type": "string" + }, + "ZendeskAction": { + "type": "string" } }, "type": "object" @@ -266057,7 +270783,7 @@ "type": "array" }, "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick Suite user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick Suite user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick Suite ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", "title": "Principal", "type": "string" } @@ -270017,7 +274743,7 @@ "items": { "type": "string" }, - "markdownDescription": "An array of Amazon Resource Names (ARNs) for Quick Suite users or groups.", + "markdownDescription": "An array of Amazon Resource Names (ARNs) for Quick users or groups.", "title": "Principals", "type": "array" } @@ -271376,7 +276102,7 @@ "type": "array" }, "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick Suite user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick Suite user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick Suite ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", "title": "Principal", "type": "string" } @@ -272635,7 +277361,7 @@ "type": "array" }, "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick Suite user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick Suite user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick Suite ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", "title": "Principal", "type": "string" }, @@ -273100,7 +277826,7 @@ "additionalProperties": false, "properties": { "RefreshType": { - "markdownDescription": "The type of refresh that a dataset undergoes. Valid values are as follows:\n\n- `FULL_REFRESH` : A complete refresh of a dataset.\n- `INCREMENTAL_REFRESH` : A partial refresh of some rows of a dataset, based on the time window specified.\n\nFor more information on full and incremental refreshes, see [Refreshing SPICE data](https://docs.aws.amazon.com/quicksight/latest/user/refreshing-imported-data.html) in the *Quick Suite User Guide* .", + "markdownDescription": "The type of refresh that a dataset undergoes. Valid values are as follows:\n\n- `FULL_REFRESH` : A complete refresh of a dataset.\n- `INCREMENTAL_REFRESH` : A partial refresh of some rows of a dataset, based on the time window specified.\n\nFor more information on full and incremental refreshes, see [Refreshing SPICE data](https://docs.aws.amazon.com/quicksight/latest/user/refreshing-imported-data.html) in the *Quick User Guide* .", "title": "RefreshType", "type": "string" }, @@ -282883,7 +287609,7 @@ "type": "array" }, "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick Suite user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick Suite user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick Suite ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", "title": "Principal", "type": "string" } @@ -286685,7 +291411,7 @@ "type": "array" }, "Principal": { - "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick Suite user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick Suite user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick Suite ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", + "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon Quick user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon Quick user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Quick ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", "title": "Principal", "type": "string" } @@ -298612,35 +303338,783 @@ "Properties": { "additionalProperties": false, "properties": { - "Comment": { - "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", - "title": "Comment", + "Comment": { + "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", + "title": "Comment", + "type": "string" + }, + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneId", + "type": "string" + }, + "HostedZoneName": { + "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneName", + "type": "string" + }, + "RecordSets": { + "items": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.RecordSet" + }, + "markdownDescription": "A complex type that contains one `RecordSet` element for each record that you want to create.", + "title": "RecordSets", + "type": "array" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53::RecordSetGroup" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::Route53::RecordSetGroup.AliasTarget": { + "additionalProperties": false, + "properties": { + "DNSName": { + "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", + "title": "DNSName", + "type": "string" + }, + "EvaluateTargetHealth": { + "markdownDescription": "*Applies only to alias records with any routing policy:* When `EvaluateTargetHealth` is `true` , an alias record inherits the health of the referenced AWS resource, such as an ELB load balancer or another record in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", + "title": "EvaluateTargetHealth", + "type": "boolean" + }, + "HostedZoneId": { + "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing endpoints and quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", + "title": "HostedZoneId", + "type": "string" + } + }, + "required": [ + "DNSName", + "HostedZoneId" + ], + "type": "object" + }, + "AWS::Route53::RecordSetGroup.CidrRoutingConfig": { + "additionalProperties": false, + "properties": { + "CollectionId": { + "markdownDescription": "The CIDR collection ID.", + "title": "CollectionId", + "type": "string" + }, + "LocationName": { + "markdownDescription": "The CIDR collection location name.", + "title": "LocationName", + "type": "string" + } + }, + "required": [ + "CollectionId", + "LocationName" + ], + "type": "object" + }, + "AWS::Route53::RecordSetGroup.Coordinates": { + "additionalProperties": false, + "properties": { + "Latitude": { + "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", + "title": "Latitude", + "type": "string" + }, + "Longitude": { + "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", + "title": "Longitude", + "type": "string" + } + }, + "required": [ + "Latitude", + "Longitude" + ], + "type": "object" + }, + "AWS::Route53::RecordSetGroup.GeoLocation": { + "additionalProperties": false, + "properties": { + "ContinentCode": { + "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", + "title": "ContinentCode", + "type": "string" + }, + "CountryCode": { + "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", + "title": "CountryCode", + "type": "string" + }, + "SubdivisionCode": { + "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", + "title": "SubdivisionCode", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53::RecordSetGroup.GeoProximityLocation": { + "additionalProperties": false, + "properties": { + "AWSRegion": { + "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", + "title": "AWSRegion", + "type": "string" + }, + "Bias": { + "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", + "title": "Bias", + "type": "number" + }, + "Coordinates": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.Coordinates", + "markdownDescription": "Contains the longitude and latitude for a geographic region.", + "title": "Coordinates" + }, + "LocalZoneGroup": { + "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", + "title": "LocalZoneGroup", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Route53::RecordSetGroup.RecordSet": { + "additionalProperties": false, + "properties": { + "AliasTarget": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.AliasTarget", + "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", + "title": "AliasTarget" + }, + "CidrRoutingConfig": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.CidrRoutingConfig", + "markdownDescription": "", + "title": "CidrRoutingConfig" + }, + "Failover": { + "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", + "title": "Failover", + "type": "string" + }, + "GeoLocation": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoLocation", + "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", + "title": "GeoLocation" + }, + "GeoProximityLocation": { + "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoProximityLocation", + "markdownDescription": "A complex type that contains information about a geographic location.", + "title": "GeoProximityLocation" + }, + "HealthCheckId": { + "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", + "title": "HealthCheckId", + "type": "string" + }, + "HostedZoneId": { + "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .\n\nDo not provide the `HostedZoneId` if it is already defined in `AWS::Route53::RecordSetGroup` . The creation fails if `HostedZoneId` is defined in both.", + "title": "HostedZoneId", + "type": "string" + }, + "HostedZoneName": { + "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", + "title": "HostedZoneName", + "type": "string" + }, + "MultiValueAnswer": { + "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", + "title": "MultiValueAnswer", + "type": "boolean" + }, + "Name": { + "markdownDescription": "The name of the record that you want to create, update, or delete.\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", + "title": "Name", + "type": "string" + }, + "Region": { + "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", + "title": "Region", + "type": "string" + }, + "ResourceRecords": { + "items": { + "type": "string" + }, + "markdownDescription": "Information about the records that you want to create. Each record should be in the format appropriate for the record type specified by the `Type` property. For information about different record types and their record formats, see [Values That You Specify When You Create or Edit Amazon Route 53 Records](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values.html) in the *Amazon Route 53 Developer Guide* .", + "title": "ResourceRecords", + "type": "array" + }, + "SetIdentifier": { + "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", + "title": "SetIdentifier", + "type": "string" + }, + "TTL": { + "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", + "title": "TTL", + "type": "string" + }, + "Type": { + "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", + "title": "Type", + "type": "string" + }, + "Weight": { + "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", + "title": "Weight", + "type": "number" + } + }, + "required": [ + "Name", + "Type" + ], + "type": "object" + }, + "AWS::Route53GlobalResolver::AccessSource": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Cidr": { + "type": "string" + }, + "ClientToken": { + "type": "string" + }, + "DnsViewId": { + "type": "string" + }, + "IpAddressType": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "Protocol": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "Cidr", + "DnsViewId", + "Protocol" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53GlobalResolver::AccessSource" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53GlobalResolver::AccessToken": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClientToken": { + "type": "string" + }, + "DnsViewId": { + "type": "string" + }, + "ExpiresAt": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "DnsViewId" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53GlobalResolver::AccessToken" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53GlobalResolver::DnsView": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClientToken": { + "type": "string" + }, + "Description": { + "type": "string" + }, + "DnssecValidation": { + "type": "string" + }, + "EdnsClientSubnet": { + "type": "string" + }, + "FirewallRulesFailOpen": { + "type": "string" + }, + "GlobalResolverId": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "GlobalResolverId", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53GlobalResolver::DnsView" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53GlobalResolver::FirewallDomainList": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClientToken": { + "type": "string" + }, + "Description": { + "type": "string" + }, + "DomainFileUrl": { + "type": "string" + }, + "Domains": { + "items": { + "type": "string" + }, + "type": "array" + }, + "GlobalResolverId": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + } + }, + "required": [ + "GlobalResolverId", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53GlobalResolver::FirewallDomainList" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53GlobalResolver::FirewallRule": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "Action": { + "type": "string" + }, + "BlockOverrideDnsType": { + "type": "string" + }, + "BlockOverrideDomain": { + "type": "string" + }, + "BlockOverrideTtl": { + "type": "number" + }, + "BlockResponse": { + "type": "string" + }, + "ClientToken": { + "type": "string" + }, + "ConfidenceThreshold": { + "type": "string" + }, + "Description": { + "type": "string" + }, + "DnsAdvancedProtection": { + "type": "string" + }, + "DnsViewId": { + "type": "string" + }, + "FirewallDomainListId": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "Priority": { + "type": "number" + }, + "QType": { + "type": "string" + } + }, + "required": [ + "Action", + "DnsViewId", + "Name" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Route53GlobalResolver::FirewallRule" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Route53GlobalResolver::GlobalResolver": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ClientToken": { "type": "string" }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneId", + "Description": { "type": "string" }, - "HostedZoneName": { - "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneName", + "IpAddressType": { "type": "string" }, - "RecordSets": { + "Name": { + "type": "string" + }, + "ObservabilityRegion": { + "type": "string" + }, + "Regions": { "items": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.RecordSet" + "type": "string" + }, + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" }, - "markdownDescription": "A complex type that contains one `RecordSet` element for each record that you want to create.", - "title": "RecordSets", "type": "array" } }, + "required": [ + "Name", + "Regions" + ], "type": "object" }, "Type": { "enum": [ - "AWS::Route53::RecordSetGroup" + "AWS::Route53GlobalResolver::GlobalResolver" ], "type": "string" }, @@ -298654,212 +304128,81 @@ } }, "required": [ - "Type" - ], - "type": "object" - }, - "AWS::Route53::RecordSetGroup.AliasTarget": { - "additionalProperties": false, - "properties": { - "DNSName": { - "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", - "title": "DNSName", - "type": "string" - }, - "EvaluateTargetHealth": { - "markdownDescription": "*Applies only to alias records with any routing policy:* When `EvaluateTargetHealth` is `true` , an alias record inherits the health of the referenced AWS resource, such as an ELB load balancer or another record in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", - "title": "EvaluateTargetHealth", - "type": "boolean" - }, - "HostedZoneId": { - "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing endpoints and quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", - "title": "HostedZoneId", - "type": "string" - } - }, - "required": [ - "DNSName", - "HostedZoneId" - ], - "type": "object" - }, - "AWS::Route53::RecordSetGroup.CidrRoutingConfig": { - "additionalProperties": false, - "properties": { - "CollectionId": { - "markdownDescription": "The CIDR collection ID.", - "title": "CollectionId", - "type": "string" - }, - "LocationName": { - "markdownDescription": "The CIDR collection location name.", - "title": "LocationName", - "type": "string" - } - }, - "required": [ - "CollectionId", - "LocationName" - ], - "type": "object" - }, - "AWS::Route53::RecordSetGroup.Coordinates": { - "additionalProperties": false, - "properties": { - "Latitude": { - "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", - "title": "Latitude", - "type": "string" - }, - "Longitude": { - "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", - "title": "Longitude", - "type": "string" - } - }, - "required": [ - "Latitude", - "Longitude" + "Type", + "Properties" ], "type": "object" }, - "AWS::Route53::RecordSetGroup.GeoLocation": { - "additionalProperties": false, - "properties": { - "ContinentCode": { - "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", - "title": "ContinentCode", - "type": "string" - }, - "CountryCode": { - "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", - "title": "CountryCode", - "type": "string" - }, - "SubdivisionCode": { - "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", - "title": "SubdivisionCode", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Route53::RecordSetGroup.GeoProximityLocation": { + "AWS::Route53GlobalResolver::HostedZoneAssociation": { "additionalProperties": false, "properties": { - "AWSRegion": { - "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", - "title": "AWSRegion", - "type": "string" - }, - "Bias": { - "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", - "title": "Bias", - "type": "number" - }, - "Coordinates": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.Coordinates", - "markdownDescription": "Contains