Merge pull request #1969 from hashicorp/f-08-21-2024-schema-updates

08/21/2024 CloudFormation schema refresh

CHANGELOG.md

@@ -1,4 +1,14 @@
 ## 1.11.0 (Unreleased)
+
+FEATURES:
+
+* **New Data Source:** `awscc_glue_database`
+* **New Data Source:** `awscc_glue_databases`
+* **New Data Source:** `awscc_ivs_public_key`
+* **New Data Source:** `awscc_ivs_public_keys`
+* **New Resource:** `awscc_glue_database`
+* **New Resource:** `awscc_ivs_public_key`
+
 ## 1.10.0 (August 15, 2024)
 
 FEATURES:

docs/data-sources/codebuild_fleet.md

@@ -27,6 +27,7 @@ Data Source schema for AWS::CodeBuild::Fleet
 - `environment_type` (String)
 - `fleet_service_role` (String)
 - `fleet_vpc_config` (Attributes) (see [below for nested schema](#nestedatt--fleet_vpc_config))
+- `image_id` (String)
 - `name` (String)
 - `overflow_behavior` (String)
 - `tags` (Attributes List) (see [below for nested schema](#nestedatt--tags))

docs/data-sources/ec2_ipam.md

@@ -25,6 +25,7 @@ Data Source schema for AWS::EC2::IPAM
 - `default_resource_discovery_association_id` (String) The Id of the default association to the default resource discovery, created with this IPAM.
 - `default_resource_discovery_id` (String) The Id of the default resource discovery, created with this IPAM.
 - `description` (String)
+- `enable_private_gua` (Boolean) Enable provisioning of GUA space in private pools.
 - `ipam_id` (String) Id of the IPAM.
 - `operating_regions` (Attributes Set) The regions IPAM is enabled for. Allows pools to be created in these regions, as well as enabling monitoring (see [below for nested schema](#nestedatt--operating_regions))
 - `private_default_scope_id` (String) The Id of the default scope for publicly routable IP space, created with this IPAM.

docs/data-sources/ec2_launch_template.md

@@ -27,7 +27,7 @@ Data Source schema for AWS::EC2::LaunchTemplate
 - `launch_template_id` (String)
 - `launch_template_name` (String) A name for the launch template.
 - `tag_specifications` (Attributes List) The tags to apply to the launch template on creation. To tag the launch template, the resource type must be ``launch-template``.
- To specify the tags for the resources that are created when an instance is launched, you must use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#cfn-ec2-launchtemplate-tagspecifications). (see [below for nested schema](#nestedatt--tag_specifications))
+ To specify the tags for the resources that are created when an instance is launched, you must use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html#cfn-ec2-launchtemplate-launchtemplatedata-tagspecifications). (see [below for nested schema](#nestedatt--tag_specifications))
 - `version_description` (String) A description for the first version of the launch template.
 
 <a id="nestedatt--launch_template_data"></a>

docs/data-sources/ec2_vpc_cidr_block.md

@@ -23,8 +23,10 @@ Data Source schema for AWS::EC2::VPCCidrBlock
 
 - `amazon_provided_ipv_6_cidr_block` (Boolean) Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IPv6 addresses, or the size of the CIDR block.
 - `cidr_block` (String) An IPv4 CIDR block to associate with the VPC.
+- `ip_source` (String) The IP Source of an IPv6 VPC CIDR Block.
 - `ipv_4_ipam_pool_id` (String) The ID of the IPv4 IPAM pool to Associate a CIDR from to a VPC.
 - `ipv_4_netmask_length` (Number) The netmask length of the IPv4 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool.
+- `ipv_6_address_attribute` (String) The value denoting whether an IPv6 VPC CIDR Block is public or private.
 - `ipv_6_cidr_block` (String) An IPv6 CIDR block from the IPv6 address pool.
 - `ipv_6_ipam_pool_id` (String) The ID of the IPv6 IPAM pool to Associate a CIDR from to a VPC.
 - `ipv_6_netmask_length` (Number) The netmask length of the IPv6 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool.

