diff --git a/docs/data-sources/bedrock_data_source.md b/docs/data-sources/bedrock_data_source.md
index 40b8a7c99..8d78611d9 100644
--- a/docs/data-sources/bedrock_data_source.md
+++ b/docs/data-sources/bedrock_data_source.md
@@ -39,8 +39,67 @@ Data Source schema for AWS::Bedrock::DataSource
Read-Only:
-- `s3_configuration` (Attributes) Contains information about the S3 configuration of the data source. (see [below for nested schema](#nestedatt--data_source_configuration--s3_configuration))
+- `confluence_configuration` (Attributes) The configuration information to connect to Confluence as your data source. (see [below for nested schema](#nestedatt--data_source_configuration--confluence_configuration))
+- `s3_configuration` (Attributes) The configuration information to connect to Amazon S3 as your data source. (see [below for nested schema](#nestedatt--data_source_configuration--s3_configuration))
+- `salesforce_configuration` (Attributes) The configuration information to connect to Salesforce as your data source. (see [below for nested schema](#nestedatt--data_source_configuration--salesforce_configuration))
+- `share_point_configuration` (Attributes) The configuration information to connect to SharePoint as your data source. (see [below for nested schema](#nestedatt--data_source_configuration--share_point_configuration))
- `type` (String) The type of the data source location.
+- `web_configuration` (Attributes) Configures a web data source location. (see [below for nested schema](#nestedatt--data_source_configuration--web_configuration))
+
+
+### Nested Schema for `data_source_configuration.confluence_configuration`
+
+Read-Only:
+
+- `crawler_configuration` (Attributes) The configuration of the Confluence content. For example, configuring specific types of Confluence content. (see [below for nested schema](#nestedatt--data_source_configuration--confluence_configuration--crawler_configuration))
+- `source_configuration` (Attributes) The endpoint information to connect to your Confluence data source. (see [below for nested schema](#nestedatt--data_source_configuration--confluence_configuration--source_configuration))
+
+
+### Nested Schema for `data_source_configuration.confluence_configuration.crawler_configuration`
+
+Read-Only:
+
+- `filter_configuration` (Attributes) The type of filtering that you want to apply to certain objects or content of the data source. For example, the PATTERN type is regular expression patterns you can apply to filter your content. (see [below for nested schema](#nestedatt--data_source_configuration--confluence_configuration--crawler_configuration--filter_configuration))
+
+
+### Nested Schema for `data_source_configuration.confluence_configuration.crawler_configuration.filter_configuration`
+
+Read-Only:
+
+- `pattern_object_filter` (Attributes) The configuration of specific filters applied to your data source content. You can filter out or include certain content. (see [below for nested schema](#nestedatt--data_source_configuration--confluence_configuration--crawler_configuration--filter_configuration--pattern_object_filter))
+- `type` (String) The crawl filter type.
+
+
+### Nested Schema for `data_source_configuration.confluence_configuration.crawler_configuration.filter_configuration.pattern_object_filter`
+
+Read-Only:
+
+- `filters` (Attributes List) Contains information (see [below for nested schema](#nestedatt--data_source_configuration--confluence_configuration--crawler_configuration--filter_configuration--pattern_object_filter--filters))
+
+
+### Nested Schema for `data_source_configuration.confluence_configuration.crawler_configuration.filter_configuration.pattern_object_filter.filters`
+
+Read-Only:
+
+- `exclusion_filters` (List of String) A set of regular expression filter patterns for a type of object.
+- `inclusion_filters` (List of String) A set of regular expression filter patterns for a type of object.
+- `object_type` (String) The supported object type or content type of the data source.
+
+
+
+
+
+
+### Nested Schema for `data_source_configuration.confluence_configuration.source_configuration`
+
+Read-Only:
+
+- `auth_type` (String) The supported authentication type to authenticate and connect to your Confluence instance.
+- `credentials_secret_arn` (String) The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Confluence instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see Confluence connection configuration.
+- `host_type` (String) The supported host type, whether online/cloud or server/on-premises.
+- `host_url` (String) The Confluence host URL or instance URL.
+
+
### Nested Schema for `data_source_configuration.s3_configuration`
@@ -52,6 +111,169 @@ Read-Only:
- `inclusion_prefixes` (List of String) A list of S3 prefixes that define the object containing the data sources.
+
+### Nested Schema for `data_source_configuration.salesforce_configuration`
+
+Read-Only:
+
+- `crawler_configuration` (Attributes) The configuration of filtering the Salesforce content. For example, configuring regular expression patterns to include or exclude certain content. (see [below for nested schema](#nestedatt--data_source_configuration--salesforce_configuration--crawler_configuration))
+- `source_configuration` (Attributes) The endpoint information to connect to your Salesforce data source. (see [below for nested schema](#nestedatt--data_source_configuration--salesforce_configuration--source_configuration))
+
+
+### Nested Schema for `data_source_configuration.salesforce_configuration.crawler_configuration`
+
+Read-Only:
+
+- `filter_configuration` (Attributes) The type of filtering that you want to apply to certain objects or content of the data source. For example, the PATTERN type is regular expression patterns you can apply to filter your content. (see [below for nested schema](#nestedatt--data_source_configuration--salesforce_configuration--crawler_configuration--filter_configuration))
+
+
+### Nested Schema for `data_source_configuration.salesforce_configuration.crawler_configuration.filter_configuration`
+
+Read-Only:
+
+- `pattern_object_filter` (Attributes) The configuration of specific filters applied to your data source content. You can filter out or include certain content. (see [below for nested schema](#nestedatt--data_source_configuration--salesforce_configuration--crawler_configuration--filter_configuration--pattern_object_filter))
+- `type` (String) The crawl filter type.
+
+
+### Nested Schema for `data_source_configuration.salesforce_configuration.crawler_configuration.filter_configuration.pattern_object_filter`
+
+Read-Only:
+
+- `filters` (Attributes List) Contains information (see [below for nested schema](#nestedatt--data_source_configuration--salesforce_configuration--crawler_configuration--filter_configuration--pattern_object_filter--filters))
+
+
+### Nested Schema for `data_source_configuration.salesforce_configuration.crawler_configuration.filter_configuration.pattern_object_filter.filters`
+
+Read-Only:
+
+- `exclusion_filters` (List of String) A set of regular expression filter patterns for a type of object.
+- `inclusion_filters` (List of String) A set of regular expression filter patterns for a type of object.
+- `object_type` (String) The supported object type or content type of the data source.
+
+
+
+
+
+
+### Nested Schema for `data_source_configuration.salesforce_configuration.source_configuration`
+
+Read-Only:
+
+- `auth_type` (String) The supported authentication type to authenticate and connect to your Salesforce instance.
+- `credentials_secret_arn` (String) The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Salesforce instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see Salesforce connection configuration.
+- `host_url` (String) The Salesforce host URL or instance URL.
+
+
+
+
+### Nested Schema for `data_source_configuration.share_point_configuration`
+
+Read-Only:
+
+- `crawler_configuration` (Attributes) The configuration of the SharePoint content. For example, configuring specific types of SharePoint content. (see [below for nested schema](#nestedatt--data_source_configuration--share_point_configuration--crawler_configuration))
+- `source_configuration` (Attributes) The endpoint information to connect to your SharePoint data source. (see [below for nested schema](#nestedatt--data_source_configuration--share_point_configuration--source_configuration))
+
+
+### Nested Schema for `data_source_configuration.share_point_configuration.crawler_configuration`
+
+Read-Only:
+
+- `filter_configuration` (Attributes) The type of filtering that you want to apply to certain objects or content of the data source. For example, the PATTERN type is regular expression patterns you can apply to filter your content. (see [below for nested schema](#nestedatt--data_source_configuration--share_point_configuration--crawler_configuration--filter_configuration))
+
+
+### Nested Schema for `data_source_configuration.share_point_configuration.crawler_configuration.filter_configuration`
+
+Read-Only:
+
+- `pattern_object_filter` (Attributes) The configuration of specific filters applied to your data source content. You can filter out or include certain content. (see [below for nested schema](#nestedatt--data_source_configuration--share_point_configuration--crawler_configuration--filter_configuration--pattern_object_filter))
+- `type` (String) The crawl filter type.
+
+
+### Nested Schema for `data_source_configuration.share_point_configuration.crawler_configuration.filter_configuration.pattern_object_filter`
+
+Read-Only:
+
+- `filters` (Attributes List) Contains information (see [below for nested schema](#nestedatt--data_source_configuration--share_point_configuration--crawler_configuration--filter_configuration--pattern_object_filter--filters))
+
+
+### Nested Schema for `data_source_configuration.share_point_configuration.crawler_configuration.filter_configuration.pattern_object_filter.filters`
+
+Read-Only:
+
+- `exclusion_filters` (List of String) A set of regular expression filter patterns for a type of object.
+- `inclusion_filters` (List of String) A set of regular expression filter patterns for a type of object.
+- `object_type` (String) The supported object type or content type of the data source.
+
+
+
+
+
+
+### Nested Schema for `data_source_configuration.share_point_configuration.source_configuration`
+
+Read-Only:
+
+- `auth_type` (String) The supported authentication type to authenticate and connect to your SharePoint site/sites.
+- `credentials_secret_arn` (String) The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your SharePoint site/sites. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see SharePoint connection configuration.
+- `domain` (String) The domain of your SharePoint instance or site URL/URLs.
+- `host_type` (String) The supported host type, whether online/cloud or server/on-premises.
+- `site_urls` (List of String) A list of one or more SharePoint site URLs.
+- `tenant_id` (String) The identifier of your Microsoft 365 tenant.
+
+
+
+
+### Nested Schema for `data_source_configuration.web_configuration`
+
+Read-Only:
+
+- `crawler_configuration` (Attributes) Configuration for the web crawler. (see [below for nested schema](#nestedatt--data_source_configuration--web_configuration--crawler_configuration))
+- `source_configuration` (Attributes) A web source configuration. (see [below for nested schema](#nestedatt--data_source_configuration--web_configuration--source_configuration))
+
+
+### Nested Schema for `data_source_configuration.web_configuration.crawler_configuration`
+
+Read-Only:
+
+- `crawler_limits` (Attributes) Limit settings for the web crawler. (see [below for nested schema](#nestedatt--data_source_configuration--web_configuration--crawler_configuration--crawler_limits))
+- `exclusion_filters` (List of String) A set of regular expression filter patterns for a type of object.
+- `inclusion_filters` (List of String) A set of regular expression filter patterns for a type of object.
+- `scope` (String) The scope that a web crawl job will be restricted to.
+
+
+### Nested Schema for `data_source_configuration.web_configuration.crawler_configuration.crawler_limits`
+
+Read-Only:
+
+- `rate_limit` (Number) Rate of web URLs retrieved per minute.
+
+
+
+
+### Nested Schema for `data_source_configuration.web_configuration.source_configuration`
+
+Read-Only:
+
+- `url_configuration` (Attributes) A url configuration. (see [below for nested schema](#nestedatt--data_source_configuration--web_configuration--source_configuration--url_configuration))
+
+
+### Nested Schema for `data_source_configuration.web_configuration.source_configuration.url_configuration`
+
+Read-Only:
+
+- `seed_urls` (Attributes List) A list of web urls. (see [below for nested schema](#nestedatt--data_source_configuration--web_configuration--source_configuration--url_configuration--seed_urls))
+
+
+### Nested Schema for `data_source_configuration.web_configuration.source_configuration.url_configuration.seed_urls`
+
+Read-Only:
+
+- `url` (String) A web url.
+
+
+
+
+
### Nested Schema for `server_side_encryption_configuration`
@@ -67,6 +289,8 @@ Read-Only:
Read-Only:
- `chunking_configuration` (Attributes) Details about how to chunk the documents in the data source. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--chunking_configuration))
+- `custom_transformation_configuration` (Attributes) Settings for customizing steps in the data source content ingestion pipeline. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--custom_transformation_configuration))
+- `parsing_configuration` (Attributes) Settings for parsing document contents (see [below for nested schema](#nestedatt--vector_ingestion_configuration--parsing_configuration))
### Nested Schema for `vector_ingestion_configuration.chunking_configuration`
@@ -75,6 +299,8 @@ Read-Only:
- `chunking_strategy` (String) Knowledge base can split your source data into chunks. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. You have the following options for chunking your data. If you opt for NONE, then you may want to pre-process your files by splitting them up such that each file corresponds to a chunk.
- `fixed_size_chunking_configuration` (Attributes) Configurations for when you choose fixed-size chunking. If you set the chunkingStrategy as NONE, exclude this field. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--chunking_configuration--fixed_size_chunking_configuration))
+- `hierarchical_chunking_configuration` (Attributes) Configurations for when you choose hierarchical chunking. If you set the chunkingStrategy as NONE, exclude this field. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--chunking_configuration--hierarchical_chunking_configuration))
+- `semantic_chunking_configuration` (Attributes) Configurations for when you choose semantic chunking. If you set the chunkingStrategy as NONE, exclude this field. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--chunking_configuration--semantic_chunking_configuration))
### Nested Schema for `vector_ingestion_configuration.chunking_configuration.fixed_size_chunking_configuration`
@@ -83,3 +309,105 @@ Read-Only:
- `max_tokens` (Number) The maximum number of tokens to include in a chunk.
- `overlap_percentage` (Number) The percentage of overlap between adjacent chunks of a data source.
+
+
+
+### Nested Schema for `vector_ingestion_configuration.chunking_configuration.hierarchical_chunking_configuration`
+
+Read-Only:
+
+- `level_configurations` (Attributes List) Token settings for each layer. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--chunking_configuration--hierarchical_chunking_configuration--level_configurations))
+- `overlap_tokens` (Number) The number of tokens to repeat across chunks in the same layer.
+
+
+### Nested Schema for `vector_ingestion_configuration.chunking_configuration.hierarchical_chunking_configuration.level_configurations`
+
+Read-Only:
+
+- `max_tokens` (Number) The maximum number of tokens that a chunk can contain in this layer.
+
+
+
+
+### Nested Schema for `vector_ingestion_configuration.chunking_configuration.semantic_chunking_configuration`
+
+Read-Only:
+
+- `breakpoint_percentile_threshold` (Number) The dissimilarity threshold for splitting chunks.
+- `buffer_size` (Number) The buffer size.
+- `max_tokens` (Number) The maximum number of tokens that a chunk can contain.
+
+
+
+
+### Nested Schema for `vector_ingestion_configuration.custom_transformation_configuration`
+
+Read-Only:
+
+- `intermediate_storage` (Attributes) A location for storing content from data sources temporarily as it is processed by custom components in the ingestion pipeline. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--custom_transformation_configuration--intermediate_storage))
+- `transformations` (Attributes List) A list of Lambda functions that process documents. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--custom_transformation_configuration--transformations))
+
+
+### Nested Schema for `vector_ingestion_configuration.custom_transformation_configuration.intermediate_storage`
+
+Read-Only:
+
+- `s3_location` (Attributes) An Amazon S3 location. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--custom_transformation_configuration--intermediate_storage--s3_location))
+
+
+### Nested Schema for `vector_ingestion_configuration.custom_transformation_configuration.intermediate_storage.s3_location`
+
+Read-Only:
+
+- `uri` (String) The location's URI
+
+
+
+
+### Nested Schema for `vector_ingestion_configuration.custom_transformation_configuration.transformations`
+
+Read-Only:
+
+- `step_to_apply` (String) When the service applies the transformation.
+- `transformation_function` (Attributes) A Lambda function that processes documents. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--custom_transformation_configuration--transformations--transformation_function))
+
+
+### Nested Schema for `vector_ingestion_configuration.custom_transformation_configuration.transformations.transformation_function`
+
+Read-Only:
+
+- `transformation_lambda_configuration` (Attributes) A Lambda function that processes documents. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--custom_transformation_configuration--transformations--transformation_function--transformation_lambda_configuration))
+
+
+### Nested Schema for `vector_ingestion_configuration.custom_transformation_configuration.transformations.transformation_function.transformation_lambda_configuration`
+
+Read-Only:
+
+- `lambda_arn` (String) The function's ARN identifier.
+
+
+
+
+
+
+### Nested Schema for `vector_ingestion_configuration.parsing_configuration`
+
+Read-Only:
+
+- `bedrock_foundation_model_configuration` (Attributes) Settings for a foundation model used to parse documents for a data source. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--parsing_configuration--bedrock_foundation_model_configuration))
+- `parsing_strategy` (String) The parsing strategy for the data source.
+
+
+### Nested Schema for `vector_ingestion_configuration.parsing_configuration.bedrock_foundation_model_configuration`
+
+Read-Only:
+
+- `model_arn` (String) The model's ARN.
+- `parsing_prompt` (Attributes) Instructions for interpreting the contents of a document. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--parsing_configuration--bedrock_foundation_model_configuration--parsing_prompt))
+
+
+### Nested Schema for `vector_ingestion_configuration.parsing_configuration.bedrock_foundation_model_configuration.parsing_prompt`
+
+Read-Only:
+
+- `parsing_prompt_text` (String) Instructions for interpreting the contents of a document.
diff --git a/docs/data-sources/cognito_identity_pool.md b/docs/data-sources/cognito_identity_pool.md
index 7a79d6535..209a444b3 100644
--- a/docs/data-sources/cognito_identity_pool.md
+++ b/docs/data-sources/cognito_identity_pool.md
@@ -29,6 +29,7 @@ Data Source schema for AWS::Cognito::IdentityPool
- `developer_provider_name` (String)
- `identity_pool_id` (String)
- `identity_pool_name` (String)
+- `identity_pool_tags` (Attributes Set) An array of key-value pairs to apply to this resource. (see [below for nested schema](#nestedatt--identity_pool_tags))
- `name` (String)
- `open_id_connect_provider_ar_ns` (List of String)
- `push_sync` (Attributes) (see [below for nested schema](#nestedatt--push_sync))
@@ -55,6 +56,15 @@ Read-Only:
- `streaming_status` (String)
+
+### Nested Schema for `identity_pool_tags`
+
+Read-Only:
+
+- `key` (String) The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
+- `value` (String) The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
+
+
### Nested Schema for `push_sync`
diff --git a/docs/data-sources/cognito_log_delivery_configuration.md b/docs/data-sources/cognito_log_delivery_configuration.md
index 2b14ed5f4..9f81a64e7 100644
--- a/docs/data-sources/cognito_log_delivery_configuration.md
+++ b/docs/data-sources/cognito_log_delivery_configuration.md
@@ -32,7 +32,9 @@ Read-Only:
- `cloudwatch_logs_configuration` (Attributes) (see [below for nested schema](#nestedatt--log_configurations--cloudwatch_logs_configuration))
- `event_source` (String)
+- `firehose_configuration` (Attributes) (see [below for nested schema](#nestedatt--log_configurations--firehose_configuration))
- `log_level` (String)
+- `s3_configuration` (Attributes) (see [below for nested schema](#nestedatt--log_configurations--s3_configuration))
### Nested Schema for `log_configurations.cloudwatch_logs_configuration`
@@ -40,3 +42,19 @@ Read-Only:
Read-Only:
- `log_group_arn` (String)
+
+
+
+### Nested Schema for `log_configurations.firehose_configuration`
+
+Read-Only:
+
+- `stream_arn` (String)
+
+
+
+### Nested Schema for `log_configurations.s3_configuration`
+
+Read-Only:
+
+- `bucket_arn` (String)
diff --git a/docs/data-sources/ec2_launch_template.md b/docs/data-sources/ec2_launch_template.md
index 8e6f39a07..426d44dbf 100644
--- a/docs/data-sources/ec2_launch_template.md
+++ b/docs/data-sources/ec2_launch_template.md
@@ -53,7 +53,7 @@ Read-Only:
- `iam_instance_profile` (Attributes) The name or Amazon Resource Name (ARN) of an IAM instance profile. (see [below for nested schema](#nestedatt--launch_template_data--iam_instance_profile))
- `image_id` (String) The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.