the longitude and latitude for a geographic region.", - "title": "Coordinates" - }, - "LocalZoneGroup": { - "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", - "title": "LocalZoneGroup", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Route53::RecordSetGroup.RecordSet": { - "additionalProperties": false, - "properties": { - "AliasTarget": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.AliasTarget", - "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", - "title": "AliasTarget" - }, - "CidrRoutingConfig": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.CidrRoutingConfig", - "markdownDescription": "", - "title": "CidrRoutingConfig" - }, - "Failover": { - "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", - "title": "Failover", - "type": "string" - }, - "GeoLocation": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoLocation", - "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", - "title": "GeoLocation" - }, - "GeoProximityLocation": { - "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoProximityLocation", - "markdownDescription": "A complex type that contains information about a geographic location.", - "title": "GeoProximityLocation" - }, - "HealthCheckId": { - "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", - "title": "HealthCheckId", - "type": "string" - }, - "HostedZoneId": { - "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .\n\nDo not provide the `HostedZoneId` if it is already defined in `AWS::Route53::RecordSetGroup` . The creation fails if `HostedZoneId` is defined in both.", - "title": "HostedZoneId", + "Condition": { "type": "string" }, - "HostedZoneName": { - "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", - "title": "HostedZoneName", + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], "type": "string" }, - "MultiValueAnswer": { - "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", - "title": "MultiValueAnswer", - "type": "boolean" - }, - "Name": { - "markdownDescription": "The name of the record that you want to create, update, or delete.\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", - "title": "Name", - "type": "string" + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] }, - "Region": { - "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", - "title": "Region", - "type": "string" + "Metadata": { + "type": "object" }, - "ResourceRecords": { - "items": { - "type": "string" + "Properties": { + "additionalProperties": false, + "properties": { + "HostedZoneId": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "ResourceArn": { + "type": "string" + } }, - "markdownDescription": "Information about the records that you want to create. Each record should be in the format appropriate for the record type specified by the `Type` property. For information about different record types and their record formats, see [Values That You Specify When You Create or Edit Amazon Route 53 Records](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values.html) in the *Amazon Route 53 Developer Guide* .", - "title": "ResourceRecords", - "type": "array" - }, - "SetIdentifier": { - "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", - "title": "SetIdentifier", - "type": "string" - }, - "TTL": { - "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", - "title": "TTL", - "type": "string" + "required": [ + "HostedZoneId", + "Name", + "ResourceArn" + ], + "type": "object" }, "Type": { - "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA` | `TLSA` | `SSHFP` | `SVCB` | `HTTPS`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", - "title": "Type", + "enum": [ + "AWS::Route53GlobalResolver::HostedZoneAssociation" + ], "type": "string" }, - "Weight": { - "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", - "title": "Weight", - "type": "number" + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" } }, "required": [ - "Name", - "Type" + "Type", + "Properties" ], "type": "object" }, @@ -301533,6 +306876,12 @@ "title": "BucketName", "type": "string" }, + "BucketNamePrefix": { + "type": "string" + }, + "BucketNamespace": { + "type": "string" + }, "CorsConfiguration": { "$ref": "#/definitions/AWS::S3::Bucket.CorsConfiguration", "markdownDescription": "Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide* .", @@ -339961,44 +345310,360 @@ "Properties": { "additionalProperties": false, "properties": { - "Description": { - "markdownDescription": "Specifies the text description for the workflow.", - "title": "Description", + "Description": { + "markdownDescription": "Specifies the text description for the workflow.", + "title": "Description", + "type": "string" + }, + "OnExceptionSteps": { + "items": { + "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" + }, + "markdownDescription": "Specifies the steps (actions) to take if errors are encountered during execution of the workflow.", + "title": "OnExceptionSteps", + "type": "array" + }, + "Steps": { + "items": { + "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" + }, + "markdownDescription": "Specifies the details for the steps that are in the specified workflow.", + "title": "Steps", + "type": "array" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "markdownDescription": "Key-value pairs that can be used to group and search for workflows. Tags are metadata attached to workflows for any purpose.", + "title": "Tags", + "type": "array" + } + }, + "required": [ + "Steps" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::Transfer::Workflow" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, + "AWS::Transfer::Workflow.CopyStepDetails": { + "additionalProperties": false, + "properties": { + "DestinationFileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3FileLocation", + "markdownDescription": "Specifies the location for the file being copied. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", + "title": "DestinationFileLocation" + }, + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "OverwriteExisting": { + "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", + "title": "OverwriteExisting", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.CustomStepDetails": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + }, + "Target": { + "markdownDescription": "The ARN for the Lambda function that is being called.", + "title": "Target", + "type": "string" + }, + "TimeoutSeconds": { + "markdownDescription": "Timeout, in seconds, for the step.", + "title": "TimeoutSeconds", + "type": "number" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.DecryptStepDetails": { + "additionalProperties": false, + "properties": { + "DestinationFileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.InputFileLocation", + "markdownDescription": "Specifies the location for the file being decrypted. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", + "title": "DestinationFileLocation" + }, + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "OverwriteExisting": { + "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", + "title": "OverwriteExisting", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + }, + "Type": { + "markdownDescription": "The type of encryption used. Currently, this value must be `PGP` .", + "title": "Type", + "type": "string" + } + }, + "required": [ + "DestinationFileLocation", + "Type" + ], + "type": "object" + }, + "AWS::Transfer::Workflow.DeleteStepDetails": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.EfsInputFileLocation": { + "additionalProperties": false, + "properties": { + "FileSystemId": { + "markdownDescription": "The identifier of the file system, assigned by Amazon EFS.", + "title": "FileSystemId", + "type": "string" + }, + "Path": { + "markdownDescription": "The pathname for the folder being used by a workflow.", + "title": "Path", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.InputFileLocation": { + "additionalProperties": false, + "properties": { + "EfsFileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.EfsInputFileLocation", + "markdownDescription": "Specifies the details for the Amazon Elastic File System (Amazon EFS) file that's being decrypted.", + "title": "EfsFileLocation" + }, + "S3FileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", + "markdownDescription": "Specifies the details for the Amazon S3 file that's being copied or decrypted.", + "title": "S3FileLocation" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.S3FileLocation": { + "additionalProperties": false, + "properties": { + "S3FileLocation": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", + "markdownDescription": "Specifies the details for the file location for the file that's being used in the workflow. Only applicable if you are using Amazon S3 storage.", + "title": "S3FileLocation" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.S3InputFileLocation": { + "additionalProperties": false, + "properties": { + "Bucket": { + "markdownDescription": "Specifies the S3 bucket for the customer input file.", + "title": "Bucket", + "type": "string" + }, + "Key": { + "markdownDescription": "The name assigned to the file when it was created in Amazon S3. You use the object key to retrieve the object.", + "title": "Key", + "type": "string" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.S3Tag": { + "additionalProperties": false, + "properties": { + "Key": { + "markdownDescription": "The name assigned to the tag that you create.", + "title": "Key", + "type": "string" + }, + "Value": { + "markdownDescription": "The value that corresponds to the key.", + "title": "Value", + "type": "string" + } + }, + "required": [ + "Key", + "Value" + ], + "type": "object" + }, + "AWS::Transfer::Workflow.TagStepDetails": { + "additionalProperties": false, + "properties": { + "Name": { + "markdownDescription": "The name of the step, used as an identifier.", + "title": "Name", + "type": "string" + }, + "SourceFileLocation": { + "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", + "title": "SourceFileLocation", + "type": "string" + }, + "Tags": { + "items": { + "$ref": "#/definitions/AWS::Transfer::Workflow.S3Tag" + }, + "markdownDescription": "Array that contains from 1 to 10 key/value pairs.", + "title": "Tags", + "type": "array" + } + }, + "type": "object" + }, + "AWS::Transfer::Workflow.WorkflowStep": { + "additionalProperties": false, + "properties": { + "CopyStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.CopyStepDetails", + "markdownDescription": "Details for a step that performs a file copy.\n\nConsists of the following values:\n\n- A description\n- An Amazon S3 location for the destination of the file copy.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .", + "title": "CopyStepDetails" + }, + "CustomStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.CustomStepDetails", + "markdownDescription": "Details for a step that invokes an AWS Lambda function.\n\nConsists of the Lambda function's name, target, and timeout (in seconds).", + "title": "CustomStepDetails" + }, + "DecryptStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.DecryptStepDetails", + "markdownDescription": "Details for a step that decrypts an encrypted file.\n\nConsists of the following values:\n\n- A descriptive name\n- An Amazon S3 or Amazon Elastic File System (Amazon EFS) location for the source file to decrypt.\n- An S3 or Amazon EFS location for the destination of the file decryption.