docs/data-sources/glue_database.md

@@ -0,0 +1,74 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_glue_database Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+  Data Source schema for AWS::Glue::Database
+---
+
+# awscc_glue_database (Data Source)
+
+Data Source schema for AWS::Glue::Database
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `id` (String) Uniquely identifies the resource.
+
+### Read-Only
+
+- `catalog_id` (String) The AWS account ID for the account in which to create the catalog object.
+- `database_input` (Attributes) The metadata for the database. (see [below for nested schema](#nestedatt--database_input))
+- `database_name` (String) The name of the database. For hive compatibility, this is folded to lowercase when it is store.
+
+<a id="nestedatt--database_input"></a>
+### Nested Schema for `database_input`
+
+Read-Only:
+
+- `create_table_default_permissions` (Attributes List) Creates a set of default permissions on the table for principals. Used by AWS Lake Formation. Not used in the normal course of AWS Glue operations. (see [below for nested schema](#nestedatt--database_input--create_table_default_permissions))
+- `description` (String) A description of the database.
+- `federated_database` (Attributes) A FederatedDatabase structure that references an entity outside the AWS Glue Data Catalog. (see [below for nested schema](#nestedatt--database_input--federated_database))
+- `location_uri` (String) The location of the database (for example, an HDFS path).
+- `name` (String) The name of the database. For hive compatibility, this is folded to lowercase when it is stored.
+- `parameters` (String) These key-value pairs define parameters and properties of the database.
+- `target_database` (Attributes) A DatabaseIdentifier structure that describes a target database for resource linking. (see [below for nested schema](#nestedatt--database_input--target_database))
+
+<a id="nestedatt--database_input--create_table_default_permissions"></a>
+### Nested Schema for `database_input.create_table_default_permissions`
+
+Read-Only:
+
+- `permissions` (List of String) The permissions that are granted to the principal.
+- `principal` (Attributes) The principal who is granted permissions. (see [below for nested schema](#nestedatt--database_input--create_table_default_permissions--principal))
+
+<a id="nestedatt--database_input--create_table_default_permissions--principal"></a>
+### Nested Schema for `database_input.create_table_default_permissions.principal`
+
+Read-Only:
+
+- `data_lake_principal_identifier` (String) An identifier for the AWS Lake Formation principal.
+
+
+
+<a id="nestedatt--database_input--federated_database"></a>
+### Nested Schema for `database_input.federated_database`
+
+Read-Only:
+
+- `connection_name` (String) The name of the connection to the external metastore.
+- `identifier` (String) A unique identifier for the federated database.
+
+
+<a id="nestedatt--database_input--target_database"></a>
+### Nested Schema for `database_input.target_database`
+
+Read-Only:
+
+- `catalog_id` (String) The ID of the Data Catalog in which the database resides.
+- `database_name` (String) The name of the catalog database.
+- `region` (String) Region of the target database.

docs/data-sources/glue_databases.md

@@ -0,0 +1,21 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_glue_databases Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+  Plural Data Source schema for AWS::Glue::Database
+---
+
+# awscc_glue_databases (Data Source)
+
+Plural Data Source schema for AWS::Glue::Database
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Read-Only
+
+- `id` (String) Uniquely identifies the data source.
+- `ids` (Set of String) Set of Resource Identifiers.

docs/data-sources/ivs_public_key.md

@@ -0,0 +1,36 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_ivs_public_key Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+  Data Source schema for AWS::IVS::PublicKey
+---
+
+# awscc_ivs_public_key (Data Source)
+
+Data Source schema for AWS::IVS::PublicKey
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `id` (String) Uniquely identifies the resource.
+
+### Read-Only
+
+- `arn` (String) Key-pair identifier.
+- `fingerprint` (String) Key-pair identifier.
+- `name` (String) Name of the public key to be imported. The value does not need to be unique.
+- `public_key_material` (String) The public portion of a customer-generated key pair.
+- `tags` (Attributes Set) A list of key-value pairs that contain metadata for the asset model. (see [below for nested schema](#nestedatt--tags))
+
+<a id="nestedatt--tags"></a>
+### Nested Schema for `tags`
+
+Read-Only:
+
+- `key` (String)
+- `value` (String)

docs/data-sources/ivs_public_keys.md

@@ -0,0 +1,21 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awscc_ivs_public_keys Data Source - terraform-provider-awscc"
+subcategory: ""
+description: |-
+  Plural Data Source schema for AWS::IVS::PublicKey
+---
+
+# awscc_ivs_public_keys (Data Source)
+
+Plural Data Source schema for AWS::IVS::PublicKey
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Read-Only
+
+- `id` (String) Uniquely identifies the data source.
+- `ids` (Set of String) Set of Resource Identifiers.

docs/data-sources/ivs_stage.md

@@ -23,9 +23,19 @@ Data Source schema for AWS::IVS::Stage
 
 - `active_session_id` (String) ID of the active session within the stage.
 - `arn` (String) Stage ARN is automatically generated on creation and assigned as the unique identifier.
+- `auto_participant_recording_configuration` (Attributes) Configuration object for individual participant recording, to attach to the new stage. (see [below for nested schema](#nestedatt--auto_participant_recording_configuration))
 - `name` (String) Stage name
 - `tags` (Attributes Set) An array of key-value pairs to apply to this resource. (see [below for nested schema](#nestedatt--tags))
 