Valid formats:
- + ``ami-17characters00000``
+ + ``ami-0ac394d6a3example``
+ ``resolve:ssm:parameter-name``
+ ``resolve:ssm:parameter-name:version-number``
+ ``resolve:ssm:parameter-name:label``
diff --git a/docs/data-sources/ec2_subnet_cidr_block.md b/docs/data-sources/ec2_subnet_cidr_block.md
index 79ba4592c..e3e0a2815 100644
--- a/docs/data-sources/ec2_subnet_cidr_block.md
+++ b/docs/data-sources/ec2_subnet_cidr_block.md
@@ -21,6 +21,8 @@ Data Source schema for AWS::EC2::SubnetCidrBlock
### Read-Only
+- `ip_source` (String) The IP Source of an IPv6 Subnet CIDR Block.
+- `ipv_6_address_attribute` (String) The value denoting whether an IPv6 Subnet CIDR Block is public or private.
- `ipv_6_cidr_block` (String) The IPv6 network range for the subnet, in CIDR notation. The subnet size must use a /64 prefix length
- `ipv_6_ipam_pool_id` (String) The ID of an IPv6 Amazon VPC IP Address Manager (IPAM) pool from which to allocate, to get the subnet's CIDR
- `ipv_6_netmask_length` (Number) The netmask length of the IPv6 CIDR to allocate to the subnet from an IPAM pool
diff --git a/docs/data-sources/ec2_vpc.md b/docs/data-sources/ec2_vpc.md
index f3095c94e..c9084a42f 100644
--- a/docs/data-sources/ec2_vpc.md
+++ b/docs/data-sources/ec2_vpc.md
@@ -30,8 +30,8 @@ Data Source schema for AWS::EC2::VPC
You can only enable DNS hostnames if you've enabled DNS support.
- `enable_dns_support` (Boolean) Indicates whether the DNS resolution is supported for the VPC. If enabled, queries to the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP address at the base of the VPC network range "plus two" succeed. If disabled, the Amazon provided DNS service in the VPC that resolves public DNS hostnames to IP addresses is not enabled. Enabled by default. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support).
- `instance_tenancy` (String) The allowed tenancy of instances launched into the VPC.
- + ``default``: An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.
- + ``dedicated``: An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of ``host`` during instance launch. You cannot specify a tenancy of ``default`` during instance launch.
+ + ``default``: An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.
+ + ``dedicated``: An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of ``host`` during instance launch. You cannot specify a tenancy of ``default`` during instance launch.
Updating ``InstanceTenancy`` requires no replacement only if you are updating its value from ``dedicated`` to ``default``. Updating ``InstanceTenancy`` from ``default`` to ``dedicated`` requires replacement.
- `ipv_4_ipam_pool_id` (String) The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. For more information, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide*.
diff --git a/docs/data-sources/lambda_event_source_mapping.md b/docs/data-sources/lambda_event_source_mapping.md
index 7b9c26732..9ff83cc93 100644
--- a/docs/data-sources/lambda_event_source_mapping.md
+++ b/docs/data-sources/lambda_event_source_mapping.md
@@ -23,37 +23,38 @@ Data Source schema for AWS::Lambda::EventSourceMapping
- `amazon_managed_kafka_event_source_config` (Attributes) Specific configuration settings for an Amazon Managed Streaming for Apache Kafka (Amazon MSK) event source. (see [below for nested schema](#nestedatt--amazon_managed_kafka_event_source_config))
- `batch_size` (Number) The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).
- + *Amazon Kinesis* – Default 100. Max 10,000.
- + *Amazon DynamoDB Streams* – Default 100. Max 10,000.
- + *Amazon Simple Queue Service* – Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.
- + *Amazon Managed Streaming for Apache Kafka* – Default 100. Max 10,000.
- + *Self-managed Apache Kafka* – Default 100. Max 10,000.
- + *Amazon MQ (ActiveMQ and RabbitMQ)* – Default 100. Max 10,000.
- + *DocumentDB* – Default 100. Max 10,000.
+ + *Amazon Kinesis* ? Default 100. Max 10,000.
+ + *Amazon DynamoDB Streams* ? Default 100. Max 10,000.
+ + *Amazon Simple Queue Service* ? Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.
+ + *Amazon Managed Streaming for Apache Kafka* ? Default 100. Max 10,000.
+ + *Self-managed Apache Kafka* ? Default 100. Max 10,000.
+ + *Amazon MQ (ActiveMQ and RabbitMQ)* ? Default 100. Max 10,000.
+ + *DocumentDB* ? Default 100. Max 10,000.
- `bisect_batch_on_function_error` (Boolean) (Kinesis and DynamoDB Streams only) If the function returns an error, split the batch in two and retry. The default value is false.
- `destination_config` (Attributes) (Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka event sources only) A configuration object that specifies the destination of an event after Lambda processes it. (see [below for nested schema](#nestedatt--destination_config))
- `document_db_event_source_config` (Attributes) Specific configuration settings for a DocumentDB event source. (see [below for nested schema](#nestedatt--document_db_event_source_config))
- `enabled` (Boolean) When true, the event source mapping is active. When false, Lambda pauses polling and invocation.
Default: True
- `event_source_arn` (String) The Amazon Resource Name (ARN) of the event source.
- + *Amazon Kinesis* – The ARN of the data stream or a stream consumer.
- + *Amazon DynamoDB Streams* – The ARN of the stream.
- + *Amazon Simple Queue Service* – The ARN of the queue.
- + *Amazon Managed Streaming for Apache Kafka* – The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc)).
- + *Amazon MQ* – The ARN of the broker.
- + *Amazon DocumentDB* – The ARN of the DocumentDB change stream.
+ + *Amazon Kinesis* ? The ARN of the data stream or a stream consumer.
+ + *Amazon DynamoDB Streams* ? The ARN of the stream.
+ + *Amazon Simple Queue Service* ? The ARN of the queue.
+ + *Amazon Managed Streaming for Apache Kafka* ? The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc)).
+ + *Amazon MQ* ? The ARN of the broker.
+ + *Amazon DocumentDB* ? The ARN of the DocumentDB change stream.
- `event_source_mapping_id` (String)
- `filter_criteria` (Attributes) An object that defines the filter criteria that determine whether Lambda should process an event. For more information, see [Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html). (see [below for nested schema](#nestedatt--filter_criteria))
- `function_name` (String) The name or ARN of the Lambda function.
**Name formats**
- + *Function name* – ``MyFunction``.
- + *Function ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction``.
- + *Version or Alias ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD``.
- + *Partial ARN* – ``123456789012:function:MyFunction``.
+ + *Function name* ? ``MyFunction``.
+ + *Function ARN* ? ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction``.
+ + *Version or Alias ARN* ? ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD``.
+ + *Partial ARN* ? ``123456789012:function:MyFunction``.
The length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.
- `function_response_types` (List of String) (Streams and SQS) A list of current response type enums applied to the event source mapping.
Valid Values: ``ReportBatchItemFailures``
+- `kms_key_arn` (String)
- `maximum_batching_window_in_seconds` (Number) The maximum amount of time, in seconds, that Lambda spends gathering records before invoking the function.
*Default (, , event sources)*: 0
*Default (, Kafka, , event sources)*: 500 ms
@@ -166,13 +167,13 @@ Read-Only:
Read-Only:
- `type` (String) The type of authentication protocol, VPC components, or virtual host for your event source. For example: ``"Type":"SASL_SCRAM_512_AUTH"``.
- + ``BASIC_AUTH`` – (Amazon MQ) The ASMlong secret that stores your broker credentials.
- + ``BASIC_AUTH`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.
- + ``VPC_SUBNET`` – (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.
- + ``VPC_SECURITY_GROUP`` – (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.
- + ``SASL_SCRAM_256_AUTH`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.
- + ``SASL_SCRAM_512_AUTH`` – (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.
- + ``VIRTUAL_HOST`` –- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.
- + ``CLIENT_CERTIFICATE_TLS_AUTH`` – (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.
- + ``SERVER_ROOT_CA_CERTIFICATE`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.
+ + ``BASIC_AUTH`` ? (Amazon MQ) The ASMlong secret that stores your broker credentials.
+ + ``BASIC_AUTH`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.
+ + ``VPC_SUBNET`` ? (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.
+ + ``VPC_SECURITY_GROUP`` ? (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.
+ + ``SASL_SCRAM_256_AUTH`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.
+ + ``SASL_SCRAM_512_AUTH`` ? (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.
+ + ``VIRTUAL_HOST`` ?- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.
+ + ``CLIENT_CERTIFICATE_TLS_AUTH`` ? (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.
+ + ``SERVER_ROOT_CA_CERTIFICATE`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.
- `uri` (String) The value for your chosen configuration in ``Type``. For example: ``"URI": "arn:aws:secretsmanager:us-east-1:01234567890:secret:MyBrokerSecretName"``.
diff --git a/docs/data-sources/s3_bucket.md b/docs/data-sources/s3_bucket.md
index d160c890e..737e64b73 100644
--- a/docs/data-sources/s3_bucket.md
+++ b/docs/data-sources/s3_bucket.md
@@ -52,7 +52,8 @@ Data Source schema for AWS::S3::Bucket
- `replication_configuration` (Attributes) Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the ``VersioningConfiguration`` property.
Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist. (see [below for nested schema](#nestedatt--replication_configuration))
- `tags` (Attributes List) An arbitrary set of tags (key-value pairs) for this S3 bucket. (see [below for nested schema](#nestedatt--tags))
-- `versioning_configuration` (Attributes) Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them. (see [below for nested schema](#nestedatt--versioning_configuration))
+- `versioning_configuration` (Attributes) Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.
+ When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (``PUT`` or ``DELETE``) on objects in the bucket. (see [below for nested schema](#nestedatt--versioning_configuration))
- `website_configuration` (Attributes) Information used to configure the bucket as a static website. For more information, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html). (see [below for nested schema](#nestedatt--website_configuration))
- `website_url` (String)
@@ -352,7 +353,9 @@ Read-Only:
Read-Only:
-- `partition_date_source` (String) Specifies the partition date source for the partitioned prefix. PartitionDateSource can be EventTime or DeliveryTime.
+- `partition_date_source` (String) Specifies the partition date source for the partitioned prefix. ``PartitionDateSource`` can be ``EventTime`` or ``DeliveryTime``.
+ For ``DeliveryTime``, the time in the log file names corresponds to the delivery time for the log files.
+ For ``EventTime``, The logs delivered are for a specific day only. The year, month, and day correspond to the day on which the event occurred, and the hour, minutes and seconds are set to 00 in the key.
diff --git a/docs/data-sources/systemsmanagersap_application.md b/docs/data-sources/systemsmanagersap_application.md
index 82470cfbc..1c4f1ffbc 100644
--- a/docs/data-sources/systemsmanagersap_application.md
+++ b/docs/data-sources/systemsmanagersap_application.md
@@ -23,8 +23,9 @@ Data Source schema for AWS::SystemsManagerSAP::Application
- `application_id` (String)
- `application_type` (String)
-- `arn` (String) The ARN of the Helix application
+- `arn` (String) The ARN of the SSM-SAP application
- `credentials` (Attributes List) (see [below for nested schema](#nestedatt--credentials))
+- `database_arn` (String) The ARN of the SAP HANA database
- `instances` (List of String)
- `sap_instance_number` (String)
- `sid` (String)
diff --git a/docs/resources/bedrock_data_source.md b/docs/resources/bedrock_data_source.md
index fa3c26814..53775ac92 100644
--- a/docs/resources/bedrock_data_source.md
+++ b/docs/resources/bedrock_data_source.md
@@ -70,9 +70,80 @@ variable "kms_key_arn" {
Required:
-- `s3_configuration` (Attributes) Contains information about the S3 configuration of the data source. (see [below for nested schema](#nestedatt--data_source_configuration--s3_configuration))
- `type` (String) The type of the data source location.
+Optional:
+
+- `confluence_configuration` (Attributes) The configuration information to connect to Confluence as your data source. (see [below for nested schema](#nestedatt--data_source_configuration--confluence_configuration))
+- `s3_configuration` (Attributes) The configuration information to connect to Amazon S3 as your data source. (see [below for nested schema](#nestedatt--data_source_configuration--s3_configuration))
+- `salesforce_configuration` (Attributes) The configuration information to connect to Salesforce as your data source. (see [below for nested schema](#nestedatt--data_source_configuration--salesforce_configuration))
+- `share_point_configuration` (Attributes) The configuration information to connect to SharePoint as your data source. (see [below for nested schema](#nestedatt--data_source_configuration--share_point_configuration))
+- `web_configuration` (Attributes) Configures a web data source location. (see [below for nested schema](#nestedatt--data_source_configuration--web_configuration))
+
+
+### Nested Schema for `data_source_configuration.confluence_configuration`
+
+Required:
+
+- `source_configuration` (Attributes) The endpoint information to connect to your Confluence data source. (see [below for nested schema](#nestedatt--data_source_configuration--confluence_configuration--source_configuration))
+
+Optional:
+
+- `crawler_configuration` (Attributes) The configuration of the Confluence content. For example, configuring specific types of Confluence content. (see [below for nested schema](#nestedatt--data_source_configuration--confluence_configuration--crawler_configuration))
+
+
+### Nested Schema for `data_source_configuration.confluence_configuration.source_configuration`
+
+Required:
+
+- `auth_type` (String) The supported authentication type to authenticate and connect to your Confluence instance.
+- `credentials_secret_arn` (String) The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Confluence instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see Confluence connection configuration.
+- `host_type` (String) The supported host type, whether online/cloud or server/on-premises.
+- `host_url` (String) The Confluence host URL or instance URL.
+
+
+
+### Nested Schema for `data_source_configuration.confluence_configuration.crawler_configuration`
+
+Optional:
+
+- `filter_configuration` (Attributes) The type of filtering that you want to apply to certain objects or content of the data source. For example, the PATTERN type is regular expression patterns you can apply to filter your content. (see [below for nested schema](#nestedatt--data_source_configuration--confluence_configuration--crawler_configuration--filter_configuration))
+
+
+### Nested Schema for `data_source_configuration.confluence_configuration.crawler_configuration.filter_configuration`
+
+Required:
+
+- `type` (String) The crawl filter type.
+
+Optional:
+
+- `pattern_object_filter` (Attributes) The configuration of specific filters applied to your data source content. You can filter out or include certain content. (see [below for nested schema](#nestedatt--data_source_configuration--confluence_configuration--crawler_configuration--filter_configuration--pattern_object_filter))
+
+
+### Nested Schema for `data_source_configuration.confluence_configuration.crawler_configuration.filter_configuration.pattern_object_filter`
+
+Required:
+
+- `filters` (Attributes List) Contains information (see [below for nested schema](#nestedatt--data_source_configuration--confluence_configuration--crawler_configuration--filter_configuration--pattern_object_filter--filters))
+
+
+### Nested Schema for `data_source_configuration.confluence_configuration.crawler_configuration.filter_configuration.pattern_object_filter.filters`
+
+Required:
+
+- `object_type` (String) The supported object type or content type of the data source.
+
+Optional:
+
+- `exclusion_filters` (List of String) A set of regular expression filter patterns for a type of object.
+- `inclusion_filters` (List of String) A set of regular expression filter patterns for a type of object.
+
+
+
+
+
+
### Nested Schema for `data_source_configuration.s3_configuration`
@@ -86,6 +157,193 @@ Optional:
- `inclusion_prefixes` (List of String) A list of S3 prefixes that define the object containing the data sources.
+
+### Nested Schema for `data_source_configuration.salesforce_configuration`
+
+Required:
+
+- `source_configuration` (Attributes) The endpoint information to connect to your Salesforce data source. (see [below for nested schema](#nestedatt--data_source_configuration--salesforce_configuration--source_configuration))
+
+Optional:
+
+- `crawler_configuration` (Attributes) The configuration of filtering the Salesforce content. For example, configuring regular expression patterns to include or exclude certain content. (see [below for nested schema](#nestedatt--data_source_configuration--salesforce_configuration--crawler_configuration))
+
+
+### Nested Schema for `data_source_configuration.salesforce_configuration.source_configuration`
+
+Required:
+
+- `auth_type` (String) The supported authentication type to authenticate and connect to your Salesforce instance.
+- `credentials_secret_arn` (String) The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Salesforce instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see Salesforce connection configuration.
+- `host_url` (String) The Salesforce host URL or instance URL.
+
+
+
+### Nested Schema for `data_source_configuration.salesforce_configuration.crawler_configuration`
+
+Optional:
+
+- `filter_configuration` (Attributes) The type of filtering that you want to apply to certain objects or content of the data source. For example, the PATTERN type is regular expression patterns you can apply to filter your content. (see [below for nested schema](#nestedatt--data_source_configuration--salesforce_configuration--crawler_configuration--filter_configuration))
+
+
+### Nested Schema for `data_source_configuration.salesforce_configuration.crawler_configuration.filter_configuration`
+
+Required:
+
+- `type` (String) The crawl filter type.
+
+Optional:
+
+- `pattern_object_filter` (Attributes) The configuration of specific filters applied to your data source content. You can filter out or include certain content. (see [below for nested schema](#nestedatt--data_source_configuration--salesforce_configuration--crawler_configuration--filter_configuration--pattern_object_filter))
+
+
+### Nested Schema for `data_source_configuration.salesforce_configuration.crawler_configuration.filter_configuration.pattern_object_filter`
+
+Required:
+
+- `filters` (Attributes List) Contains information (see [below for nested schema](#nestedatt--data_source_configuration--salesforce_configuration--crawler_configuration--filter_configuration--pattern_object_filter--filters))
+
+
+### Nested Schema for `data_source_configuration.salesforce_configuration.crawler_configuration.filter_configuration.pattern_object_filter.filters`
+
+Required:
+
+- `object_type` (String) The supported object type or content type of the data source.
+
+Optional:
+
+- `exclusion_filters` (List of String) A set of regular expression filter patterns for a type of object.
+- `inclusion_filters` (List of String) A set of regular expression filter patterns for a type of object.
+
+
+
+
+
+
+
+### Nested Schema for `data_source_configuration.share_point_configuration`
+
+Required:
+
+- `source_configuration` (Attributes) The endpoint information to connect to your SharePoint data source. (see [below for nested schema](#nestedatt--data_source_configuration--share_point_configuration--source_configuration))
+
+Optional:
+
+- `crawler_configuration` (Attributes) The configuration of the SharePoint content. For example, configuring specific types of SharePoint content. (see [below for nested schema](#nestedatt--data_source_configuration--share_point_configuration--crawler_configuration))
+
+
+### Nested Schema for `data_source_configuration.share_point_configuration.source_configuration`
+
+Required:
+
+- `auth_type` (String) The supported authentication type to authenticate and connect to your SharePoint site/sites.