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n- The type of encryption that's used. Currently, only PGP encryption is supported.", + "title": "DecryptStepDetails" + }, + "DeleteStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.DeleteStepDetails", + "markdownDescription": "Details for a step that deletes the file.", + "title": "DeleteStepDetails" + }, + "TagStepDetails": { + "$ref": "#/definitions/AWS::Transfer::Workflow.TagStepDetails", + "markdownDescription": "Details for a step that creates one or more tags.\n\nYou specify one or more tags. Each tag contains a key-value pair.", + "title": "TagStepDetails" + }, + "Type": { + "markdownDescription": "Currently, the following step types are supported.\n\n- *`COPY`* - Copy the file to another location.\n- *`CUSTOM`* - Perform a custom step with an AWS Lambda function target.\n- *`DECRYPT`* - Decrypt a file that was encrypted before it was uploaded.\n- *`DELETE`* - Delete the file.\n- *`TAG`* - Add a tag to the file.", + "title": "Type", + "type": "string" + } + }, + "type": "object" + }, + "AWS::UXC::AccountCustomization": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "AccountColor": { "type": "string" }, - "OnExceptionSteps": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" - }, - "markdownDescription": "Specifies the steps (actions) to take if errors are encountered during execution of the workflow.", - "title": "OnExceptionSteps", - "type": "array" - }, - "Steps": { + "VisibleRegions": { "items": { - "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" + "type": "string" }, - "markdownDescription": "Specifies the details for the steps that are in the specified workflow.", - "title": "Steps", "type": "array" }, - "Tags": { + "VisibleServices": { "items": { - "$ref": "#/definitions/Tag" + "type": "string" }, - "markdownDescription": "Key-value pairs that can be used to group and search for workflows. Tags are metadata attached to workflows for any purpose.", - "title": "Tags", "type": "array" } }, - "required": [ - "Steps" - ], "type": "object" }, "Type": { "enum": [ - "AWS::Transfer::Workflow" + "AWS::UXC::AccountCustomization" ], "type": "string" }, @@ -340012,253 +345677,10 @@ } }, "required": [ - "Type", - "Properties" - ], - "type": "object" - }, - "AWS::Transfer::Workflow.CopyStepDetails": { - "additionalProperties": false, - "properties": { - "DestinationFileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3FileLocation", - "markdownDescription": "Specifies the location for the file being copied. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", - "title": "DestinationFileLocation" - }, - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "OverwriteExisting": { - "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", - "title": "OverwriteExisting", - "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Workflow.CustomStepDetails": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" - }, - "Target": { - "markdownDescription": "The ARN for the Lambda function that is being called.", - "title": "Target", - "type": "string" - }, - "TimeoutSeconds": { - "markdownDescription": "Timeout, in seconds, for the step.", - "title": "TimeoutSeconds", - "type": "number" - } - }, - "type": "object" - }, - "AWS::Transfer::Workflow.DecryptStepDetails": { - "additionalProperties": false, - "properties": { - "DestinationFileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.InputFileLocation", - "markdownDescription": "Specifies the location for the file being decrypted. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", - "title": "DestinationFileLocation" - }, - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "OverwriteExisting": { - "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", - "title": "OverwriteExisting", - "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" - }, - "Type": { - "markdownDescription": "The type of encryption used. Currently, this value must be `PGP` .", - "title": "Type", - "type": "string" - } - }, - "required": [ - "DestinationFileLocation", "Type" ], "type": "object" }, - "AWS::Transfer::Workflow.DeleteStepDetails": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Workflow.EfsInputFileLocation": { - "additionalProperties": false, - "properties": { - "FileSystemId": { - "markdownDescription": "The identifier of the file system, assigned by Amazon EFS.", - "title": "FileSystemId", - "type": "string" - }, - "Path": { - "markdownDescription": "The pathname for the folder being used by a workflow.", - "title": "Path", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Workflow.InputFileLocation": { - "additionalProperties": false, - "properties": { - "EfsFileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.EfsInputFileLocation", - "markdownDescription": "Specifies the details for the Amazon Elastic File System (Amazon EFS) file that's being decrypted.", - "title": "EfsFileLocation" - }, - "S3FileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", - "markdownDescription": "Specifies the details for the Amazon S3 file that's being copied or decrypted.", - "title": "S3FileLocation" - } - }, - "type": "object" - }, - "AWS::Transfer::Workflow.S3FileLocation": { - "additionalProperties": false, - "properties": { - "S3FileLocation": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", - "markdownDescription": "Specifies the details for the file location for the file that's being used in the workflow. Only applicable if you are using Amazon S3 storage.", - "title": "S3FileLocation" - } - }, - "type": "object" - }, - "AWS::Transfer::Workflow.S3InputFileLocation": { - "additionalProperties": false, - "properties": { - "Bucket": { - "markdownDescription": "Specifies