+<a id="nestedatt--auto_participant_recording_configuration"></a>
+### Nested Schema for `auto_participant_recording_configuration`
+
+Read-Only:
+
+- `media_types` (Set of String) Types of media to be recorded. Default: AUDIO_VIDEO.
+- `storage_configuration_arn` (String) ARN of the StorageConfiguration resource to use for individual participant recording.
+
+
 <a id="nestedatt--tags"></a>
 ### Nested Schema for `tags`
 

docs/data-sources/lambda_function.md

@@ -40,6 +40,7 @@ Data Source schema for AWS::Lambda::Function
 - `logging_config` (Attributes) The function's Amazon CloudWatch Logs configuration settings. (see [below for nested schema](#nestedatt--logging_config))
 - `memory_size` (Number) The amount of [memory available to the function](https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-memory-console) at runtime. Increasing the function memory also increases its CPU allocation. The default value is 128 MB. The value can be any multiple of 1 MB. Note that new AWS accounts have reduced concurrency and memory quotas. AWS raises these quotas automatically based on your usage. You can also request a quota increase.
 - `package_type` (String) The type of deployment package. Set to ``Image`` for container image and set ``Zip`` for .zip file archive.
+- `recursive_loop` (String) The function recursion configuration.
 - `reserved_concurrent_executions` (Number) The number of simultaneous executions to reserve for the function.
 - `role` (String) The Amazon Resource Name (ARN) of the function's execution role.
 - `runtime` (String) The identifier of the function's [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html). Runtime is required if the deployment package is a .zip file archive. Specifying a runtime results in an error if you're deploying a function using a container image.

docs/data-sources/lambda_permission.md

@@ -25,9 +25,9 @@ Data Source schema for AWS::Lambda::Permission
 - `event_source_token` (String) For Alexa Smart Home functions, a token that the invoker must supply.
 - `function_name` (String) The name or ARN of the Lambda function, version, or alias.
   **Name formats**
- +   *Function name* ? ``my-function`` (name-only), ``my-function:v1`` (with alias).
-  +   *Function ARN* ? ``arn:aws:lambda:us-west-2:123456789012:function:my-function``.
-  +   *Partial ARN* ? ``123456789012:function:my-function``.
+ +   *Function name* – ``my-function`` (name-only), ``my-function:v1`` (with alias).
+  +   *Function ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:my-function``.
+  +   *Partial ARN* – ``123456789012:function:my-function``.
 
  You can append a version number or alias to any of the formats. The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.
 - `function_url_auth_type` (String) The type of authentication that your function URL uses. Set to ``AWS_IAM`` if you want to restrict access to authenticated users only. Set to ``NONE`` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html).

docs/data-sources/msk_replicator.md

@@ -87,6 +87,7 @@ Read-Only:
 - `copy_topic_configurations` (Boolean) Whether to periodically configure remote topics to match their corresponding upstream topics.
 - `detect_and_copy_new_topics` (Boolean) Whether to periodically check for new topics and partitions.
 - `starting_position` (Attributes) Configuration for specifying the position in the topics to start replicating from. (see [below for nested schema](#nestedatt--replication_info_list--topic_replication--starting_position))
+- `topic_name_configuration` (Attributes) Configuration for specifying replicated topic names should be the same as their corresponding upstream topics or prefixed with source cluster alias. (see [below for nested schema](#nestedatt--replication_info_list--topic_replication--topic_name_configuration))
 - `topics_to_exclude` (Set of String) List of regular expression patterns indicating the topics that should not be replicated.
 - `topics_to_replicate` (Set of String) List of regular expression patterns indicating the topics to copy.
 
@@ -98,6 +99,14 @@ Read-Only:
 - `type` (String) The type of replication starting position.
 
 
+<a id="nestedatt--replication_info_list--topic_replication--topic_name_configuration"></a>
+### Nested Schema for `replication_info_list.topic_replication.topic_name_configuration`
+
+Read-Only:
+
+- `type` (String) The type of replicated topic name.
+
+
 