+- `credentials_secret_arn` (String) The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your SharePoint site/sites. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see SharePoint connection configuration.
+- `domain` (String) The domain of your SharePoint instance or site URL/URLs.
+- `host_type` (String) The supported host type, whether online/cloud or server/on-premises.
+- `site_urls` (List of String) A list of one or more SharePoint site URLs.
+
+Optional:
+
+- `tenant_id` (String) The identifier of your Microsoft 365 tenant.
+
+
+
+### Nested Schema for `data_source_configuration.share_point_configuration.crawler_configuration`
+
+Optional:
+
+- `filter_configuration` (Attributes) The type of filtering that you want to apply to certain objects or content of the data source. For example, the PATTERN type is regular expression patterns you can apply to filter your content. (see [below for nested schema](#nestedatt--data_source_configuration--share_point_configuration--crawler_configuration--filter_configuration))
+
+
+### Nested Schema for `data_source_configuration.share_point_configuration.crawler_configuration.filter_configuration`
+
+Required:
+
+- `type` (String) The crawl filter type.
+
+Optional:
+
+- `pattern_object_filter` (Attributes) The configuration of specific filters applied to your data source content. You can filter out or include certain content. (see [below for nested schema](#nestedatt--data_source_configuration--share_point_configuration--crawler_configuration--filter_configuration--pattern_object_filter))
+
+
+### Nested Schema for `data_source_configuration.share_point_configuration.crawler_configuration.filter_configuration.pattern_object_filter`
+
+Required:
+
+- `filters` (Attributes List) Contains information (see [below for nested schema](#nestedatt--data_source_configuration--share_point_configuration--crawler_configuration--filter_configuration--pattern_object_filter--filters))
+
+
+### Nested Schema for `data_source_configuration.share_point_configuration.crawler_configuration.filter_configuration.pattern_object_filter.filters`
+
+Required:
+
+- `object_type` (String) The supported object type or content type of the data source.
+
+Optional:
+
+- `exclusion_filters` (List of String) A set of regular expression filter patterns for a type of object.
+- `inclusion_filters` (List of String) A set of regular expression filter patterns for a type of object.
+
+
+
+
+
+
+
+### Nested Schema for `data_source_configuration.web_configuration`
+
+Required:
+
+- `source_configuration` (Attributes) A web source configuration. (see [below for nested schema](#nestedatt--data_source_configuration--web_configuration--source_configuration))
+
+Optional:
+
+- `crawler_configuration` (Attributes) Configuration for the web crawler. (see [below for nested schema](#nestedatt--data_source_configuration--web_configuration--crawler_configuration))
+
+
+### Nested Schema for `data_source_configuration.web_configuration.source_configuration`
+
+Required:
+
+- `url_configuration` (Attributes) A url configuration. (see [below for nested schema](#nestedatt--data_source_configuration--web_configuration--source_configuration--url_configuration))
+
+
+### Nested Schema for `data_source_configuration.web_configuration.source_configuration.url_configuration`
+
+Required:
+
+- `seed_urls` (Attributes List) A list of web urls. (see [below for nested schema](#nestedatt--data_source_configuration--web_configuration--source_configuration--url_configuration--seed_urls))
+
+
+### Nested Schema for `data_source_configuration.web_configuration.source_configuration.url_configuration.seed_urls`
+
+Required:
+
+- `url` (String) A web url.
+
+
+
+
+
+### Nested Schema for `data_source_configuration.web_configuration.crawler_configuration`
+
+Optional:
+
+- `crawler_limits` (Attributes) Limit settings for the web crawler. (see [below for nested schema](#nestedatt--data_source_configuration--web_configuration--crawler_configuration--crawler_limits))
+- `exclusion_filters` (List of String) A set of regular expression filter patterns for a type of object.
+- `inclusion_filters` (List of String) A set of regular expression filter patterns for a type of object.
+- `scope` (String) The scope that a web crawl job will be restricted to.
+
+
+### Nested Schema for `data_source_configuration.web_configuration.crawler_configuration.crawler_limits`
+
+Optional:
+
+- `rate_limit` (Number) Rate of web URLs retrieved per minute.
+
+
+
+
### Nested Schema for `server_side_encryption_configuration`
@@ -101,6 +359,8 @@ Optional:
Optional:
- `chunking_configuration` (Attributes) Details about how to chunk the documents in the data source. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--chunking_configuration))
+- `custom_transformation_configuration` (Attributes) Settings for customizing steps in the data source content ingestion pipeline. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--custom_transformation_configuration))
+- `parsing_configuration` (Attributes) Settings for parsing document contents (see [below for nested schema](#nestedatt--vector_ingestion_configuration--parsing_configuration))
### Nested Schema for `vector_ingestion_configuration.chunking_configuration`
@@ -112,6 +372,8 @@ Required:
Optional:
- `fixed_size_chunking_configuration` (Attributes) Configurations for when you choose fixed-size chunking. If you set the chunkingStrategy as NONE, exclude this field. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--chunking_configuration--fixed_size_chunking_configuration))
+- `hierarchical_chunking_configuration` (Attributes) Configurations for when you choose hierarchical chunking. If you set the chunkingStrategy as NONE, exclude this field. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--chunking_configuration--hierarchical_chunking_configuration))
+- `semantic_chunking_configuration` (Attributes) Configurations for when you choose semantic chunking. If you set the chunkingStrategy as NONE, exclude this field. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--chunking_configuration--semantic_chunking_configuration))
### Nested Schema for `vector_ingestion_configuration.chunking_configuration.fixed_size_chunking_configuration`
@@ -121,6 +383,114 @@ Required:
- `max_tokens` (Number) The maximum number of tokens to include in a chunk.
- `overlap_percentage` (Number) The percentage of overlap between adjacent chunks of a data source.
+
+
+### Nested Schema for `vector_ingestion_configuration.chunking_configuration.hierarchical_chunking_configuration`
+
+Required:
+
+- `level_configurations` (Attributes List) Token settings for each layer. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--chunking_configuration--hierarchical_chunking_configuration--level_configurations))
+- `overlap_tokens` (Number) The number of tokens to repeat across chunks in the same layer.
+
+
+### Nested Schema for `vector_ingestion_configuration.chunking_configuration.hierarchical_chunking_configuration.level_configurations`
+
+Required:
+
+- `max_tokens` (Number) The maximum number of tokens that a chunk can contain in this layer.
+
+
+
+
+### Nested Schema for `vector_ingestion_configuration.chunking_configuration.semantic_chunking_configuration`
+
+Required:
+
+- `breakpoint_percentile_threshold` (Number) The dissimilarity threshold for splitting chunks.
+- `buffer_size` (Number) The buffer size.
+- `max_tokens` (Number) The maximum number of tokens that a chunk can contain.
+
+
+
+
+### Nested Schema for `vector_ingestion_configuration.custom_transformation_configuration`
+
+Required:
+
+- `intermediate_storage` (Attributes) A location for storing content from data sources temporarily as it is processed by custom components in the ingestion pipeline. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--custom_transformation_configuration--intermediate_storage))
+- `transformations` (Attributes List) A list of Lambda functions that process documents. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--custom_transformation_configuration--transformations))
+
+
+### Nested Schema for `vector_ingestion_configuration.custom_transformation_configuration.intermediate_storage`
+
+Required:
+
+- `s3_location` (Attributes) An Amazon S3 location. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--custom_transformation_configuration--intermediate_storage--s3_location))
+
+
+### Nested Schema for `vector_ingestion_configuration.custom_transformation_configuration.intermediate_storage.s3_location`
+
+Required:
+
+- `uri` (String) The location's URI
+
+
+
+
+### Nested Schema for `vector_ingestion_configuration.custom_transformation_configuration.transformations`
+
+Required:
+
+- `step_to_apply` (String) When the service applies the transformation.
+- `transformation_function` (Attributes) A Lambda function that processes documents. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--custom_transformation_configuration--transformations--transformation_function))
+
+
+### Nested Schema for `vector_ingestion_configuration.custom_transformation_configuration.transformations.transformation_function`
+
+Required:
+
+- `transformation_lambda_configuration` (Attributes) A Lambda function that processes documents. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--custom_transformation_configuration--transformations--transformation_function--transformation_lambda_configuration))
+
+
+### Nested Schema for `vector_ingestion_configuration.custom_transformation_configuration.transformations.transformation_function.transformation_lambda_configuration`
+
+Required:
+
+- `lambda_arn` (String) The function's ARN identifier.
+
+
+
+
+
+
+### Nested Schema for `vector_ingestion_configuration.parsing_configuration`
+
+Required:
+
+- `parsing_strategy` (String) The parsing strategy for the data source.
+
+Optional:
+
+- `bedrock_foundation_model_configuration` (Attributes) Settings for a foundation model used to parse documents for a data source. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--parsing_configuration--bedrock_foundation_model_configuration))
+
+
+### Nested Schema for `vector_ingestion_configuration.parsing_configuration.bedrock_foundation_model_configuration`
+
+Required:
+
+- `model_arn` (String) The model's ARN.
+
+Optional:
+
+- `parsing_prompt` (Attributes) Instructions for interpreting the contents of a document. (see [below for nested schema](#nestedatt--vector_ingestion_configuration--parsing_configuration--bedrock_foundation_model_configuration--parsing_prompt))
+
+
+### Nested Schema for `vector_ingestion_configuration.parsing_configuration.bedrock_foundation_model_configuration.parsing_prompt`
+
+Required:
+
+- `parsing_prompt_text` (String) Instructions for interpreting the contents of a document.
+
## Import
Import is supported using the following syntax:
diff --git a/docs/resources/cognito_identity_pool.md b/docs/resources/cognito_identity_pool.md
index d88200fc3..a7f88b267 100644
--- a/docs/resources/cognito_identity_pool.md
+++ b/docs/resources/cognito_identity_pool.md
@@ -58,6 +58,7 @@ resource "awscc_cognito_identity_pool" "example_identity_pool" {
- `cognito_streams` (Attributes) (see [below for nested schema](#nestedatt--cognito_streams))
- `developer_provider_name` (String)
- `identity_pool_name` (String)
+- `identity_pool_tags` (Attributes Set) An array of key-value pairs to apply to this resource. (see [below for nested schema](#nestedatt--identity_pool_tags))
- `open_id_connect_provider_ar_ns` (List of String)
- `push_sync` (Attributes) (see [below for nested schema](#nestedatt--push_sync))
- `saml_provider_ar_ns` (List of String)
@@ -92,6 +93,15 @@ Optional:
- `streaming_status` (String)
+
+### Nested Schema for `identity_pool_tags`
+
+Required:
+
+- `key` (String) The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
+- `value` (String) The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.
+
+
### Nested Schema for `push_sync`
diff --git a/docs/resources/cognito_log_delivery_configuration.md b/docs/resources/cognito_log_delivery_configuration.md
index c3d49605d..3e08c69fd 100644
--- a/docs/resources/cognito_log_delivery_configuration.md
+++ b/docs/resources/cognito_log_delivery_configuration.md
@@ -35,7 +35,9 @@ Optional:
- `cloudwatch_logs_configuration` (Attributes) (see [below for nested schema](#nestedatt--log_configurations--cloudwatch_logs_configuration))
- `event_source` (String)
+- `firehose_configuration` (Attributes) (see [below for nested schema](#nestedatt--log_configurations--firehose_configuration))
- `log_level` (String)
+- `s3_configuration` (Attributes) (see [below for nested schema](#nestedatt--log_configurations--s3_configuration))
### Nested Schema for `log_configurations.cloudwatch_logs_configuration`
@@ -44,6 +46,22 @@ Optional:
- `log_group_arn` (String)
+
+
+### Nested Schema for `log_configurations.firehose_configuration`
+
+Optional:
+
+- `stream_arn` (String)
+
+
+
+### Nested Schema for `log_configurations.s3_configuration`
+
+Optional:
+
+- `bucket_arn` (String)
+
## Import
Import is supported using the following syntax:
diff --git a/docs/resources/ec2_launch_template.md b/docs/resources/ec2_launch_template.md
index 0ef49a900..19c1b42c2 100644
--- a/docs/resources/ec2_launch_template.md
+++ b/docs/resources/ec2_launch_template.md
@@ -159,7 +159,7 @@ Optional:
- `iam_instance_profile` (Attributes) The name or Amazon Resource Name (ARN) of an IAM instance profile. (see [below for nested schema](#nestedatt--launch_template_data--iam_instance_profile))
- `image_id` (String) The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.
Valid formats:
- + ``ami-17characters00000``
+ + ``ami-0ac394d6a3example``
+ ``resolve:ssm:parameter-name``
+ ``resolve:ssm:parameter-name:version-number``
+ ``resolve:ssm:parameter-name:label``
diff --git a/docs/resources/ec2_subnet_cidr_block.md b/docs/resources/ec2_subnet_cidr_block.md
index c6c5148c3..4b504201b 100644
--- a/docs/resources/ec2_subnet_cidr_block.md
+++ b/docs/resources/ec2_subnet_cidr_block.md
@@ -28,6 +28,8 @@ The AWS::EC2::SubnetCidrBlock resource creates association between subnet and IP
### Read-Only
- `id` (String) Uniquely identifies the resource.
+- `ip_source` (String) The IP Source of an IPv6 Subnet CIDR Block.
+- `ipv_6_address_attribute` (String) The value denoting whether an IPv6 Subnet CIDR Block is public or private.
- `subnet_cidr_block_id` (String) Information about the IPv6 association.
## Import
diff --git a/docs/resources/ec2_vpc.md b/docs/resources/ec2_vpc.md
index c02e80939..07a7e3451 100644
--- a/docs/resources/ec2_vpc.md
+++ b/docs/resources/ec2_vpc.md
@@ -3,14 +3,14 @@ page_title: "awscc_ec2_vpc Resource - terraform-provider-awscc"
subcategory: ""
description: |-
Specifies a virtual private cloud (VPC).
- You can optionally request an IPv6 CIDR block for the VPC. You can request an Amazon-provided IPv6 CIDR block from Amazon's pool of IPv6 addresses, or an IPv6 CIDR block from an IPv6 address pool that you provisioned through bring your own IP addresses (BYOIP).
+ To add an IPv6 CIDR block to the VPC, see AWS::EC2::VPCCidrBlock https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpccidrblock.html.
For more information, see Virtual private clouds (VPC) https://docs.aws.amazon.com/vpc/latest/userguide/configure-your-vpc.html in the Amazon VPC User Guide.
---
# awscc_ec2_vpc (Resource)
Specifies a virtual private cloud (VPC).
- You can optionally request an IPv6 CIDR block for the VPC. You can request an Amazon-provided IPv6 CIDR block from Amazon's pool of IPv6 addresses, or an IPv6 CIDR block from an IPv6 address pool that you provisioned through bring your own IP addresses (BYOIP).
+ To add an IPv6 CIDR block to the VPC, see [AWS::EC2::VPCCidrBlock](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpccidrblock.html).
For more information, see [Virtual private clouds (VPC)](https://docs.aws.amazon.com/vpc/latest/userguide/configure-your-vpc.html) in the *Amazon VPC User Guide*.
## Example Usage
@@ -88,8 +88,8 @@ resource "awscc_ec2_vpc" "main" {
You can only enable DNS hostnames if you've enabled DNS support.
- `enable_dns_support` (Boolean) Indicates whether the DNS resolution is supported for the VPC. If enabled, queries to the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP address at the base of the VPC network range "plus two" succeed. If disabled, the Amazon provided DNS service in the VPC that resolves public DNS hostnames to IP addresses is not enabled. Enabled by default. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support).
- `instance_tenancy` (String) The allowed tenancy of instances launched into the VPC.
- + ``default``: An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.
- + ``dedicated``: An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of ``host`` during instance launch. You cannot specify a tenancy of ``default`` during instance launch.
+ + ``default``: An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.
+ + ``dedicated``: An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of ``host`` during instance launch. You cannot specify a tenancy of ``default`` during instance launch.
Updating ``InstanceTenancy`` requires no replacement only if you are updating its value from ``dedicated`` to ``default``. Updating ``InstanceTenancy`` from ``default`` to ``dedicated`` requires replacement.
- `ipv_4_ipam_pool_id` (String) The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. For more information, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide*.
diff --git a/docs/resources/lambda_event_source_mapping b/docs/resources/lambda_event_source_mapping
index cd69fa5e1..abde8e4bf 100644
--- a/docs/resources/lambda_event_source_mapping
+++ b/docs/resources/lambda_event_source_mapping
@@ -52,10 +52,10 @@ resource "awscc_lambda_permission" "example" {
- `function_name` (String) The name or ARN of the Lambda function.
**Name formats**
- + *Function name* – ``MyFunction``.
- + *Function ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction``.
- + *Version or Alias ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD``.
- + *Partial ARN* – ``123456789012:function:MyFunction``.
+ + *Function name* ? ``MyFunction``.
+ + *Function ARN* ? ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction``.
+ + *Version or Alias ARN* ? ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD``.
+ + *Partial ARN* ? ``123456789012:function:MyFunction``.
The length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.
@@ -63,28 +63,29 @@ resource "awscc_lambda_permission" "example" {
- `amazon_managed_kafka_event_source_config` (Attributes) Specific configuration settings for an Amazon Managed Streaming for Apache Kafka (Amazon MSK) event source. (see [below for nested schema](#nestedatt--amazon_managed_kafka_event_source_config))
- `batch_size` (Number) The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).
- + *Amazon Kinesis* – Default 100. Max 10,000.
- + *Amazon DynamoDB Streams* – Default 100. Max 10,000.
- + *Amazon Simple Queue Service* – Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.
- + *Amazon Managed Streaming for Apache Kafka* – Default 100. Max 10,000.
- + *Self-managed Apache Kafka* – Default 100. Max 10,000.
- + *Amazon MQ (ActiveMQ and RabbitMQ)* – Default 100. Max 10,000.
- + *DocumentDB* – Default 100. Max 10,000.
+ + *Amazon Kinesis* ? Default 100. Max 10,000.
+ + *Amazon DynamoDB Streams* ? Default 100. Max 10,000.
+ + *Amazon Simple Queue Service* ? Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.
+ + *Amazon Managed Streaming for Apache Kafka* ? Default 100. Max 10,000.
+ + *Self-managed Apache Kafka* ? Default 100. Max 10,000.
+ + *Amazon MQ (ActiveMQ and RabbitMQ)* ? Default 100. Max 10,000.
+ + *DocumentDB* ? Default 100. Max 10,000.
- `bisect_batch_on_function_error` (Boolean) (Kinesis and DynamoDB Streams only) If the function returns an error, split the batch in two and retry. The default value is false.
- `destination_config` (Attributes) (Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka event sources only) A configuration object that specifies the destination of an event after Lambda processes it. (see [below for nested schema](#nestedatt--destination_config))
- `document_db_event_source_config` (Attributes) Specific configuration settings for a DocumentDB event source. (see [below for nested schema](#nestedatt--document_db_event_source_config))
- `enabled` (Boolean) When true, the event source mapping is active. When false, Lambda pauses polling and invocation.
Default: True
- `event_source_arn` (String) The Amazon Resource Name (ARN) of the event source.
- + *Amazon Kinesis* – The ARN of the data stream or a stream consumer.
- + *Amazon DynamoDB Streams* – The ARN of the stream.
- + *Amazon Simple Queue Service* – The ARN of the queue.