the S3 bucket for the customer input file.", - "title": "Bucket", - "type": "string" - }, - "Key": { - "markdownDescription": "The name assigned to the file when it was created in Amazon S3. You use the object key to retrieve the object.", - "title": "Key", - "type": "string" - } - }, - "type": "object" - }, - "AWS::Transfer::Workflow.S3Tag": { - "additionalProperties": false, - "properties": { - "Key": { - "markdownDescription": "The name assigned to the tag that you create.", - "title": "Key", - "type": "string" - }, - "Value": { - "markdownDescription": "The value that corresponds to the key.", - "title": "Value", - "type": "string" - } - }, - "required": [ - "Key", - "Value" - ], - "type": "object" - }, - "AWS::Transfer::Workflow.TagStepDetails": { - "additionalProperties": false, - "properties": { - "Name": { - "markdownDescription": "The name of the step, used as an identifier.", - "title": "Name", - "type": "string" - }, - "SourceFileLocation": { - "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", - "title": "SourceFileLocation", - "type": "string" - }, - "Tags": { - "items": { - "$ref": "#/definitions/AWS::Transfer::Workflow.S3Tag" - }, - "markdownDescription": "Array that contains from 1 to 10 key/value pairs.", - "title": "Tags", - "type": "array" - } - }, - "type": "object" - }, - "AWS::Transfer::Workflow.WorkflowStep": { - "additionalProperties": false, - "properties": { - "CopyStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.CopyStepDetails", - "markdownDescription": "Details for a step that performs a file copy.\n\nConsists of the following values:\n\n- A description\n- An Amazon S3 location for the destination of the file copy.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .", - "title": "CopyStepDetails" - }, - "CustomStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.CustomStepDetails", - "markdownDescription": "Details for a step that invokes an AWS Lambda function.\n\nConsists of the Lambda function's name, target, and timeout (in seconds).", - "title": "CustomStepDetails" - }, - "DecryptStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.DecryptStepDetails", - "markdownDescription": "Details for a step that decrypts an encrypted file.\n\nConsists of the following values:\n\n- A descriptive name\n- An Amazon S3 or Amazon Elastic File System (Amazon EFS) location for the source file to decrypt.\n- An S3 or Amazon EFS location for the destination of the file decryption.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n- The type of encryption that's used. Currently, only PGP encryption is supported.", - "title": "DecryptStepDetails" - }, - "DeleteStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.DeleteStepDetails", - "markdownDescription": "Details for a step that deletes the file.", - "title": "DeleteStepDetails" - }, - "TagStepDetails": { - "$ref": "#/definitions/AWS::Transfer::Workflow.TagStepDetails", - "markdownDescription": "Details for a step that creates one or more tags.\n\nYou specify one or more tags. Each tag contains a key-value pair.", - "title": "TagStepDetails" - }, - "Type": { - "markdownDescription": "Currently, the following step types are supported.\n\n- *`COPY`* - Copy the file to another location.\n- *`CUSTOM`* - Perform a custom step with an AWS Lambda function target.\n- *`DECRYPT`* - Decrypt a file that was encrypted before it was uploaded.\n- *`DELETE`* - Delete the file.\n- *`TAG`* - Add a tag to the file.", - "title": "Type", - "type": "string" - } - }, - "type": "object" - }, "AWS::VerifiedPermissions::IdentitySource": { "additionalProperties": false, "properties": { @@ -340827,11 +346249,6 @@ "AWS::VerifiedPermissions::PolicyStore.SchemaDefinition": { "additionalProperties": false, "properties": { - "CedarFormat": { - "markdownDescription": "", - "title": "CedarFormat", - "type": "string" - }, "CedarJson": { "markdownDescription": "A JSON string representation of the schema supported by applications that use this policy store. For more information, see [Policy store schema](https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html) in the AVP User Guide.", "title": "CedarJson", @@ -354387,18 +359804,6 @@ }, "type": "object" }, - "AWS::WorkspacesInstances::WorkspaceInstance.InstanceMarketOptionsRequest": { - "additionalProperties": false, - "properties": { - "MarketType": { - "type": "string" - }, - "SpotOptions": { - "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.SpotMarketOptions" - } - }, - "type": "object" - }, "AWS::WorkspacesInstances::WorkspaceInstance.InstanceMetadataOptionsRequest": { "additionalProperties": false, "properties": { @@ -354498,9 +359903,6 @@ "ImageId": { "type": "string" }, - "InstanceMarketOptions": { - "$ref": "#/definitions/AWS::WorkspacesInstances::WorkspaceInstance.InstanceMarketOptionsRequest" - }, "InstanceType": { "type": "string" }, @@ -354604,24 +360006,6 @@ }, "type": "object" }, - "AWS::WorkspacesInstances::WorkspaceInstance.SpotMarketOptions": { - "additionalProperties": false, - "properties": { - "InstanceInterruptionBehavior": { - "type": "string" - }, - "MaxPrice": { - "type": "string" - }, - "SpotInstanceType": { - "type": "string" - }, - "ValidUntilUtc": { - "type": "string" - } - }, - "type": "object" - }, "AWS::WorkspacesInstances::WorkspaceInstance.TagSpecification": { "additionalProperties": false, "properties": { @@ -354887,6 +360271,22 @@ ], "type": "object" }, + "AWS::XRay::SamplingRule.SamplingRateBoost": { + "additionalProperties": false, + "properties": { + "CooldownWindowMinutes": { + "type": "number" + }, + "MaxRate": { + "type": "number" + } + }, + "required": [ + "CooldownWindowMinutes", + "MaxRate" + ], + "type": "object" + }, "AWS::XRay::SamplingRule.SamplingRule": { "additionalProperties": false, "properties": { @@ -354941,6 +360341,9 @@ "title": "RuleName", "type": "string" }, + "SamplingRateBoost": { + "$ref": "#/definitions/AWS::XRay::SamplingRule.SamplingRateBoost" + }, "ServiceName": { "markdownDescription": "Matches the `name` that the service uses to identify itself in segments.", "title": "ServiceName", @@ -355831,6 +361234,9 @@ { "$ref": "#/definitions/AWS::Batch::JobQueue" }, + { + "$ref": "#/definitions/AWS::Batch::QuotaShare" + }, { "$ref": "#/definitions/AWS::Batch::SchedulingPolicy" }, @@ -355891,9 +361297,15 @@ { "$ref": "#/definitions/AWS::BedrockAgentCore::BrowserCustom" }, + { + "$ref": "#/definitions/AWS::BedrockAgentCore::BrowserProfile" + }, { "$ref": "#/definitions/AWS::BedrockAgentCore::CodeInterpreterCustom" }, + { + "$ref": "#/definitions/AWS::BedrockAgentCore::Evaluator" + }, { "$ref": "#/definitions/AWS::BedrockAgentCore::Gateway" }, @@ -355903,6 +361315,15 @@ { "$ref": "#/definitions/AWS::BedrockAgentCore::Memory" }, + { + "$ref": "#/definitions/AWS::BedrockAgentCore::OnlineEvaluationConfig" + }, + { + "$ref": "#/definitions/AWS::BedrockAgentCore::Policy" + }, + { + "$ref": "#/definitions/AWS::BedrockAgentCore::PolicyEngine" + }, { "$ref": "#/definitions/AWS::BedrockAgentCore::Runtime" }, @@ -355912,6 +361333,9 @@ { "$ref": "#/definitions/AWS::BedrockAgentCore::WorkloadIdentity" }, + { + "$ref": "#/definitions/AWS::BedrockMantle::Project" + }, { "$ref": "#/definitions/AWS::Billing::BillingView" }, @@ -356008,6 +361432,12 @@ { "$ref": "#/definitions/AWS::CleanRooms::PrivacyBudgetTemplate" }, + { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithm" + }, + { + "$ref": "#/definitions/AWS::CleanRoomsML::ConfiguredModelAlgorithmAssociation" + }, { "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset" }, @@ -356284,6 +361714,9 @@ { "$ref": "#/definitions/AWS::Comprehend::Flywheel" }, + { + "$ref": "#/definitions/AWS::ComputeOptimizer::AutomationRule" + }, { "$ref": "#/definitions/AWS::Config::AggregationAuthorization" }, @@ -356326,6 +361759,12 @@ { "$ref": "#/definitions/AWS::Connect::ContactFlowModule" }, + { + "$ref": "#/definitions/AWS::Connect::ContactFlowModuleAlias" + }, + { + "$ref": "#/definitions/AWS::Connect::ContactFlowModuleVersion" + }, { "$ref": "#/definitions/AWS::Connect::ContactFlowVersion" }, @@ -356443,6 +361882,9 @@ { "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType" }, + { + "$ref": "#/definitions/AWS::CustomerProfiles::Recommender" + }, { "$ref": "#/definitions/AWS::CustomerProfiles::SegmentDefinition" }, @@ -356665,6 +362107,27 @@ { "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection" }, + { + "$ref": "#/definitions/AWS::DirectConnect::Connection" + }, + { + "$ref": "#/definitions/AWS::DirectConnect::DirectConnectGateway" + }, + { + "$ref": "#/definitions/AWS::DirectConnect::DirectConnectGatewayAssociation" + }, + { + "$ref": "#/definitions/AWS::DirectConnect::Lag" + }, + { + "$ref": "#/definitions/AWS::DirectConnect::PrivateVirtualInterface" + }, + { + "$ref": "#/definitions/AWS::DirectConnect::PublicVirtualInterface" + }, + { + "$ref": "#/definitions/AWS::DirectConnect::TransitVirtualInterface" + }, { "$ref": "#/definitions/AWS::DirectoryService::MicrosoftAD" }, @@ -356767,6 +362230,9 @@ { "$ref": "#/definitions/AWS::EC2::IPAMPrefixListResolver" }, + { + "$ref": "#/definitions/AWS::EC2::IPAMPrefixListResolverTarget" + }, { "$ref": "#/definitions/AWS::EC2::IPAMResourceDiscovery" }, @@ -356890,6 +362356,9 @@ { "$ref": "#/definitions/AWS::EC2::SpotFleet" }, + { + "$ref": "#/definitions/AWS::EC2::SqlHaStandbyDetectedInstance" + }, { "$ref": "#/definitions/AWS::EC2::Subnet" }, @@ -357223,6 +362692,9 @@ { "$ref": "#/definitions/AWS::Elasticsearch::Domain" }, + { + "$ref": "#/definitions/AWS::ElementalInference::Feed" + }, { "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow" }, @@ -357394,6 +362866,9 @@ { "$ref": "#/definitions/AWS::GlobalAccelerator::Listener" }, + { + "$ref": "#/definitions/AWS::Glue::Catalog" + }, { "$ref": "#/definitions/AWS::Glue::Classifier" }, @@ -357709,6 +363184,9 @@ { "$ref": "#/definitions/AWS::InspectorV2::Filter" }, + { + "$ref": "#/definitions/AWS::Interconnect::Connection" + }, { "$ref": "#/definitions/AWS::InternetMonitor::Monitor" }, @@ -358558,6 +364036,9 @@ { "$ref": "#/definitions/AWS::ObservabilityAdmin::S3TableIntegration" }, + { + "$ref": "#/definitions/AWS::ObservabilityAdmin::TelemetryEnrichment" + }, { "$ref": "#/definitions/AWS::ObservabilityAdmin::TelemetryPipelines" }, @@ -358591,6 +364072,9 @@ { "$ref": "#/definitions/AWS::OpenSearchServerless::Collection" }, + { + "$ref": "#/definitions/AWS::OpenSearchServerless::CollectionGroup" + }, { "$ref": "#/definitions/AWS::OpenSearchServerless::Index" }, @@ -359056,6 +364540,27 @@ { "$ref": "#/definitions/AWS::Route53::RecordSetGroup" }, + { + "$ref": "#/definitions/AWS::Route53GlobalResolver::AccessSource" + }, + { + "$ref": "#/definitions/AWS::Route53GlobalResolver::AccessToken" + }, + { + "$ref": "#/definitions/AWS::Route53GlobalResolver::DnsView" + }, + { + "$ref": "#/definitions/AWS::Route53GlobalResolver::FirewallDomainList" + }, + { + "$ref": "#/definitions/AWS::Route53GlobalResolver::FirewallRule" + }, + { + "$ref": "#/definitions/AWS::Route53GlobalResolver::GlobalResolver" + }, + { + "$ref": "#/definitions/AWS::Route53GlobalResolver::HostedZoneAssociation" + }, { "$ref": "#/definitions/AWS::Route53Profiles::Profile" }, @@ -359725,6 +365230,9 @@ { "$ref": "#/definitions/AWS::Transfer::Workflow" }, + { + "$ref": "#/definitions/AWS::UXC::AccountCustomization" + }, { "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource" },