 
 <a id="nestedatt--tags"></a>

docs/data-sources/neptune_db_cluster.md

@@ -40,7 +40,7 @@ Note: `Port` property will soon be deprecated from this resource. Please update
 - `endpoint` (String) The connection endpoint for the DB cluster. For example: `mystack-mydbcluster-1apw1j4phylrk.cg034hpkmmjt.us-east-2.rds.amazonaws.com`
 - `engine_version` (String) Indicates the database engine version.
 - `iam_auth_enabled` (Boolean) True if mapping of Amazon Identity and Access Management (IAM) accounts to database accounts is enabled, and otherwise false.
-- `kms_key_id` (String) If `StorageEncrypted` is true, the Amazon KMS key identifier for the encrypted DB cluster.
+- `kms_key_id` (String) The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the database instances in the DB cluster, such as arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. If you enable the StorageEncrypted property but don't specify this property, the default KMS key is used. If you specify this property, you must set the StorageEncrypted property to true.
 - `port` (String) The port number on which the DB cluster accepts connections. For example: `8182`.
 - `preferred_backup_window` (String) Specifies the daily time range during which automated backups are created if automated backups are enabled, as determined by the BackupRetentionPeriod.
 - `preferred_maintenance_window` (String) Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).
@@ -68,9 +68,13 @@ If a DB snapshot is specified, the target DB cluster is created from the source
 If a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.
 - `storage_encrypted` (Boolean) Indicates whether the DB cluster is encrypted.
 
-If you specify the `DBClusterIdentifier`, `DBSnapshotIdentifier`, or `SourceDBInstanceIdentifier` property, don't specify this property. The value is inherited from the cluster, snapshot, or source DB instance. If you specify the KmsKeyId property, you must enable encryption.
+If you specify the KmsKeyId property, then you must enable encryption and set this property to true.
 
-If you specify the KmsKeyId, you must enable encryption by setting StorageEncrypted to true.
+If you enable the StorageEncrypted property but don't specify KmsKeyId property, then the default KMS key is used. If you specify KmsKeyId property, then that KMS Key is used to encrypt the database instances in the DB cluster.
+
+If you specify the SourceDBClusterIdentifier property and don't specify this property or disable it. The value is inherited from the source DB cluster, and if the DB cluster is encrypted, the KmsKeyId property from the source cluster is used.
+
+If you specify the DBSnapshotIdentifier and don't specify this property or disable it. The value is inherited from the snapshot, and the specified KmsKeyId property from the snapshot is used.
 - `tags` (Attributes Set) The tags assigned to this cluster. (see [below for nested schema](#nestedatt--tags))
 - `use_latest_restorable_time` (Boolean) Creates a new DB cluster from a DB snapshot or DB cluster snapshot.
 

docs/data-sources/rds_db_instance.md

@@ -491,7 +491,7 @@ Data Source schema for AWS::RDS::DBInstance
  This setting is only supported in RDS for Oracle.
  Default: ``open-read-only`` 
  Valid Values: ``open-read-only`` or ``mounted``
-- `restore_time` (String) The date and time to restore from.
+- `restore_time` (String) The date and time to restore from. This parameter applies to point-in-time recovery. For more information, see [Restoring a DB instance to a specified time](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html) in the in the *Amazon RDS User Guide*.
  Constraints:
   +  Must be a time in Universal Coordinated Time (UTC) format.
   +  Must be before the latest restorable time for the DB instance.
@@ -538,7 +538,7 @@ Data Source schema for AWS::RDS::DBInstance
 - `timezone` (String) The time zone of the DB instance. The time zone parameter is currently supported only by [RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-time-zone) and [RDS for SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone).
 - `use_default_processor_features` (Boolean) Specifies whether the DB instance class of the DB instance uses its default processor features.
  This setting doesn't apply to RDS Custom DB instances.
-- `use_latest_restorable_time` (Boolean) Specifies whether the DB instance is restored from the latest backup time. By default, the DB instance isn't restored from the latest backup time.
+- `use_latest_restorable_time` (Boolean) Specifies whether the DB instance is restored from the latest backup time. By default, the DB instance isn't restored from the latest backup time. This parameter applies to point-in-time recovery. For more information, see [Restoring a DB instance to a specified time](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html) in the in the *Amazon RDS User Guide*.
  Constraints:
   +  Can't be specified if the ``RestoreTime`` parameter is provided.
 - `vpc_security_groups` (List of String) A list of the VPC security group IDs to assign to the DB instance. The list can include both the physical IDs of existing VPC security groups and references to [AWS::EC2::SecurityGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html) resources created in the template.

docs/resources/codebuild_fleet.md

@@ -43,6 +43,7 @@ resource "awscc_codebuild_fleet" "example" {
 - `environment_type` (String)
 - `fleet_service_role` (String)
 - `fleet_vpc_config` (Attributes) (see [below for nested schema](#nestedatt--fleet_vpc_config))
+- `image_id` (String)
 - `name` (String)
 - `overflow_behavior` (String)
 - `tags` (Attributes List) (see [below for nested schema](#nestedatt--tags))