- + *Amazon Managed Streaming for Apache Kafka* – The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc)).
- + *Amazon MQ* – The ARN of the broker.
- + *Amazon DocumentDB* – The ARN of the DocumentDB change stream.
+ + *Amazon Kinesis* ? The ARN of the data stream or a stream consumer.
+ + *Amazon DynamoDB Streams* ? The ARN of the stream.
+ + *Amazon Simple Queue Service* ? The ARN of the queue.
+ + *Amazon Managed Streaming for Apache Kafka* ? The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc)).
+ + *Amazon MQ* ? The ARN of the broker.
+ + *Amazon DocumentDB* ? The ARN of the DocumentDB change stream.
- `filter_criteria` (Attributes) An object that defines the filter criteria that determine whether Lambda should process an event. For more information, see [Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html). (see [below for nested schema](#nestedatt--filter_criteria))
- `function_response_types` (List of String) (Streams and SQS) A list of current response type enums applied to the event source mapping.
Valid Values: ``ReportBatchItemFailures``
+- `kms_key_arn` (String)
- `maximum_batching_window_in_seconds` (Number) The maximum amount of time, in seconds, that Lambda spends gathering records before invoking the function.
*Default (, , event sources)*: 0
*Default (, Kafka, , event sources)*: 500 ms
@@ -202,15 +203,15 @@ Optional:
Optional:
- `type` (String) The type of authentication protocol, VPC components, or virtual host for your event source. For example: ``"Type":"SASL_SCRAM_512_AUTH"``.
- + ``BASIC_AUTH`` – (Amazon MQ) The ASMlong secret that stores your broker credentials.
- + ``BASIC_AUTH`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.
- + ``VPC_SUBNET`` – (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.
- + ``VPC_SECURITY_GROUP`` – (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.
- + ``SASL_SCRAM_256_AUTH`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.
- + ``SASL_SCRAM_512_AUTH`` – (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.
- + ``VIRTUAL_HOST`` –- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.
- + ``CLIENT_CERTIFICATE_TLS_AUTH`` – (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.
- + ``SERVER_ROOT_CA_CERTIFICATE`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.
+ + ``BASIC_AUTH`` ? (Amazon MQ) The ASMlong secret that stores your broker credentials.
+ + ``BASIC_AUTH`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.
+ + ``VPC_SUBNET`` ? (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.
+ + ``VPC_SECURITY_GROUP`` ? (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.
+ + ``SASL_SCRAM_256_AUTH`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.
+ + ``SASL_SCRAM_512_AUTH`` ? (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.
+ + ``VIRTUAL_HOST`` ?- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.
+ + ``CLIENT_CERTIFICATE_TLS_AUTH`` ? (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.
+ + ``SERVER_ROOT_CA_CERTIFICATE`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.
- `uri` (String) The value for your chosen configuration in ``Type``. For example: ``"URI": "arn:aws:secretsmanager:us-east-1:01234567890:secret:MyBrokerSecretName"``.
## Import
diff --git a/docs/resources/lambda_event_source_mapping.md b/docs/resources/lambda_event_source_mapping.md
index 9e6f59416..228e17700 100644
--- a/docs/resources/lambda_event_source_mapping.md
+++ b/docs/resources/lambda_event_source_mapping.md
@@ -29,10 +29,10 @@ The ``AWS::Lambda::EventSourceMapping`` resource creates a mapping between an ev
- `function_name` (String) The name or ARN of the Lambda function.
**Name formats**
- + *Function name* – ``MyFunction``.
- + *Function ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction``.
- + *Version or Alias ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD``.
- + *Partial ARN* – ``123456789012:function:MyFunction``.
+ + *Function name* ? ``MyFunction``.
+ + *Function ARN* ? ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction``.
+ + *Version or Alias ARN* ? ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD``.
+ + *Partial ARN* ? ``123456789012:function:MyFunction``.
The length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.
@@ -40,28 +40,29 @@ The ``AWS::Lambda::EventSourceMapping`` resource creates a mapping between an ev
- `amazon_managed_kafka_event_source_config` (Attributes) Specific configuration settings for an Amazon Managed Streaming for Apache Kafka (Amazon MSK) event source. (see [below for nested schema](#nestedatt--amazon_managed_kafka_event_source_config))
- `batch_size` (Number) The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).
- + *Amazon Kinesis* – Default 100. Max 10,000.
- + *Amazon DynamoDB Streams* – Default 100. Max 10,000.
- + *Amazon Simple Queue Service* – Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.
- + *Amazon Managed Streaming for Apache Kafka* – Default 100. Max 10,000.
- + *Self-managed Apache Kafka* – Default 100. Max 10,000.
- + *Amazon MQ (ActiveMQ and RabbitMQ)* – Default 100. Max 10,000.
- + *DocumentDB* – Default 100. Max 10,000.
+ + *Amazon Kinesis* ? Default 100. Max 10,000.
+ + *Amazon DynamoDB Streams* ? Default 100. Max 10,000.
+ + *Amazon Simple Queue Service* ? Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.
+ + *Amazon Managed Streaming for Apache Kafka* ? Default 100. Max 10,000.
+ + *Self-managed Apache Kafka* ? Default 100. Max 10,000.
+ + *Amazon MQ (ActiveMQ and RabbitMQ)* ? Default 100. Max 10,000.
+ + *DocumentDB* ? Default 100. Max 10,000.
- `bisect_batch_on_function_error` (Boolean) (Kinesis and DynamoDB Streams only) If the function returns an error, split the batch in two and retry. The default value is false.
- `destination_config` (Attributes) (Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka event sources only) A configuration object that specifies the destination of an event after Lambda processes it. (see [below for nested schema](#nestedatt--destination_config))
- `document_db_event_source_config` (Attributes) Specific configuration settings for a DocumentDB event source. (see [below for nested schema](#nestedatt--document_db_event_source_config))
- `enabled` (Boolean) When true, the event source mapping is active. When false, Lambda pauses polling and invocation.
Default: True
- `event_source_arn` (String) The Amazon Resource Name (ARN) of the event source.
- + *Amazon Kinesis* – The ARN of the data stream or a stream consumer.
- + *Amazon DynamoDB Streams* – The ARN of the stream.
- + *Amazon Simple Queue Service* – The ARN of the queue.
- + *Amazon Managed Streaming for Apache Kafka* – The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc)).
- + *Amazon MQ* – The ARN of the broker.
- + *Amazon DocumentDB* – The ARN of the DocumentDB change stream.
+ + *Amazon Kinesis* ? The ARN of the data stream or a stream consumer.
+ + *Amazon DynamoDB Streams* ? The ARN of the stream.
+ + *Amazon Simple Queue Service* ? The ARN of the queue.
+ + *Amazon Managed Streaming for Apache Kafka* ? The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc)).
+ + *Amazon MQ* ? The ARN of the broker.
+ + *Amazon DocumentDB* ? The ARN of the DocumentDB change stream.
- `filter_criteria` (Attributes) An object that defines the filter criteria that determine whether Lambda should process an event. For more information, see [Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html). (see [below for nested schema](#nestedatt--filter_criteria))
- `function_response_types` (List of String) (Streams and SQS) A list of current response type enums applied to the event source mapping.
Valid Values: ``ReportBatchItemFailures``
+- `kms_key_arn` (String)
- `maximum_batching_window_in_seconds` (Number) The maximum amount of time, in seconds, that Lambda spends gathering records before invoking the function.
*Default (, , event sources)*: 0
*Default (, Kafka, , event sources)*: 500 ms
@@ -179,15 +180,15 @@ Optional:
Optional:
- `type` (String) The type of authentication protocol, VPC components, or virtual host for your event source. For example: ``"Type":"SASL_SCRAM_512_AUTH"``.
- + ``BASIC_AUTH`` – (Amazon MQ) The ASMlong secret that stores your broker credentials.
- + ``BASIC_AUTH`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.
- + ``VPC_SUBNET`` – (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.
- + ``VPC_SECURITY_GROUP`` – (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.
- + ``SASL_SCRAM_256_AUTH`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.
- + ``SASL_SCRAM_512_AUTH`` – (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.
- + ``VIRTUAL_HOST`` –- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.
- + ``CLIENT_CERTIFICATE_TLS_AUTH`` – (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.
- + ``SERVER_ROOT_CA_CERTIFICATE`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.
+ + ``BASIC_AUTH`` ? (Amazon MQ) The ASMlong secret that stores your broker credentials.
+ + ``BASIC_AUTH`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.
+ + ``VPC_SUBNET`` ? (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.
+ + ``VPC_SECURITY_GROUP`` ? (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.
+ + ``SASL_SCRAM_256_AUTH`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.
+ + ``SASL_SCRAM_512_AUTH`` ? (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.
+ + ``VIRTUAL_HOST`` ?- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.
+ + ``CLIENT_CERTIFICATE_TLS_AUTH`` ? (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.
+ + ``SERVER_ROOT_CA_CERTIFICATE`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.
- `uri` (String) The value for your chosen configuration in ``Type``. For example: ``"URI": "arn:aws:secretsmanager:us-east-1:01234567890:secret:MyBrokerSecretName"``.
## Import
diff --git a/docs/resources/s3_bucket.md b/docs/resources/s3_bucket.md
index 0257d7cc0..135b5dfa7 100644
--- a/docs/resources/s3_bucket.md
+++ b/docs/resources/s3_bucket.md
@@ -381,7 +381,8 @@ resource "awscc_s3_bucket" "example" {
- `replication_configuration` (Attributes) Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the ``VersioningConfiguration`` property.
Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist. (see [below for nested schema](#nestedatt--replication_configuration))
- `tags` (Attributes List) An arbitrary set of tags (key-value pairs) for this S3 bucket. (see [below for nested schema](#nestedatt--tags))
-- `versioning_configuration` (Attributes) Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them. (see [below for nested schema](#nestedatt--versioning_configuration))
+- `versioning_configuration` (Attributes) Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.
+ When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (``PUT`` or ``DELETE``) on objects in the bucket. (see [below for nested schema](#nestedatt--versioning_configuration))
- `website_configuration` (Attributes) Information used to configure the bucket as a static website. For more information, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html). (see [below for nested schema](#nestedatt--website_configuration))
### Read-Only
@@ -728,7 +729,9 @@ Optional:
Optional:
-- `partition_date_source` (String) Specifies the partition date source for the partitioned prefix. PartitionDateSource can be EventTime or DeliveryTime.
+- `partition_date_source` (String) Specifies the partition date source for the partitioned prefix. ``PartitionDateSource`` can be ``EventTime`` or ``DeliveryTime``.
+ For ``DeliveryTime``, the time in the log file names corresponds to the delivery time for the log files.
+ For ``EventTime``, The logs delivered are for a specific day only. The year, month, and day correspond to the day on which the event occurred, and the hour, minutes and seconds are set to 00 in the key.
diff --git a/docs/resources/systemsmanagersap_application.md b/docs/resources/systemsmanagersap_application.md
index 646ca0e5b..68f4038f4 100644
--- a/docs/resources/systemsmanagersap_application.md
+++ b/docs/resources/systemsmanagersap_application.md
@@ -23,6 +23,7 @@ Resource schema for AWS::SystemsManagerSAP::Application
### Optional
- `credentials` (Attributes List) (see [below for nested schema](#nestedatt--credentials))
+- `database_arn` (String) The ARN of the SAP HANA database
- `instances` (List of String)
- `sap_instance_number` (String)
- `sid` (String)
@@ -30,7 +31,7 @@ Resource schema for AWS::SystemsManagerSAP::Application
### Read-Only
-- `arn` (String) The ARN of the Helix application
+- `arn` (String) The ARN of the SSM-SAP application
- `id` (String) Uniquely identifies the resource.
diff --git a/internal/aws/bedrock/data_source_resource_gen.go b/internal/aws/bedrock/data_source_resource_gen.go
index e5607637e..4cd680f99 100644
--- a/internal/aws/bedrock/data_source_resource_gen.go
+++ b/internal/aws/bedrock/data_source_resource_gen.go
@@ -14,6 +14,7 @@ import (
"github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator"
"github.com/hashicorp/terraform-plugin-framework/resource"
"github.com/hashicorp/terraform-plugin-framework/resource/schema"
+ "github.com/hashicorp/terraform-plugin-framework/resource/schema/int64planmodifier"
"github.com/hashicorp/terraform-plugin-framework/resource/schema/listplanmodifier"
"github.com/hashicorp/terraform-plugin-framework/resource/schema/objectplanmodifier"
"github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier"
@@ -77,10 +78,167 @@ func dataSourceResource(ctx context.Context) (resource.Resource, error) {
// {
// "additionalProperties": false,
// "description": "Specifies a raw data source location to ingest.",
+ // "oneOf": [
+ // {
+ // "required": [
+ // "S3Configuration"
+ // ]
+ // },
+ // {
+ // "required": [
+ // "ConfluenceConfiguration"
+ // ]
+ // },
+ // {
+ // "required": [
+ // "SalesforceConfiguration"
+ // ]
+ // },
+ // {
+ // "required": [
+ // "SharePointConfiguration"
+ // ]
+ // },
+ // {
+ // "required": [
+ // "WebConfiguration"
+ // ]
+ // }
+ // ],
// "properties": {
+ // "ConfluenceConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The configuration information to connect to Confluence as your data source.",
+ // "properties": {
+ // "CrawlerConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The configuration of the Confluence content. For example, configuring specific types of Confluence content.",
+ // "properties": {
+ // "FilterConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The type of filtering that you want to apply to certain objects or content of the data source. For example, the PATTERN type is regular expression patterns you can apply to filter your content.",
+ // "properties": {
+ // "PatternObjectFilter": {
+ // "additionalProperties": false,
+ // "description": "The configuration of specific filters applied to your data source content. You can filter out or include certain content.",
+ // "properties": {
+ // "Filters": {
+ // "description": "Contains information",
+ // "items": {
+ // "additionalProperties": false,
+ // "description": "The specific filters applied to your data source content. You can filter out or include certain content.",
+ // "properties": {
+ // "ExclusionFilters": {
+ // "description": "A set of regular expression filter patterns for a type of object.",
+ // "insertionOrder": false,
+ // "items": {
+ // "description": "A list of one or more inclusion/exclusion regular expression patterns to include certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn't crawled.",
+ // "maxLength": 1000,
+ // "type": "string"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // },
+ // "InclusionFilters": {
+ // "description": "A set of regular expression filter patterns for a type of object.",
+ // "insertionOrder": false,
+ // "items": {
+ // "description": "A list of one or more inclusion/exclusion regular expression patterns to include certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn't crawled.",
+ // "maxLength": 1000,
+ // "type": "string"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // },
+ // "ObjectType": {
+ // "description": "The supported object type or content type of the data source.",
+ // "maxLength": 50,
+ // "minLength": 1,
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "ObjectType"
+ // ],
+ // "type": "object"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // }
+ // },
+ // "required": [
+ // "Filters"
+ // ],
+ // "type": "object"
+ // },
+ // "Type": {
+ // "description": "The crawl filter type.",
+ // "enum": [
+ // "PATTERN"
+ // ],
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "Type"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "type": "object"
+ // },
+ // "SourceConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The endpoint information to connect to your Confluence data source.",
+ // "properties": {
+ // "AuthType": {
+ // "description": "The supported authentication type to authenticate and connect to your Confluence instance.",
+ // "enum": [
+ // "BASIC",
+ // "OAUTH2_CLIENT_CREDENTIALS"
+ // ],
+ // "type": "string"
+ // },
+ // "CredentialsSecretArn": {
+ // "description": "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Confluence instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see Confluence connection configuration.",
+ // "pattern": "^arn:aws(|-cn|-us-gov):secretsmanager:[a-z0-9-]{1,20}:([0-9]{12}|):secret:[a-zA-Z0-9!/_+=.@-]{1,512}$",
+ // "type": "string"
+ // },
+ // "HostType": {
+ // "description": "The supported host type, whether online/cloud or server/on-premises.",
+ // "enum": [
+ // "SAAS"
+ // ],
+ // "type": "string"
+ // },
+ // "HostUrl": {
+ // "description": "The Confluence host URL or instance URL.",
+ // "maxLength": 2048,
+ // "minLength": 1,
+ // "pattern": "^https://[A-Za-z0-9][^\\s]*$",
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "HostUrl",
+ // "HostType",
+ // "AuthType",
+ // "CredentialsSecretArn"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "required": [
+ // "SourceConfiguration"
+ // ],
+ // "type": "object"
+ // },
// "S3Configuration": {
// "additionalProperties": false,
- // "description": "Contains information about the S3 configuration of the data source.",
+ // "description": "The configuration information to connect to Amazon S3 as your data source.",
// "properties": {
// "BucketArn": {
// "description": "The ARN of the bucket that contains the data source.",
@@ -115,22 +273,549 @@ func dataSourceResource(ctx context.Context) (resource.Resource, error) {
// ],
// "type": "object"
// },
+ // "SalesforceConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The configuration information to connect to Salesforce as your data source.",
+ // "properties": {
+ // "CrawlerConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The configuration of filtering the Salesforce content. For example, configuring regular expression patterns to include or exclude certain content.",
+ // "properties": {
+ // "FilterConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The type of filtering that you want to apply to certain objects or content of the data source. For example, the PATTERN type is regular expression patterns you can apply to filter your content.",
+ // "properties": {
+ // "PatternObjectFilter": {
+ // "additionalProperties": false,
+ // "description": "The configuration of specific filters applied to your data source content. You can filter out or include certain content.",
+ // "properties": {
+ // "Filters": {
+ // "description": "Contains information",
+ // "items": {
+ // "additionalProperties": false,
+ // "description": "The specific filters applied to your data source content. You can filter out or include certain content.",
+ // "properties": {
+ // "ExclusionFilters": {
+ // "description": "A set of regular expression filter patterns for a type of object.",
+ // "insertionOrder": false,
+ // "items": {
+ // "description": "A list of one or more inclusion/exclusion regular expression patterns to include certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn't crawled.",
+ // "maxLength": 1000,
+ // "type": "string"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // },
+ // "InclusionFilters": {
+ // "description": "A set of regular expression filter patterns for a type of object.",
+ // "insertionOrder": false,
+ // "items": {
+ // "description": "A list of one or more inclusion/exclusion regular expression patterns to include certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn't crawled.",
+ // "maxLength": 1000,
+ // "type": "string"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // },
+ // "ObjectType": {
+ // "description": "The supported object type or content type of the data source.",
+ // "maxLength": 50,
+ // "minLength": 1,
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "ObjectType"
+ // ],
+ // "type": "object"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // }
+ // },
+ // "required": [
+ // "Filters"
+ // ],
+ // "type": "object"
+ // },
+ // "Type": {
+ // "description": "The crawl filter type.",
+ // "enum": [
+ // "PATTERN"
+ // ],
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "Type"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "type": "object"
+ // },
+ // "SourceConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The endpoint information to connect to your Salesforce data source.",
+ // "properties": {
+ // "AuthType": {
+ // "description": "The supported authentication type to authenticate and connect to your Salesforce instance.",
+ // "enum": [
+ // "OAUTH2_CLIENT_CREDENTIALS"
+ // ],
+ // "type": "string"
+ // },
+ // "CredentialsSecretArn": {
+ // "description": "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Salesforce instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see Salesforce connection configuration.",
+ // "pattern": "^arn:aws(|-cn|-us-gov):secretsmanager:[a-z0-9-]{1,20}:([0-9]{12}|):secret:[a-zA-Z0-9!/_+=.@-]{1,512}$",
+ // "type": "string"
+ // },
+ // "HostUrl": {
+ // "description": "The Salesforce host URL or instance URL.",
+ // "maxLength": 2048,
+ // "minLength": 1,
+ // "pattern": "^https://[A-Za-z0-9][^\\s]*$",
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "HostUrl",
+ // "AuthType",
+ // "CredentialsSecretArn"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "required": [
+ // "SourceConfiguration"
+ // ],
+ // "type": "object"
+ // },
+ // "SharePointConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The configuration information to connect to SharePoint as your data source.",
+ // "properties": {
+ // "CrawlerConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The configuration of the SharePoint content. For example, configuring specific types of SharePoint content.",
+ // "properties": {
+ // "FilterConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The type of filtering that you want to apply to certain objects or content of the data source. For example, the PATTERN type is regular expression patterns you can apply to filter your content.",
+ // "properties": {
+ // "PatternObjectFilter": {
+ // "additionalProperties": false,
+ // "description": "The configuration of specific filters applied to your data source content. You can filter out or include certain content.",
+ // "properties": {
+ // "Filters": {
+ // "description": "Contains information",
+ // "items": {
+ // "additionalProperties": false,
+ // "description": "The specific filters applied to your data source content. You can filter out or include certain content.",
+ // "properties": {
+ // "ExclusionFilters": {
+ // "description": "A set of regular expression filter patterns for a type of object.",
+ // "insertionOrder": false,
+ // "items": {
+ // "description": "A list of one or more inclusion/exclusion regular expression patterns to include certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn't crawled.",
+ // "maxLength": 1000,
+ // "type": "string"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // },
+ // "InclusionFilters": {
+ // "description": "A set of regular expression filter patterns for a type of object.",
+ // "insertionOrder": false,
+ // "items": {
+ // "description": "A list of one or more inclusion/exclusion regular expression patterns to include certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn't crawled.",
+ // "maxLength": 1000,
+ // "type": "string"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // },
+ // "ObjectType": {
+ // "description": "The supported object type or content type of the data source.",
+ // "maxLength": 50,
+ // "minLength": 1,
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "ObjectType"
+ // ],
+ // "type": "object"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // }
+ // },
+ // "required": [
+ // "Filters"
+ // ],
+ // "type": "object"
+ // },
+ // "Type": {
+ // "description": "The crawl filter type.",
+ // "enum": [
+ // "PATTERN"
+ // ],
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "Type"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "type": "object"
+ // },
+ // "SourceConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The endpoint information to connect to your SharePoint data source.",
+ // "properties": {
+ // "AuthType": {
+ // "description": "The supported authentication type to authenticate and connect to your SharePoint site/sites.",
+ // "enum": [
+ // "OAUTH2_CLIENT_CREDENTIALS"
+ // ],
+ // "type": "string"
+ // },
+ // "CredentialsSecretArn": {
+ // "description": "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your SharePoint site/sites. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see SharePoint connection configuration.",
+ // "pattern": "^arn:aws(|-cn|-us-gov):secretsmanager:[a-z0-9-]{1,20}:([0-9]{12}|):secret:[a-zA-Z0-9!/_+=.@-]{1,512}$",
+ // "type": "string"
+ // },
+ // "Domain": {
+ // "description": "The domain of your SharePoint instance or site URL/URLs.",
+ // "maxLength": 50,
+ // "minLength": 1,
+ // "type": "string"
+ // },
+ // "HostType": {
+ // "description": "The supported host type, whether online/cloud or server/on-premises.",
+ // "enum": [
+ // "ONLINE"
+ // ],
+ // "type": "string"
+ // },
+ // "SiteUrls": {
+ // "description": "A list of one or more SharePoint site URLs.",
+ // "insertionOrder": false,
+ // "items": {
+ // "description": "A forced-HTTPS web url.",
+ // "pattern": "^https://[A-Za-z0-9][^\\s]*$",
+ // "type": "string"
+ // },
+ // "maxItems": 100,
+ // "minItems": 1,
+ // "type": "array"
+ // },
+ // "TenantId": {
+ // "description": "The identifier of your Microsoft 365 tenant.",
+ // "pattern": "^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$",
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "Domain",
+ // "SiteUrls",
+ // "HostType",
+ // "AuthType",
+ // "CredentialsSecretArn"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "required": [
+ // "SourceConfiguration"
+ // ],
+ // "type": "object"
+ // },
// "Type": {
// "description": "The type of the data source location.",
// "enum": [
- // "S3"
+ // "S3",
+ // "CONFLUENCE",
+ // "SALESFORCE",
+ // "SHAREPOINT",
+ // "WEB"
// ],
// "type": "string"
+ // },
+ // "WebConfiguration": {
+ // "additionalProperties": false,
+ // "description": "Configures a web data source location.",
+ // "properties": {
+ // "CrawlerConfiguration": {
+ // "additionalProperties": false,
+ // "description": "Configuration for the web crawler.",
+ // "properties": {
+ // "CrawlerLimits": {
+ // "additionalProperties": false,
+ // "description": "Limit settings for the web crawler.",
+ // "properties": {
+ // "RateLimit": {
+ // "description": "Rate of web URLs retrieved per minute.",
+ // "maximum": 300,
+ // "minimum": 1,
+ // "type": "integer"
+ // }
+ // },
+ // "type": "object"
+ // },
+ // "ExclusionFilters": {
+ // "description": "A set of regular expression filter patterns for a type of object.",
+ // "insertionOrder": false,
+ // "items": {
+ // "description": "A list of one or more inclusion/exclusion regular expression patterns to include certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn't crawled.",
+ // "maxLength": 1000,
+ // "type": "string"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // },
+ // "InclusionFilters": {
+ // "description": "A set of regular expression filter patterns for a type of object.",
+ // "insertionOrder": false,
+ // "items": {
+ // "description": "A list of one or more inclusion/exclusion regular expression patterns to include certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn't crawled.",
+ // "maxLength": 1000,
+ // "type": "string"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // },
+ // "Scope": {
+ // "description": "The scope that a web crawl job will be restricted to.",
+ // "enum": [
+ // "HOST_ONLY",
+ // "SUBDOMAINS"
+ // ],
+ // "type": "string"
+ // }
+ // },
+ // "type": "object"
+ // },
+ // "SourceConfiguration": {
+ // "additionalProperties": false,
+ // "description": "A web source configuration.",
+ // "properties": {
+ // "UrlConfiguration": {
+ // "additionalProperties": false,
+ // "description": "A url configuration.",
+ // "properties": {
+ // "SeedUrls": {
+ // "description": "A list of web urls.",
+ // "insertionOrder": false,
+ // "items": {
+ // "additionalProperties": false,
+ // "description": "A seed url object.",
+ // "properties": {
+ // "Url": {
+ // "description": "A web url.",
+ // "pattern": "^https?://[A-Za-z0-9][^\\s]*$",
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "Url"
+ // ],
+ // "type": "object"
+ // },
+ // "maxItems": 100,
+ // "minItems": 1,
+ // "type": "array"
+ // }
+ // },
+ // "required": [
+ // "SeedUrls"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "required": [
+ // "UrlConfiguration"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "required": [
+ // "SourceConfiguration"
+ // ],
+ // "type": "object"
// }
// },
// "required": [
- // "Type",
- // "S3Configuration"
+ // "Type"
// ],
// "type": "object"
// }
"data_source_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: ConfluenceConfiguration
+ "confluence_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: CrawlerConfiguration
+ "crawler_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: FilterConfiguration
+ "filter_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: PatternObjectFilter
+ "pattern_object_filter": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: Filters
+ "filters": schema.ListNestedAttribute{ /*START ATTRIBUTE*/
+ NestedObject: schema.NestedAttributeObject{ /*START NESTED OBJECT*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: ExclusionFilters
+ "exclusion_filters": schema.ListAttribute{ /*START ATTRIBUTE*/
+ ElementType: types.StringType,
+ Description: "A set of regular expression filter patterns for a type of object.",
+ Optional: true,
+ Computed: true,
+ Validators: []validator.List{ /*START VALIDATORS*/
+ listvalidator.SizeBetween(1, 25),
+ listvalidator.ValueStringsAre(
+ stringvalidator.LengthAtMost(1000),
+ ),
+ }, /*END VALIDATORS*/
+ PlanModifiers: []planmodifier.List{ /*START PLAN MODIFIERS*/
+ generic.Multiset(),
+ listplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: InclusionFilters
+ "inclusion_filters": schema.ListAttribute{ /*START ATTRIBUTE*/
+ ElementType: types.StringType,
+ Description: "A set of regular expression filter patterns for a type of object.",
+ Optional: true,
+ Computed: true,
+ Validators: []validator.List{ /*START VALIDATORS*/
+ listvalidator.SizeBetween(1, 25),
+ listvalidator.ValueStringsAre(
+ stringvalidator.LengthAtMost(1000),
+ ),
+ }, /*END VALIDATORS*/
+ PlanModifiers: []planmodifier.List{ /*START PLAN MODIFIERS*/
+ generic.Multiset(),
+ listplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: ObjectType
+ "object_type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The supported object type or content type of the data source.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.LengthBetween(1, 50),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ }, /*END NESTED OBJECT*/
+ Description: "Contains information",
+ Required: true,
+ Validators: []validator.List{ /*START VALIDATORS*/
+ listvalidator.SizeBetween(1, 25),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The configuration of specific filters applied to your data source content. You can filter out or include certain content.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: Type
+ "type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The crawl filter type.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.OneOf(
+ "PATTERN",
+ ),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The type of filtering that you want to apply to certain objects or content of the data source. For example, the PATTERN type is regular expression patterns you can apply to filter your content.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The configuration of the Confluence content. For example, configuring specific types of Confluence content.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: SourceConfiguration
+ "source_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: AuthType
+ "auth_type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The supported authentication type to authenticate and connect to your Confluence instance.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.OneOf(
+ "BASIC",
+ "OAUTH2_CLIENT_CREDENTIALS",
+ ),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ // Property: CredentialsSecretArn
+ "credentials_secret_arn": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Confluence instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see Confluence connection configuration.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.RegexMatches(regexp.MustCompile("^arn:aws(|-cn|-us-gov):secretsmanager:[a-z0-9-]{1,20}:([0-9]{12}|):secret:[a-zA-Z0-9!/_+=.@-]{1,512}$"), ""),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ // Property: HostType
+ "host_type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The supported host type, whether online/cloud or server/on-premises.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.OneOf(
+ "SAAS",
+ ),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ // Property: HostUrl
+ "host_url": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The Confluence host URL or instance URL.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.LengthBetween(1, 2048),
+ stringvalidator.RegexMatches(regexp.MustCompile("^https://[A-Za-z0-9][^\\s]*$"), ""),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The endpoint information to connect to your Confluence data source.",
+ Required: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The configuration information to connect to Confluence as your data source.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
// Property: S3Configuration
"s3_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
@@ -174,8 +859,332 @@ func dataSourceResource(ctx context.Context) (resource.Resource, error) {
}, /*END PLAN MODIFIERS*/
}, /*END ATTRIBUTE*/
}, /*END SCHEMA*/
- Description: "Contains information about the S3 configuration of the data source.",
- Required: true,
+ Description: "The configuration information to connect to Amazon S3 as your data source.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: SalesforceConfiguration
+ "salesforce_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: CrawlerConfiguration
+ "crawler_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: FilterConfiguration
+ "filter_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: PatternObjectFilter
+ "pattern_object_filter": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: Filters
+ "filters": schema.ListNestedAttribute{ /*START ATTRIBUTE*/
+ NestedObject: schema.NestedAttributeObject{ /*START NESTED OBJECT*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: ExclusionFilters
+ "exclusion_filters": schema.ListAttribute{ /*START ATTRIBUTE*/
+ ElementType: types.StringType,
+ Description: "A set of regular expression filter patterns for a type of object.",
+ Optional: true,
+ Computed: true,
+ Validators: []validator.List{ /*START VALIDATORS*/
+ listvalidator.SizeBetween(1, 25),
+ listvalidator.ValueStringsAre(
+ stringvalidator.LengthAtMost(1000),
+ ),
+ }, /*END VALIDATORS*/
+ PlanModifiers: []planmodifier.List{ /*START PLAN MODIFIERS*/
+ generic.Multiset(),
+ listplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: InclusionFilters
+ "inclusion_filters": schema.ListAttribute{ /*START ATTRIBUTE*/
+ ElementType: types.StringType,
+ Description: "A set of regular expression filter patterns for a type of object.",
+ Optional: true,
+ Computed: true,
+ Validators: []validator.List{ /*START VALIDATORS*/
+ listvalidator.SizeBetween(1, 25),
+ listvalidator.ValueStringsAre(
+ stringvalidator.LengthAtMost(1000),
+ ),
+ }, /*END VALIDATORS*/
+ PlanModifiers: []planmodifier.List{ /*START PLAN MODIFIERS*/
+ generic.Multiset(),
+ listplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: ObjectType
+ "object_type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The supported object type or content type of the data source.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.LengthBetween(1, 50),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ }, /*END NESTED OBJECT*/
+ Description: "Contains information",
+ Required: true,
+ Validators: []validator.List{ /*START VALIDATORS*/
+ listvalidator.SizeBetween(1, 25),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The configuration of specific filters applied to your data source content. You can filter out or include certain content.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: Type
+ "type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The crawl filter type.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.OneOf(
+ "PATTERN",
+ ),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The type of filtering that you want to apply to certain objects or content of the data source. For example, the PATTERN type is regular expression patterns you can apply to filter your content.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The configuration of filtering the Salesforce content. For example, configuring regular expression patterns to include or exclude certain content.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: SourceConfiguration
+ "source_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: AuthType
+ "auth_type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The supported authentication type to authenticate and connect to your Salesforce instance.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.OneOf(
+ "OAUTH2_CLIENT_CREDENTIALS",
+ ),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ // Property: CredentialsSecretArn
+ "credentials_secret_arn": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Salesforce instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see Salesforce connection configuration.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.RegexMatches(regexp.MustCompile("^arn:aws(|-cn|-us-gov):secretsmanager:[a-z0-9-]{1,20}:([0-9]{12}|):secret:[a-zA-Z0-9!/_+=.@-]{1,512}$"), ""),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ // Property: HostUrl
+ "host_url": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The Salesforce host URL or instance URL.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.LengthBetween(1, 2048),
+ stringvalidator.RegexMatches(regexp.MustCompile("^https://[A-Za-z0-9][^\\s]*$"), ""),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The endpoint information to connect to your Salesforce data source.",
+ Required: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The configuration information to connect to Salesforce as your data source.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: SharePointConfiguration
+ "share_point_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: CrawlerConfiguration
+ "crawler_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: FilterConfiguration
+ "filter_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: PatternObjectFilter
+ "pattern_object_filter": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: Filters
+ "filters": schema.ListNestedAttribute{ /*START ATTRIBUTE*/
+ NestedObject: schema.NestedAttributeObject{ /*START NESTED OBJECT*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: ExclusionFilters
+ "exclusion_filters": schema.ListAttribute{ /*START ATTRIBUTE*/
+ ElementType: types.StringType,
+ Description: "A set of regular expression filter patterns for a type of object.",
+ Optional: true,
+ Computed: true,
+ Validators: []validator.List{ /*START VALIDATORS*/
+ listvalidator.SizeBetween(1, 25),
+ listvalidator.ValueStringsAre(
+ stringvalidator.LengthAtMost(1000),
+ ),
+ }, /*END VALIDATORS*/
+ PlanModifiers: []planmodifier.List{ /*START PLAN MODIFIERS*/
+ generic.Multiset(),
+ listplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: InclusionFilters
+ "inclusion_filters": schema.ListAttribute{ /*START ATTRIBUTE*/
+ ElementType: types.StringType,
+ Description: "A set of regular expression filter patterns for a type of object.",
+ Optional: true,
+ Computed: true,
+ Validators: []validator.List{ /*START VALIDATORS*/
+ listvalidator.SizeBetween(1, 25),
+ listvalidator.ValueStringsAre(
+ stringvalidator.LengthAtMost(1000),
+ ),
+ }, /*END VALIDATORS*/
+ PlanModifiers: []planmodifier.List{ /*START PLAN MODIFIERS*/
+ generic.Multiset(),
+ listplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: ObjectType
+ "object_type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The supported object type or content type of the data source.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.LengthBetween(1, 50),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ }, /*END NESTED OBJECT*/
+ Description: "Contains information",
+ Required: true,
+ Validators: []validator.List{ /*START VALIDATORS*/
+ listvalidator.SizeBetween(1, 25),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The configuration of specific filters applied to your data source content. You can filter out or include certain content.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: Type
+ "type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The crawl filter type.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.OneOf(
+ "PATTERN",
+ ),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The type of filtering that you want to apply to certain objects or content of the data source. For example, the PATTERN type is regular expression patterns you can apply to filter your content.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The configuration of the SharePoint content. For example, configuring specific types of SharePoint content.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: SourceConfiguration
+ "source_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: AuthType
+ "auth_type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The supported authentication type to authenticate and connect to your SharePoint site/sites.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.OneOf(
+ "OAUTH2_CLIENT_CREDENTIALS",
+ ),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ // Property: CredentialsSecretArn
+ "credentials_secret_arn": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your SharePoint site/sites. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see SharePoint connection configuration.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.RegexMatches(regexp.MustCompile("^arn:aws(|-cn|-us-gov):secretsmanager:[a-z0-9-]{1,20}:([0-9]{12}|):secret:[a-zA-Z0-9!/_+=.@-]{1,512}$"), ""),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ // Property: Domain
+ "domain": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The domain of your SharePoint instance or site URL/URLs.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.LengthBetween(1, 50),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ // Property: HostType
+ "host_type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The supported host type, whether online/cloud or server/on-premises.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.OneOf(
+ "ONLINE",
+ ),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ // Property: SiteUrls
+ "site_urls": schema.ListAttribute{ /*START ATTRIBUTE*/
+ ElementType: types.StringType,
+ Description: "A list of one or more SharePoint site URLs.",
+ Required: true,
+ Validators: []validator.List{ /*START VALIDATORS*/
+ listvalidator.SizeBetween(1, 100),
+ listvalidator.ValueStringsAre(
+ stringvalidator.RegexMatches(regexp.MustCompile("^https://[A-Za-z0-9][^\\s]*$"), ""),
+ ),
+ }, /*END VALIDATORS*/
+ PlanModifiers: []planmodifier.List{ /*START PLAN MODIFIERS*/
+ generic.Multiset(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: TenantId
+ "tenant_id": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The identifier of your Microsoft 365 tenant.",
+ Optional: true,
+ Computed: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.RegexMatches(regexp.MustCompile("^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$"), ""),
+ }, /*END VALIDATORS*/
+ PlanModifiers: []planmodifier.String{ /*START PLAN MODIFIERS*/
+ stringplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The endpoint information to connect to your SharePoint data source.",
+ Required: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The configuration information to connect to SharePoint as your data source.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
}, /*END ATTRIBUTE*/
// Property: Type
"type": schema.StringAttribute{ /*START ATTRIBUTE*/
@@ -184,8 +1193,146 @@ func dataSourceResource(ctx context.Context) (resource.Resource, error) {
Validators: []validator.String{ /*START VALIDATORS*/
stringvalidator.OneOf(
"S3",
+ "CONFLUENCE",
+ "SALESFORCE",
+ "SHAREPOINT",
+ "WEB",
),
}, /*END VALIDATORS*/
+ PlanModifiers: []planmodifier.String{ /*START PLAN MODIFIERS*/
+ stringplanmodifier.RequiresReplace(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: WebConfiguration
+ "web_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: CrawlerConfiguration
+ "crawler_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: CrawlerLimits
+ "crawler_limits": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: RateLimit
+ "rate_limit": schema.Int64Attribute{ /*START ATTRIBUTE*/
+ Description: "Rate of web URLs retrieved per minute.",
+ Optional: true,
+ Computed: true,
+ Validators: []validator.Int64{ /*START VALIDATORS*/
+ int64validator.Between(1, 300),
+ }, /*END VALIDATORS*/
+ PlanModifiers: []planmodifier.Int64{ /*START PLAN MODIFIERS*/
+ int64planmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "Limit settings for the web crawler.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: ExclusionFilters
+ "exclusion_filters": schema.ListAttribute{ /*START ATTRIBUTE*/
+ ElementType: types.StringType,
+ Description: "A set of regular expression filter patterns for a type of object.",
+ Optional: true,
+ Computed: true,
+ Validators: []validator.List{ /*START VALIDATORS*/
+ listvalidator.SizeBetween(1, 25),
+ listvalidator.ValueStringsAre(
+ stringvalidator.LengthAtMost(1000),
+ ),
+ }, /*END VALIDATORS*/
+ PlanModifiers: []planmodifier.List{ /*START PLAN MODIFIERS*/
+ generic.Multiset(),
+ listplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: InclusionFilters
+ "inclusion_filters": schema.ListAttribute{ /*START ATTRIBUTE*/
+ ElementType: types.StringType,
+ Description: "A set of regular expression filter patterns for a type of object.",
+ Optional: true,
+ Computed: true,
+ Validators: []validator.List{ /*START VALIDATORS*/
+ listvalidator.SizeBetween(1, 25),
+ listvalidator.ValueStringsAre(
+ stringvalidator.LengthAtMost(1000),
+ ),
+ }, /*END VALIDATORS*/
+ PlanModifiers: []planmodifier.List{ /*START PLAN MODIFIERS*/
+ generic.Multiset(),
+ listplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: Scope
+ "scope": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The scope that a web crawl job will be restricted to.",
+ Optional: true,
+ Computed: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.OneOf(
+ "HOST_ONLY",
+ "SUBDOMAINS",
+ ),
+ }, /*END VALIDATORS*/
+ PlanModifiers: []planmodifier.String{ /*START PLAN MODIFIERS*/
+ stringplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "Configuration for the web crawler.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: SourceConfiguration
+ "source_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: UrlConfiguration
+ "url_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: SeedUrls
+ "seed_urls": schema.ListNestedAttribute{ /*START ATTRIBUTE*/
+ NestedObject: schema.NestedAttributeObject{ /*START NESTED OBJECT*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: Url
+ "url": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "A web url.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.RegexMatches(regexp.MustCompile("^https?://[A-Za-z0-9][^\\s]*$"), ""),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ }, /*END NESTED OBJECT*/
+ Description: "A list of web urls.",
+ Required: true,
+ Validators: []validator.List{ /*START VALIDATORS*/
+ listvalidator.SizeBetween(1, 100),
+ }, /*END VALIDATORS*/
+ PlanModifiers: []planmodifier.List{ /*START PLAN MODIFIERS*/
+ generic.Multiset(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "A url configuration.",
+ Required: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "A web source configuration.",
+ Required: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "Configures a web data source location.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
}, /*END ATTRIBUTE*/
}, /*END SCHEMA*/
Description: "Specifies a raw data source location to ingest.",
@@ -370,7 +1517,9 @@ func dataSourceResource(ctx context.Context) (resource.Resource, error) {
// "description": "Knowledge base can split your source data into chunks. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. You have the following options for chunking your data. If you opt for NONE, then you may want to pre-process your files by splitting them up such that each file corresponds to a chunk.",
// "enum": [
// "FIXED_SIZE",
- // "NONE"
+ // "NONE",
+ // "HIERARCHICAL",
+ // "SEMANTIC"
// ],
// "type": "string"
// },
@@ -395,12 +1544,220 @@ func dataSourceResource(ctx context.Context) (resource.Resource, error) {
// "OverlapPercentage"
// ],
// "type": "object"
+ // },
+ // "HierarchicalChunkingConfiguration": {
+ // "additionalProperties": false,
+ // "description": "Configurations for when you choose hierarchical chunking. If you set the chunkingStrategy as NONE, exclude this field.",
+ // "properties": {
+ // "LevelConfigurations": {
+ // "description": "Token settings for each layer.",
+ // "insertionOrder": false,
+ // "items": {
+ // "additionalProperties": false,
+ // "description": "Token settings for a layer in a hierarchical chunking configuration.",
+ // "properties": {
+ // "MaxTokens": {
+ // "description": "The maximum number of tokens that a chunk can contain in this layer.",
+ // "maximum": 8192,
+ // "minimum": 1,
+ // "type": "integer"
+ // }
+ // },
+ // "required": [
+ // "MaxTokens"
+ // ],
+ // "type": "object"
+ // },
+ // "maxItems": 2,
+ // "minItems": 2,
+ // "type": "array"
+ // },
+ // "OverlapTokens": {
+ // "description": "The number of tokens to repeat across chunks in the same layer.",
+ // "minimum": 1,
+ // "type": "integer"
+ // }
+ // },
+ // "required": [
+ // "LevelConfigurations",
+ // "OverlapTokens"
+ // ],
+ // "type": "object"
+ // },
+ // "SemanticChunkingConfiguration": {
+ // "additionalProperties": false,
+ // "description": "Configurations for when you choose semantic chunking. If you set the chunkingStrategy as NONE, exclude this field.",
+ // "properties": {
+ // "BreakpointPercentileThreshold": {
+ // "description": "The dissimilarity threshold for splitting chunks.",
+ // "maximum": 99,
+ // "minimum": 50,
+ // "type": "integer"
+ // },
+ // "BufferSize": {
+ // "description": "The buffer size.",
+ // "maximum": 1,
+ // "minimum": 0,
+ // "type": "integer"
+ // },
+ // "MaxTokens": {
+ // "description": "The maximum number of tokens that a chunk can contain.",
+ // "minimum": 1,
+ // "type": "integer"
+ // }
+ // },
+ // "required": [
+ // "BreakpointPercentileThreshold",
+ // "BufferSize",
+ // "MaxTokens"
+ // ],
+ // "type": "object"
// }
// },
// "required": [
// "ChunkingStrategy"
// ],
// "type": "object"
+ // },
+ // "CustomTransformationConfiguration": {
+ // "additionalProperties": false,
+ // "description": "Settings for customizing steps in the data source content ingestion pipeline.",
+ // "properties": {
+ // "IntermediateStorage": {
+ // "additionalProperties": false,
+ // "description": "A location for storing content from data sources temporarily as it is processed by custom components in the ingestion pipeline.",
+ // "properties": {
+ // "S3Location": {
+ // "additionalProperties": false,
+ // "description": "An Amazon S3 location.",
+ // "properties": {
+ // "URI": {
+ // "description": "The location's URI",
+ // "maxLength": 2048,
+ // "minLength": 1,
+ // "pattern": "^s3://.{1,128}$",
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "URI"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "required": [
+ // "S3Location"
+ // ],
+ // "type": "object"
+ // },
+ // "Transformations": {
+ // "description": "A list of Lambda functions that process documents.",
+ // "insertionOrder": false,
+ // "items": {
+ // "additionalProperties": false,
+ // "description": "A Lambda function that processes documents.",
+ // "properties": {
+ // "StepToApply": {
+ // "description": "When the service applies the transformation.",
+ // "enum": [
+ // "POST_CHUNKING"
+ // ],
+ // "type": "string"
+ // },
+ // "TransformationFunction": {
+ // "additionalProperties": false,
+ // "description": "A Lambda function that processes documents.",
+ // "properties": {
+ // "TransformationLambdaConfiguration": {
+ // "additionalProperties": false,
+ // "description": "A Lambda function that processes documents.",
+ // "properties": {
+ // "LambdaArn": {
+ // "description": "The function's ARN identifier.",
+ // "maxLength": 2048,
+ // "minLength": 0,
+ // "pattern": "^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\\d{1}:\\d{12}:function:[a-zA-Z0-9-_\\.]+(:(\\$LATEST|[a-zA-Z0-9-_]+))?$",
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "LambdaArn"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "required": [
+ // "TransformationLambdaConfiguration"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "required": [
+ // "StepToApply",
+ // "TransformationFunction"
+ // ],
+ // "type": "object"
+ // },
+ // "maxItems": 1,
+ // "minItems": 1,
+ // "type": "array"
+ // }
+ // },
+ // "required": [
+ // "IntermediateStorage",
+ // "Transformations"
+ // ],
+ // "type": "object"
+ // },
+ // "ParsingConfiguration": {
+ // "additionalProperties": false,
+ // "description": "Settings for parsing document contents",
+ // "properties": {
+ // "BedrockFoundationModelConfiguration": {
+ // "additionalProperties": false,
+ // "description": "Settings for a foundation model used to parse documents for a data source.",
+ // "properties": {
+ // "ModelArn": {
+ // "description": "The model's ARN.",
+ // "maxLength": 2048,
+ // "minLength": 1,
+ // "pattern": "^arn:aws(-[^:]+)?:bedrock:[a-z0-9-]{1,20}::foundation-model/([a-z0-9-]{1,63}[.]{1}[a-z0-9-]{1,63}([.]?[a-z0-9-]{1,63})([:][a-z0-9-]{1,63}){0,2})$",
+ // "type": "string"
+ // },
+ // "ParsingPrompt": {
+ // "additionalProperties": false,
+ // "description": "Instructions for interpreting the contents of a document.",
+ // "properties": {
+ // "ParsingPromptText": {
+ // "description": "Instructions for interpreting the contents of a document.",
+ // "maxLength": 10000,
+ // "minLength": 1,
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "ParsingPromptText"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "required": [
+ // "ModelArn"
+ // ],
+ // "type": "object"
+ // },
+ // "ParsingStrategy": {
+ // "description": "The parsing strategy for the data source.",
+ // "enum": [
+ // "BEDROCK_FOUNDATION_MODEL"
+ // ],
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "ParsingStrategy"
+ // ],
+ // "type": "object"
// }
// },
// "type": "object"
@@ -418,6 +1775,8 @@ func dataSourceResource(ctx context.Context) (resource.Resource, error) {
stringvalidator.OneOf(
"FIXED_SIZE",
"NONE",
+ "HIERARCHICAL",
+ "SEMANTIC",
),
}, /*END VALIDATORS*/
}, /*END ATTRIBUTE*/
@@ -448,12 +1807,233 @@ func dataSourceResource(ctx context.Context) (resource.Resource, error) {
objectplanmodifier.UseStateForUnknown(),
}, /*END PLAN MODIFIERS*/
}, /*END ATTRIBUTE*/
+ // Property: HierarchicalChunkingConfiguration
+ "hierarchical_chunking_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: LevelConfigurations
+ "level_configurations": schema.ListNestedAttribute{ /*START ATTRIBUTE*/
+ NestedObject: schema.NestedAttributeObject{ /*START NESTED OBJECT*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: MaxTokens
+ "max_tokens": schema.Int64Attribute{ /*START ATTRIBUTE*/
+ Description: "The maximum number of tokens that a chunk can contain in this layer.",
+ Required: true,
+ Validators: []validator.Int64{ /*START VALIDATORS*/
+ int64validator.Between(1, 8192),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ }, /*END NESTED OBJECT*/
+ Description: "Token settings for each layer.",
+ Required: true,
+ Validators: []validator.List{ /*START VALIDATORS*/
+ listvalidator.SizeBetween(2, 2),
+ }, /*END VALIDATORS*/
+ PlanModifiers: []planmodifier.List{ /*START PLAN MODIFIERS*/
+ generic.Multiset(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: OverlapTokens
+ "overlap_tokens": schema.Int64Attribute{ /*START ATTRIBUTE*/
+ Description: "The number of tokens to repeat across chunks in the same layer.",
+ Required: true,
+ Validators: []validator.Int64{ /*START VALIDATORS*/
+ int64validator.AtLeast(1),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "Configurations for when you choose hierarchical chunking. If you set the chunkingStrategy as NONE, exclude this field.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: SemanticChunkingConfiguration
+ "semantic_chunking_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: BreakpointPercentileThreshold
+ "breakpoint_percentile_threshold": schema.Int64Attribute{ /*START ATTRIBUTE*/
+ Description: "The dissimilarity threshold for splitting chunks.",
+ Required: true,
+ Validators: []validator.Int64{ /*START VALIDATORS*/
+ int64validator.Between(50, 99),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ // Property: BufferSize
+ "buffer_size": schema.Int64Attribute{ /*START ATTRIBUTE*/
+ Description: "The buffer size.",
+ Required: true,
+ Validators: []validator.Int64{ /*START VALIDATORS*/
+ int64validator.Between(0, 1),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ // Property: MaxTokens
+ "max_tokens": schema.Int64Attribute{ /*START ATTRIBUTE*/
+ Description: "The maximum number of tokens that a chunk can contain.",
+ Required: true,
+ Validators: []validator.Int64{ /*START VALIDATORS*/
+ int64validator.AtLeast(1),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "Configurations for when you choose semantic chunking. If you set the chunkingStrategy as NONE, exclude this field.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
}, /*END SCHEMA*/
Description: "Details about how to chunk the documents in the data source. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried.",
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
objectplanmodifier.UseStateForUnknown(),
+ objectplanmodifier.RequiresReplaceIfConfigured(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: CustomTransformationConfiguration
+ "custom_transformation_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: IntermediateStorage
+ "intermediate_storage": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: S3Location
+ "s3_location": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: URI
+ "uri": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The location's URI",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.LengthBetween(1, 2048),
+ stringvalidator.RegexMatches(regexp.MustCompile("^s3://.{1,128}$"), ""),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "An Amazon S3 location.",
+ Required: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "A location for storing content from data sources temporarily as it is processed by custom components in the ingestion pipeline.",
+ Required: true,
+ }, /*END ATTRIBUTE*/
+ // Property: Transformations
+ "transformations": schema.ListNestedAttribute{ /*START ATTRIBUTE*/
+ NestedObject: schema.NestedAttributeObject{ /*START NESTED OBJECT*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: StepToApply
+ "step_to_apply": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "When the service applies the transformation.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.OneOf(
+ "POST_CHUNKING",
+ ),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ // Property: TransformationFunction
+ "transformation_function": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: TransformationLambdaConfiguration
+ "transformation_lambda_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: LambdaArn
+ "lambda_arn": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The function's ARN identifier.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.LengthBetween(0, 2048),
+ stringvalidator.RegexMatches(regexp.MustCompile("^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\\d{1}:\\d{12}:function:[a-zA-Z0-9-_\\.]+(:(\\$LATEST|[a-zA-Z0-9-_]+))?$"), ""),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "A Lambda function that processes documents.",
+ Required: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "A Lambda function that processes documents.",
+ Required: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ }, /*END NESTED OBJECT*/
+ Description: "A list of Lambda functions that process documents.",
+ Required: true,
+ Validators: []validator.List{ /*START VALIDATORS*/
+ listvalidator.SizeBetween(1, 1),
+ }, /*END VALIDATORS*/
+ PlanModifiers: []planmodifier.List{ /*START PLAN MODIFIERS*/
+ generic.Multiset(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "Settings for customizing steps in the data source content ingestion pipeline.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: ParsingConfiguration
+ "parsing_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: BedrockFoundationModelConfiguration
+ "bedrock_foundation_model_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: ModelArn
+ "model_arn": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The model's ARN.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.LengthBetween(1, 2048),
+ stringvalidator.RegexMatches(regexp.MustCompile("^arn:aws(-[^:]+)?:bedrock:[a-z0-9-]{1,20}::foundation-model/([a-z0-9-]{1,63}[.]{1}[a-z0-9-]{1,63}([.]?[a-z0-9-]{1,63})([:][a-z0-9-]{1,63}){0,2})$"), ""),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ // Property: ParsingPrompt
+ "parsing_prompt": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: ParsingPromptText
+ "parsing_prompt_text": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "Instructions for interpreting the contents of a document.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.LengthBetween(1, 10000),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "Instructions for interpreting the contents of a document.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "Settings for a foundation model used to parse documents for a data source.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: ParsingStrategy
+ "parsing_strategy": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The parsing strategy for the data source.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.OneOf(
+ "BEDROCK_FOUNDATION_MODEL",
+ ),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "Settings for parsing document contents",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ objectplanmodifier.RequiresReplaceIfConfigured(),
}, /*END PLAN MODIFIERS*/
}, /*END ATTRIBUTE*/
}, /*END SCHEMA*/
@@ -462,7 +2042,6 @@ func dataSourceResource(ctx context.Context) (resource.Resource, error) {
Computed: true,
PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
objectplanmodifier.UseStateForUnknown(),
- objectplanmodifier.RequiresReplaceIfConfigured(),
}, /*END PLAN MODIFIERS*/
}, /*END ATTRIBUTE*/
} /*END SCHEMA*/
@@ -487,29 +2066,75 @@ func dataSourceResource(ctx context.Context) (resource.Resource, error) {
opts = opts.WithCloudFormationTypeName("AWS::Bedrock::DataSource").WithTerraformTypeName("awscc_bedrock_data_source")
opts = opts.WithTerraformSchema(schema)
opts = opts.WithAttributeNameMap(map[string]string{
- "bucket_arn": "BucketArn",
- "bucket_owner_account_id": "BucketOwnerAccountId",
- "chunking_configuration": "ChunkingConfiguration",
- "chunking_strategy": "ChunkingStrategy",
- "created_at": "CreatedAt",
- "data_deletion_policy": "DataDeletionPolicy",
- "data_source_configuration": "DataSourceConfiguration",
- "data_source_id": "DataSourceId",
- "data_source_status": "DataSourceStatus",
- "description": "Description",
- "failure_reasons": "FailureReasons",
- "fixed_size_chunking_configuration": "FixedSizeChunkingConfiguration",
- "inclusion_prefixes": "InclusionPrefixes",
- "kms_key_arn": "KmsKeyArn",
- "knowledge_base_id": "KnowledgeBaseId",
- "max_tokens": "MaxTokens",
- "name": "Name",
- "overlap_percentage": "OverlapPercentage",
- "s3_configuration": "S3Configuration",
- "server_side_encryption_configuration": "ServerSideEncryptionConfiguration",
- "type": "Type",
- "updated_at": "UpdatedAt",
- "vector_ingestion_configuration": "VectorIngestionConfiguration",
+ "auth_type": "AuthType",
+ "bedrock_foundation_model_configuration": "BedrockFoundationModelConfiguration",
+ "breakpoint_percentile_threshold": "BreakpointPercentileThreshold",
+ "bucket_arn": "BucketArn",
+ "bucket_owner_account_id": "BucketOwnerAccountId",
+ "buffer_size": "BufferSize",
+ "chunking_configuration": "ChunkingConfiguration",
+ "chunking_strategy": "ChunkingStrategy",
+ "confluence_configuration": "ConfluenceConfiguration",
+ "crawler_configuration": "CrawlerConfiguration",
+ "crawler_limits": "CrawlerLimits",
+ "created_at": "CreatedAt",
+ "credentials_secret_arn": "CredentialsSecretArn",
+ "custom_transformation_configuration": "CustomTransformationConfiguration",
+ "data_deletion_policy": "DataDeletionPolicy",
+ "data_source_configuration": "DataSourceConfiguration",
+ "data_source_id": "DataSourceId",
+ "data_source_status": "DataSourceStatus",
+ "description": "Description",
+ "domain": "Domain",
+ "exclusion_filters": "ExclusionFilters",
+ "failure_reasons": "FailureReasons",
+ "filter_configuration": "FilterConfiguration",
+ "filters": "Filters",
+ "fixed_size_chunking_configuration": "FixedSizeChunkingConfiguration",
+ "hierarchical_chunking_configuration": "HierarchicalChunkingConfiguration",
+ "host_type": "HostType",
+ "host_url": "HostUrl",
+ "inclusion_filters": "InclusionFilters",
+ "inclusion_prefixes": "InclusionPrefixes",
+ "intermediate_storage": "IntermediateStorage",
+ "kms_key_arn": "KmsKeyArn",
+ "knowledge_base_id": "KnowledgeBaseId",
+ "lambda_arn": "LambdaArn",
+ "level_configurations": "LevelConfigurations",
+ "max_tokens": "MaxTokens",
+ "model_arn": "ModelArn",
+ "name": "Name",
+ "object_type": "ObjectType",
+ "overlap_percentage": "OverlapPercentage",
+ "overlap_tokens": "OverlapTokens",
+ "parsing_configuration": "ParsingConfiguration",
+ "parsing_prompt": "ParsingPrompt",
+ "parsing_prompt_text": "ParsingPromptText",
+ "parsing_strategy": "ParsingStrategy",
+ "pattern_object_filter": "PatternObjectFilter",
+ "rate_limit": "RateLimit",
+ "s3_configuration": "S3Configuration",
+ "s3_location": "S3Location",
+ "salesforce_configuration": "SalesforceConfiguration",
+ "scope": "Scope",
+ "seed_urls": "SeedUrls",
+ "semantic_chunking_configuration": "SemanticChunkingConfiguration",
+ "server_side_encryption_configuration": "ServerSideEncryptionConfiguration",
+ "share_point_configuration": "SharePointConfiguration",
+ "site_urls": "SiteUrls",
+ "source_configuration": "SourceConfiguration",
+ "step_to_apply": "StepToApply",
+ "tenant_id": "TenantId",
+ "transformation_function": "TransformationFunction",
+ "transformation_lambda_configuration": "TransformationLambdaConfiguration",
+ "transformations": "Transformations",
+ "type": "Type",
+ "updated_at": "UpdatedAt",
+ "uri": "URI",
+ "url": "Url",
+ "url_configuration": "UrlConfiguration",
+ "vector_ingestion_configuration": "VectorIngestionConfiguration",
+ "web_configuration": "WebConfiguration",
})
opts = opts.WithCreateTimeoutInMinutes(0).WithDeleteTimeoutInMinutes(0)
diff --git a/internal/aws/bedrock/data_source_singular_data_source_gen.go b/internal/aws/bedrock/data_source_singular_data_source_gen.go
index 1f9c31a59..a5b25a729 100644
--- a/internal/aws/bedrock/data_source_singular_data_source_gen.go
+++ b/internal/aws/bedrock/data_source_singular_data_source_gen.go
@@ -55,10 +55,167 @@ func dataSourceDataSource(ctx context.Context) (datasource.DataSource, error) {
// {
// "additionalProperties": false,
// "description": "Specifies a raw data source location to ingest.",
+ // "oneOf": [
+ // {
+ // "required": [
+ // "S3Configuration"
+ // ]
+ // },
+ // {
+ // "required": [
+ // "ConfluenceConfiguration"
+ // ]
+ // },
+ // {
+ // "required": [
+ // "SalesforceConfiguration"
+ // ]
+ // },
+ // {
+ // "required": [
+ // "SharePointConfiguration"
+ // ]
+ // },
+ // {
+ // "required": [
+ // "WebConfiguration"
+ // ]
+ // }
+ // ],
// "properties": {
+ // "ConfluenceConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The configuration information to connect to Confluence as your data source.",
+ // "properties": {
+ // "CrawlerConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The configuration of the Confluence content. For example, configuring specific types of Confluence content.",
+ // "properties": {
+ // "FilterConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The type of filtering that you want to apply to certain objects or content of the data source. For example, the PATTERN type is regular expression patterns you can apply to filter your content.",
+ // "properties": {
+ // "PatternObjectFilter": {
+ // "additionalProperties": false,
+ // "description": "The configuration of specific filters applied to your data source content. You can filter out or include certain content.",
+ // "properties": {
+ // "Filters": {
+ // "description": "Contains information",
+ // "items": {
+ // "additionalProperties": false,
+ // "description": "The specific filters applied to your data source content. You can filter out or include certain content.",
+ // "properties": {
+ // "ExclusionFilters": {
+ // "description": "A set of regular expression filter patterns for a type of object.",
+ // "insertionOrder": false,
+ // "items": {
+ // "description": "A list of one or more inclusion/exclusion regular expression patterns to include certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn't crawled.",
+ // "maxLength": 1000,
+ // "type": "string"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // },
+ // "InclusionFilters": {
+ // "description": "A set of regular expression filter patterns for a type of object.",
+ // "insertionOrder": false,
+ // "items": {
+ // "description": "A list of one or more inclusion/exclusion regular expression patterns to include certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn't crawled.",
+ // "maxLength": 1000,
+ // "type": "string"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // },
+ // "ObjectType": {
+ // "description": "The supported object type or content type of the data source.",
+ // "maxLength": 50,
+ // "minLength": 1,
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "ObjectType"
+ // ],
+ // "type": "object"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // }
+ // },
+ // "required": [
+ // "Filters"
+ // ],
+ // "type": "object"
+ // },
+ // "Type": {
+ // "description": "The crawl filter type.",
+ // "enum": [
+ // "PATTERN"
+ // ],
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "Type"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "type": "object"
+ // },
+ // "SourceConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The endpoint information to connect to your Confluence data source.",
+ // "properties": {
+ // "AuthType": {
+ // "description": "The supported authentication type to authenticate and connect to your Confluence instance.",
+ // "enum": [
+ // "BASIC",
+ // "OAUTH2_CLIENT_CREDENTIALS"
+ // ],
+ // "type": "string"
+ // },
+ // "CredentialsSecretArn": {
+ // "description": "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Confluence instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see Confluence connection configuration.",
+ // "pattern": "^arn:aws(|-cn|-us-gov):secretsmanager:[a-z0-9-]{1,20}:([0-9]{12}|):secret:[a-zA-Z0-9!/_+=.@-]{1,512}$",
+ // "type": "string"
+ // },
+ // "HostType": {
+ // "description": "The supported host type, whether online/cloud or server/on-premises.",
+ // "enum": [
+ // "SAAS"
+ // ],
+ // "type": "string"
+ // },
+ // "HostUrl": {
+ // "description": "The Confluence host URL or instance URL.",
+ // "maxLength": 2048,
+ // "minLength": 1,
+ // "pattern": "^https://[A-Za-z0-9][^\\s]*$",
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "HostUrl",
+ // "HostType",
+ // "AuthType",
+ // "CredentialsSecretArn"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "required": [
+ // "SourceConfiguration"
+ // ],
+ // "type": "object"
+ // },
// "S3Configuration": {
// "additionalProperties": false,
- // "description": "Contains information about the S3 configuration of the data source.",
+ // "description": "The configuration information to connect to Amazon S3 as your data source.",
// "properties": {
// "BucketArn": {
// "description": "The ARN of the bucket that contains the data source.",
@@ -93,22 +250,482 @@ func dataSourceDataSource(ctx context.Context) (datasource.DataSource, error) {
// ],
// "type": "object"
// },
+ // "SalesforceConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The configuration information to connect to Salesforce as your data source.",
+ // "properties": {
+ // "CrawlerConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The configuration of filtering the Salesforce content. For example, configuring regular expression patterns to include or exclude certain content.",
+ // "properties": {
+ // "FilterConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The type of filtering that you want to apply to certain objects or content of the data source. For example, the PATTERN type is regular expression patterns you can apply to filter your content.",
+ // "properties": {
+ // "PatternObjectFilter": {
+ // "additionalProperties": false,
+ // "description": "The configuration of specific filters applied to your data source content. You can filter out or include certain content.",
+ // "properties": {
+ // "Filters": {
+ // "description": "Contains information",
+ // "items": {
+ // "additionalProperties": false,
+ // "description": "The specific filters applied to your data source content. You can filter out or include certain content.",
+ // "properties": {
+ // "ExclusionFilters": {
+ // "description": "A set of regular expression filter patterns for a type of object.",
+ // "insertionOrder": false,
+ // "items": {
+ // "description": "A list of one or more inclusion/exclusion regular expression patterns to include certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn't crawled.",
+ // "maxLength": 1000,
+ // "type": "string"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // },
+ // "InclusionFilters": {
+ // "description": "A set of regular expression filter patterns for a type of object.",
+ // "insertionOrder": false,
+ // "items": {
+ // "description": "A list of one or more inclusion/exclusion regular expression patterns to include certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn't crawled.",
+ // "maxLength": 1000,
+ // "type": "string"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // },
+ // "ObjectType": {
+ // "description": "The supported object type or content type of the data source.",
+ // "maxLength": 50,
+ // "minLength": 1,
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "ObjectType"
+ // ],
+ // "type": "object"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // }
+ // },
+ // "required": [
+ // "Filters"
+ // ],
+ // "type": "object"
+ // },
+ // "Type": {
+ // "description": "The crawl filter type.",
+ // "enum": [
+ // "PATTERN"
+ // ],
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "Type"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "type": "object"
+ // },
+ // "SourceConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The endpoint information to connect to your Salesforce data source.",
+ // "properties": {
+ // "AuthType": {
+ // "description": "The supported authentication type to authenticate and connect to your Salesforce instance.",
+ // "enum": [
+ // "OAUTH2_CLIENT_CREDENTIALS"
+ // ],
+ // "type": "string"
+ // },
+ // "CredentialsSecretArn": {
+ // "description": "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Salesforce instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see Salesforce connection configuration.",
+ // "pattern": "^arn:aws(|-cn|-us-gov):secretsmanager:[a-z0-9-]{1,20}:([0-9]{12}|):secret:[a-zA-Z0-9!/_+=.@-]{1,512}$",
+ // "type": "string"
+ // },
+ // "HostUrl": {
+ // "description": "The Salesforce host URL or instance URL.",
+ // "maxLength": 2048,
+ // "minLength": 1,
+ // "pattern": "^https://[A-Za-z0-9][^\\s]*$",
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "HostUrl",
+ // "AuthType",
+ // "CredentialsSecretArn"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "required": [
+ // "SourceConfiguration"
+ // ],
+ // "type": "object"
+ // },
+ // "SharePointConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The configuration information to connect to SharePoint as your data source.",
+ // "properties": {
+ // "CrawlerConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The configuration of the SharePoint content. For example, configuring specific types of SharePoint content.",
+ // "properties": {
+ // "FilterConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The type of filtering that you want to apply to certain objects or content of the data source. For example, the PATTERN type is regular expression patterns you can apply to filter your content.",
+ // "properties": {
+ // "PatternObjectFilter": {
+ // "additionalProperties": false,
+ // "description": "The configuration of specific filters applied to your data source content. You can filter out or include certain content.",
+ // "properties": {
+ // "Filters": {
+ // "description": "Contains information",
+ // "items": {
+ // "additionalProperties": false,
+ // "description": "The specific filters applied to your data source content. You can filter out or include certain content.",
+ // "properties": {
+ // "ExclusionFilters": {
+ // "description": "A set of regular expression filter patterns for a type of object.",
+ // "insertionOrder": false,
+ // "items": {
+ // "description": "A list of one or more inclusion/exclusion regular expression patterns to include certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn't crawled.",
+ // "maxLength": 1000,
+ // "type": "string"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // },
+ // "InclusionFilters": {
+ // "description": "A set of regular expression filter patterns for a type of object.",
+ // "insertionOrder": false,
+ // "items": {
+ // "description": "A list of one or more inclusion/exclusion regular expression patterns to include certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn't crawled.",
+ // "maxLength": 1000,
+ // "type": "string"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // },
+ // "ObjectType": {
+ // "description": "The supported object type or content type of the data source.",
+ // "maxLength": 50,
+ // "minLength": 1,
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "ObjectType"
+ // ],
+ // "type": "object"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // }
+ // },
+ // "required": [
+ // "Filters"
+ // ],
+ // "type": "object"
+ // },
+ // "Type": {
+ // "description": "The crawl filter type.",
+ // "enum": [
+ // "PATTERN"
+ // ],
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "Type"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "type": "object"
+ // },
+ // "SourceConfiguration": {
+ // "additionalProperties": false,
+ // "description": "The endpoint information to connect to your SharePoint data source.",
+ // "properties": {
+ // "AuthType": {
+ // "description": "The supported authentication type to authenticate and connect to your SharePoint site/sites.",
+ // "enum": [
+ // "OAUTH2_CLIENT_CREDENTIALS"
+ // ],
+ // "type": "string"
+ // },
+ // "CredentialsSecretArn": {
+ // "description": "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your SharePoint site/sites. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see SharePoint connection configuration.",
+ // "pattern": "^arn:aws(|-cn|-us-gov):secretsmanager:[a-z0-9-]{1,20}:([0-9]{12}|):secret:[a-zA-Z0-9!/_+=.@-]{1,512}$",
+ // "type": "string"
+ // },
+ // "Domain": {
+ // "description": "The domain of your SharePoint instance or site URL/URLs.",
+ // "maxLength": 50,
+ // "minLength": 1,
+ // "type": "string"
+ // },
+ // "HostType": {
+ // "description": "The supported host type, whether online/cloud or server/on-premises.",
+ // "enum": [
+ // "ONLINE"
+ // ],
+ // "type": "string"
+ // },
+ // "SiteUrls": {
+ // "description": "A list of one or more SharePoint site URLs.",
+ // "insertionOrder": false,
+ // "items": {
+ // "description": "A forced-HTTPS web url.",
+ // "pattern": "^https://[A-Za-z0-9][^\\s]*$",
+ // "type": "string"
+ // },
+ // "maxItems": 100,
+ // "minItems": 1,
+ // "type": "array"
+ // },
+ // "TenantId": {
+ // "description": "The identifier of your Microsoft 365 tenant.",
+ // "pattern": "^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$",
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "Domain",
+ // "SiteUrls",
+ // "HostType",
+ // "AuthType",
+ // "CredentialsSecretArn"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "required": [
+ // "SourceConfiguration"
+ // ],
+ // "type": "object"
+ // },
// "Type": {
// "description": "The type of the data source location.",
// "enum": [
- // "S3"
+ // "S3",
+ // "CONFLUENCE",
+ // "SALESFORCE",
+ // "SHAREPOINT",
+ // "WEB"
// ],
// "type": "string"
+ // },
+ // "WebConfiguration": {
+ // "additionalProperties": false,
+ // "description": "Configures a web data source location.",
+ // "properties": {
+ // "CrawlerConfiguration": {
+ // "additionalProperties": false,
+ // "description": "Configuration for the web crawler.",
+ // "properties": {
+ // "CrawlerLimits": {
+ // "additionalProperties": false,
+ // "description": "Limit settings for the web crawler.",
+ // "properties": {
+ // "RateLimit": {
+ // "description": "Rate of web URLs retrieved per minute.",
+ // "maximum": 300,
+ // "minimum": 1,
+ // "type": "integer"
+ // }
+ // },
+ // "type": "object"
+ // },
+ // "ExclusionFilters": {
+ // "description": "A set of regular expression filter patterns for a type of object.",
+ // "insertionOrder": false,
+ // "items": {
+ // "description": "A list of one or more inclusion/exclusion regular expression patterns to include certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn't crawled.",
+ // "maxLength": 1000,
+ // "type": "string"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // },
+ // "InclusionFilters": {
+ // "description": "A set of regular expression filter patterns for a type of object.",
+ // "insertionOrder": false,
+ // "items": {
+ // "description": "A list of one or more inclusion/exclusion regular expression patterns to include certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn't crawled.",
+ // "maxLength": 1000,
+ // "type": "string"
+ // },
+ // "maxItems": 25,
+ // "minItems": 1,
+ // "type": "array"
+ // },
+ // "Scope": {
+ // "description": "The scope that a web crawl job will be restricted to.",
+ // "enum": [
+ // "HOST_ONLY",
+ // "SUBDOMAINS"
+ // ],
+ // "type": "string"
+ // }
+ // },
+ // "type": "object"
+ // },
+ // "SourceConfiguration": {
+ // "additionalProperties": false,
+ // "description": "A web source configuration.",
+ // "properties": {
+ // "UrlConfiguration": {
+ // "additionalProperties": false,
+ // "description": "A url configuration.",
+ // "properties": {
+ // "SeedUrls": {
+ // "description": "A list of web urls.",
+ // "insertionOrder": false,
+ // "items": {
+ // "additionalProperties": false,
+ // "description": "A seed url object.",
+ // "properties": {
+ // "Url": {
+ // "description": "A web url.",
+ // "pattern": "^https?://[A-Za-z0-9][^\\s]*$",
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "Url"
+ // ],
+ // "type": "object"
+ // },
+ // "maxItems": 100,
+ // "minItems": 1,
+ // "type": "array"
+ // }
+ // },
+ // "required": [
+ // "SeedUrls"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "required": [
+ // "UrlConfiguration"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "required": [
+ // "SourceConfiguration"
+ // ],
+ // "type": "object"
// }
// },
// "required": [
- // "Type",
- // "S3Configuration"
+ // "Type"
// ],
// "type": "object"
// }
"data_source_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: ConfluenceConfiguration
+ "confluence_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: CrawlerConfiguration
+ "crawler_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: FilterConfiguration
+ "filter_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: PatternObjectFilter
+ "pattern_object_filter": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: Filters
+ "filters": schema.ListNestedAttribute{ /*START ATTRIBUTE*/
+ NestedObject: schema.NestedAttributeObject{ /*START NESTED OBJECT*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: ExclusionFilters
+ "exclusion_filters": schema.ListAttribute{ /*START ATTRIBUTE*/
+ ElementType: types.StringType,
+ Description: "A set of regular expression filter patterns for a type of object.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: InclusionFilters
+ "inclusion_filters": schema.ListAttribute{ /*START ATTRIBUTE*/
+ ElementType: types.StringType,
+ Description: "A set of regular expression filter patterns for a type of object.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: ObjectType
+ "object_type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The supported object type or content type of the data source.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ }, /*END NESTED OBJECT*/
+ Description: "Contains information",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The configuration of specific filters applied to your data source content. You can filter out or include certain content.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: Type
+ "type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The crawl filter type.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The type of filtering that you want to apply to certain objects or content of the data source. For example, the PATTERN type is regular expression patterns you can apply to filter your content.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The configuration of the Confluence content. For example, configuring specific types of Confluence content.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: SourceConfiguration
+ "source_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: AuthType
+ "auth_type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The supported authentication type to authenticate and connect to your Confluence instance.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: CredentialsSecretArn
+ "credentials_secret_arn": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Confluence instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see Confluence connection configuration.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: HostType
+ "host_type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The supported host type, whether online/cloud or server/on-premises.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: HostUrl
+ "host_url": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The Confluence host URL or instance URL.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The endpoint information to connect to your Confluence data source.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The configuration information to connect to Confluence as your data source.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
// Property: S3Configuration
"s3_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
@@ -129,7 +746,185 @@ func dataSourceDataSource(ctx context.Context) (datasource.DataSource, error) {
Computed: true,
}, /*END ATTRIBUTE*/
}, /*END SCHEMA*/
- Description: "Contains information about the S3 configuration of the data source.",
+ Description: "The configuration information to connect to Amazon S3 as your data source.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: SalesforceConfiguration
+ "salesforce_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: CrawlerConfiguration
+ "crawler_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: FilterConfiguration
+ "filter_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: PatternObjectFilter
+ "pattern_object_filter": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: Filters
+ "filters": schema.ListNestedAttribute{ /*START ATTRIBUTE*/
+ NestedObject: schema.NestedAttributeObject{ /*START NESTED OBJECT*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: ExclusionFilters
+ "exclusion_filters": schema.ListAttribute{ /*START ATTRIBUTE*/
+ ElementType: types.StringType,
+ Description: "A set of regular expression filter patterns for a type of object.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: InclusionFilters
+ "inclusion_filters": schema.ListAttribute{ /*START ATTRIBUTE*/
+ ElementType: types.StringType,
+ Description: "A set of regular expression filter patterns for a type of object.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: ObjectType
+ "object_type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The supported object type or content type of the data source.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ }, /*END NESTED OBJECT*/
+ Description: "Contains information",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The configuration of specific filters applied to your data source content. You can filter out or include certain content.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: Type
+ "type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The crawl filter type.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The type of filtering that you want to apply to certain objects or content of the data source. For example, the PATTERN type is regular expression patterns you can apply to filter your content.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The configuration of filtering the Salesforce content. For example, configuring regular expression patterns to include or exclude certain content.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: SourceConfiguration
+ "source_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: AuthType
+ "auth_type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The supported authentication type to authenticate and connect to your Salesforce instance.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: CredentialsSecretArn
+ "credentials_secret_arn": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Salesforce instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see Salesforce connection configuration.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: HostUrl
+ "host_url": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The Salesforce host URL or instance URL.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The endpoint information to connect to your Salesforce data source.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The configuration information to connect to Salesforce as your data source.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: SharePointConfiguration
+ "share_point_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: CrawlerConfiguration
+ "crawler_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: FilterConfiguration
+ "filter_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: PatternObjectFilter
+ "pattern_object_filter": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: Filters
+ "filters": schema.ListNestedAttribute{ /*START ATTRIBUTE*/
+ NestedObject: schema.NestedAttributeObject{ /*START NESTED OBJECT*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: ExclusionFilters
+ "exclusion_filters": schema.ListAttribute{ /*START ATTRIBUTE*/
+ ElementType: types.StringType,
+ Description: "A set of regular expression filter patterns for a type of object.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: InclusionFilters
+ "inclusion_filters": schema.ListAttribute{ /*START ATTRIBUTE*/
+ ElementType: types.StringType,
+ Description: "A set of regular expression filter patterns for a type of object.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: ObjectType
+ "object_type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The supported object type or content type of the data source.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ }, /*END NESTED OBJECT*/
+ Description: "Contains information",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The configuration of specific filters applied to your data source content. You can filter out or include certain content.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: Type
+ "type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The crawl filter type.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The type of filtering that you want to apply to certain objects or content of the data source. For example, the PATTERN type is regular expression patterns you can apply to filter your content.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The configuration of the SharePoint content. For example, configuring specific types of SharePoint content.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: SourceConfiguration
+ "source_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: AuthType
+ "auth_type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The supported authentication type to authenticate and connect to your SharePoint site/sites.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: CredentialsSecretArn
+ "credentials_secret_arn": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your SharePoint site/sites. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see SharePoint connection configuration.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: Domain
+ "domain": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The domain of your SharePoint instance or site URL/URLs.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: HostType
+ "host_type": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The supported host type, whether online/cloud or server/on-premises.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: SiteUrls
+ "site_urls": schema.ListAttribute{ /*START ATTRIBUTE*/
+ ElementType: types.StringType,
+ Description: "A list of one or more SharePoint site URLs.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: TenantId
+ "tenant_id": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The identifier of your Microsoft 365 tenant.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The endpoint information to connect to your SharePoint data source.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "The configuration information to connect to SharePoint as your data source.",
Computed: true,
}, /*END ATTRIBUTE*/
// Property: Type
@@ -137,6 +932,77 @@ func dataSourceDataSource(ctx context.Context) (datasource.DataSource, error) {
Description: "The type of the data source location.",
Computed: true,
}, /*END ATTRIBUTE*/
+ // Property: WebConfiguration
+ "web_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: CrawlerConfiguration
+ "crawler_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: CrawlerLimits
+ "crawler_limits": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: RateLimit
+ "rate_limit": schema.Int64Attribute{ /*START ATTRIBUTE*/
+ Description: "Rate of web URLs retrieved per minute.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "Limit settings for the web crawler.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: ExclusionFilters
+ "exclusion_filters": schema.ListAttribute{ /*START ATTRIBUTE*/
+ ElementType: types.StringType,
+ Description: "A set of regular expression filter patterns for a type of object.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: InclusionFilters
+ "inclusion_filters": schema.ListAttribute{ /*START ATTRIBUTE*/
+ ElementType: types.StringType,
+ Description: "A set of regular expression filter patterns for a type of object.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: Scope
+ "scope": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The scope that a web crawl job will be restricted to.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "Configuration for the web crawler.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: SourceConfiguration
+ "source_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: UrlConfiguration
+ "url_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: SeedUrls
+ "seed_urls": schema.ListNestedAttribute{ /*START ATTRIBUTE*/
+ NestedObject: schema.NestedAttributeObject{ /*START NESTED OBJECT*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: Url
+ "url": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "A web url.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ }, /*END NESTED OBJECT*/
+ Description: "A list of web urls.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "A url configuration.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "A web source configuration.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "Configures a web data source location.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
}, /*END SCHEMA*/
Description: "Specifies a raw data source location to ingest.",
Computed: true,
@@ -279,7 +1145,9 @@ func dataSourceDataSource(ctx context.Context) (datasource.DataSource, error) {
// "description": "Knowledge base can split your source data into chunks. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. You have the following options for chunking your data. If you opt for NONE, then you may want to pre-process your files by splitting them up such that each file corresponds to a chunk.",
// "enum": [
// "FIXED_SIZE",
- // "NONE"
+ // "NONE",
+ // "HIERARCHICAL",
+ // "SEMANTIC"
// ],
// "type": "string"
// },
@@ -304,12 +1172,220 @@ func dataSourceDataSource(ctx context.Context) (datasource.DataSource, error) {
// "OverlapPercentage"
// ],
// "type": "object"
+ // },
+ // "HierarchicalChunkingConfiguration": {
+ // "additionalProperties": false,
+ // "description": "Configurations for when you choose hierarchical chunking. If you set the chunkingStrategy as NONE, exclude this field.",
+ // "properties": {
+ // "LevelConfigurations": {
+ // "description": "Token settings for each layer.",
+ // "insertionOrder": false,
+ // "items": {
+ // "additionalProperties": false,
+ // "description": "Token settings for a layer in a hierarchical chunking configuration.",
+ // "properties": {
+ // "MaxTokens": {
+ // "description": "The maximum number of tokens that a chunk can contain in this layer.",
+ // "maximum": 8192,
+ // "minimum": 1,
+ // "type": "integer"
+ // }
+ // },
+ // "required": [
+ // "MaxTokens"
+ // ],
+ // "type": "object"
+ // },
+ // "maxItems": 2,
+ // "minItems": 2,
+ // "type": "array"
+ // },
+ // "OverlapTokens": {
+ // "description": "The number of tokens to repeat across chunks in the same layer.",
+ // "minimum": 1,
+ // "type": "integer"
+ // }
+ // },
+ // "required": [
+ // "LevelConfigurations",
+ // "OverlapTokens"
+ // ],
+ // "type": "object"
+ // },
+ // "SemanticChunkingConfiguration": {
+ // "additionalProperties": false,
+ // "description": "Configurations for when you choose semantic chunking. If you set the chunkingStrategy as NONE, exclude this field.",
+ // "properties": {
+ // "BreakpointPercentileThreshold": {
+ // "description": "The dissimilarity threshold for splitting chunks.",
+ // "maximum": 99,
+ // "minimum": 50,
+ // "type": "integer"
+ // },
+ // "BufferSize": {
+ // "description": "The buffer size.",
+ // "maximum": 1,
+ // "minimum": 0,
+ // "type": "integer"
+ // },
+ // "MaxTokens": {
+ // "description": "The maximum number of tokens that a chunk can contain.",
+ // "minimum": 1,
+ // "type": "integer"
+ // }
+ // },
+ // "required": [
+ // "BreakpointPercentileThreshold",
+ // "BufferSize",
+ // "MaxTokens"
+ // ],
+ // "type": "object"
// }
// },
// "required": [
// "ChunkingStrategy"
// ],
// "type": "object"
+ // },
+ // "CustomTransformationConfiguration": {
+ // "additionalProperties": false,
+ // "description": "Settings for customizing steps in the data source content ingestion pipeline.",
+ // "properties": {
+ // "IntermediateStorage": {
+ // "additionalProperties": false,
+ // "description": "A location for storing content from data sources temporarily as it is processed by custom components in the ingestion pipeline.",
+ // "properties": {
+ // "S3Location": {
+ // "additionalProperties": false,
+ // "description": "An Amazon S3 location.",
+ // "properties": {
+ // "URI": {
+ // "description": "The location's URI",
+ // "maxLength": 2048,
+ // "minLength": 1,
+ // "pattern": "^s3://.{1,128}$",
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "URI"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "required": [
+ // "S3Location"
+ // ],
+ // "type": "object"
+ // },
+ // "Transformations": {
+ // "description": "A list of Lambda functions that process documents.",
+ // "insertionOrder": false,
+ // "items": {
+ // "additionalProperties": false,
+ // "description": "A Lambda function that processes documents.",
+ // "properties": {
+ // "StepToApply": {
+ // "description": "When the service applies the transformation.",
+ // "enum": [
+ // "POST_CHUNKING"
+ // ],
+ // "type": "string"
+ // },
+ // "TransformationFunction": {
+ // "additionalProperties": false,
+ // "description": "A Lambda function that processes documents.",
+ // "properties": {
+ // "TransformationLambdaConfiguration": {
+ // "additionalProperties": false,
+ // "description": "A Lambda function that processes documents.",
+ // "properties": {
+ // "LambdaArn": {
+ // "description": "The function's ARN identifier.",
+ // "maxLength": 2048,
+ // "minLength": 0,
+ // "pattern": "^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\\d{1}:\\d{12}:function:[a-zA-Z0-9-_\\.]+(:(\\$LATEST|[a-zA-Z0-9-_]+))?$",
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "LambdaArn"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "required": [
+ // "TransformationLambdaConfiguration"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "required": [
+ // "StepToApply",
+ // "TransformationFunction"
+ // ],
+ // "type": "object"
+ // },
+ // "maxItems": 1,
+ // "minItems": 1,
+ // "type": "array"
+ // }
+ // },
+ // "required": [
+ // "IntermediateStorage",
+ // "Transformations"
+ // ],
+ // "type": "object"
+ // },
+ // "ParsingConfiguration": {
+ // "additionalProperties": false,
+ // "description": "Settings for parsing document contents",
+ // "properties": {
+ // "BedrockFoundationModelConfiguration": {
+ // "additionalProperties": false,
+ // "description": "Settings for a foundation model used to parse documents for a data source.",
+ // "properties": {
+ // "ModelArn": {
+ // "description": "The model's ARN.",
+ // "maxLength": 2048,
+ // "minLength": 1,
+ // "pattern": "^arn:aws(-[^:]+)?:bedrock:[a-z0-9-]{1,20}::foundation-model/([a-z0-9-]{1,63}[.]{1}[a-z0-9-]{1,63}([.]?[a-z0-9-]{1,63})([:][a-z0-9-]{1,63}){0,2})$",
+ // "type": "string"
+ // },
+ // "ParsingPrompt": {
+ // "additionalProperties": false,
+ // "description": "Instructions for interpreting the contents of a document.",
+ // "properties": {
+ // "ParsingPromptText": {
+ // "description": "Instructions for interpreting the contents of a document.",
+ // "maxLength": 10000,
+ // "minLength": 1,
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "ParsingPromptText"
+ // ],
+ // "type": "object"
+ // }
+ // },
+ // "required": [
+ // "ModelArn"
+ // ],
+ // "type": "object"
+ // },
+ // "ParsingStrategy": {
+ // "description": "The parsing strategy for the data source.",
+ // "enum": [
+ // "BEDROCK_FOUNDATION_MODEL"
+ // ],
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "ParsingStrategy"
+ // ],
+ // "type": "object"
// }
// },
// "type": "object"
@@ -341,10 +1417,153 @@ func dataSourceDataSource(ctx context.Context) (datasource.DataSource, error) {
Description: "Configurations for when you choose fixed-size chunking. If you set the chunkingStrategy as NONE, exclude this field.",
Computed: true,
}, /*END ATTRIBUTE*/
+ // Property: HierarchicalChunkingConfiguration
+ "hierarchical_chunking_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: LevelConfigurations
+ "level_configurations": schema.ListNestedAttribute{ /*START ATTRIBUTE*/
+ NestedObject: schema.NestedAttributeObject{ /*START NESTED OBJECT*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: MaxTokens
+ "max_tokens": schema.Int64Attribute{ /*START ATTRIBUTE*/
+ Description: "The maximum number of tokens that a chunk can contain in this layer.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ }, /*END NESTED OBJECT*/
+ Description: "Token settings for each layer.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: OverlapTokens
+ "overlap_tokens": schema.Int64Attribute{ /*START ATTRIBUTE*/
+ Description: "The number of tokens to repeat across chunks in the same layer.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "Configurations for when you choose hierarchical chunking. If you set the chunkingStrategy as NONE, exclude this field.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: SemanticChunkingConfiguration
+ "semantic_chunking_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: BreakpointPercentileThreshold
+ "breakpoint_percentile_threshold": schema.Int64Attribute{ /*START ATTRIBUTE*/
+ Description: "The dissimilarity threshold for splitting chunks.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: BufferSize
+ "buffer_size": schema.Int64Attribute{ /*START ATTRIBUTE*/
+ Description: "The buffer size.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: MaxTokens
+ "max_tokens": schema.Int64Attribute{ /*START ATTRIBUTE*/
+ Description: "The maximum number of tokens that a chunk can contain.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "Configurations for when you choose semantic chunking. If you set the chunkingStrategy as NONE, exclude this field.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
}, /*END SCHEMA*/
Description: "Details about how to chunk the documents in the data source. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried.",
Computed: true,
}, /*END ATTRIBUTE*/
+ // Property: CustomTransformationConfiguration
+ "custom_transformation_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: IntermediateStorage
+ "intermediate_storage": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: S3Location
+ "s3_location": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: URI
+ "uri": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The location's URI",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "An Amazon S3 location.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "A location for storing content from data sources temporarily as it is processed by custom components in the ingestion pipeline.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: Transformations
+ "transformations": schema.ListNestedAttribute{ /*START ATTRIBUTE*/
+ NestedObject: schema.NestedAttributeObject{ /*START NESTED OBJECT*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: StepToApply
+ "step_to_apply": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "When the service applies the transformation.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: TransformationFunction
+ "transformation_function": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: TransformationLambdaConfiguration
+ "transformation_lambda_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: LambdaArn
+ "lambda_arn": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The function's ARN identifier.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "A Lambda function that processes documents.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "A Lambda function that processes documents.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ }, /*END NESTED OBJECT*/
+ Description: "A list of Lambda functions that process documents.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "Settings for customizing steps in the data source content ingestion pipeline.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: ParsingConfiguration
+ "parsing_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: BedrockFoundationModelConfiguration
+ "bedrock_foundation_model_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: ModelArn
+ "model_arn": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The model's ARN.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: ParsingPrompt
+ "parsing_prompt": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: ParsingPromptText
+ "parsing_prompt_text": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "Instructions for interpreting the contents of a document.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "Instructions for interpreting the contents of a document.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "Settings for a foundation model used to parse documents for a data source.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: ParsingStrategy
+ "parsing_strategy": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The parsing strategy for the data source.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Description: "Settings for parsing document contents",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
}, /*END SCHEMA*/
Description: "Details about how to chunk the documents in the data source. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried.",
Computed: true,
@@ -366,29 +1585,75 @@ func dataSourceDataSource(ctx context.Context) (datasource.DataSource, error) {
opts = opts.WithCloudFormationTypeName("AWS::Bedrock::DataSource").WithTerraformTypeName("awscc_bedrock_data_source")
opts = opts.WithTerraformSchema(schema)
opts = opts.WithAttributeNameMap(map[string]string{
- "bucket_arn": "BucketArn",
- "bucket_owner_account_id": "BucketOwnerAccountId",
- "chunking_configuration": "ChunkingConfiguration",
- "chunking_strategy": "ChunkingStrategy",
- "created_at": "CreatedAt",
- "data_deletion_policy": "DataDeletionPolicy",
- "data_source_configuration": "DataSourceConfiguration",
- "data_source_id": "DataSourceId",
- "data_source_status": "DataSourceStatus",
- "description": "Description",
- "failure_reasons": "FailureReasons",
- "fixed_size_chunking_configuration": "FixedSizeChunkingConfiguration",
- "inclusion_prefixes": "InclusionPrefixes",
- "kms_key_arn": "KmsKeyArn",
- "knowledge_base_id": "KnowledgeBaseId",
- "max_tokens": "MaxTokens",
- "name": "Name",
- "overlap_percentage": "OverlapPercentage",
- "s3_configuration": "S3Configuration",
- "server_side_encryption_configuration": "ServerSideEncryptionConfiguration",
- "type": "Type",
- "updated_at": "UpdatedAt",
- "vector_ingestion_configuration": "VectorIngestionConfiguration",
+ "auth_type": "AuthType",
+ "bedrock_foundation_model_configuration": "BedrockFoundationModelConfiguration",
+ "breakpoint_percentile_threshold": "BreakpointPercentileThreshold",
+ "bucket_arn": "BucketArn",
+ "bucket_owner_account_id": "BucketOwnerAccountId",
+ "buffer_size": "BufferSize",
+ "chunking_configuration": "ChunkingConfiguration",
+ "chunking_strategy": "ChunkingStrategy",
+ "confluence_configuration": "ConfluenceConfiguration",
+ "crawler_configuration": "CrawlerConfiguration",
+ "crawler_limits": "CrawlerLimits",
+ "created_at": "CreatedAt",
+ "credentials_secret_arn": "CredentialsSecretArn",
+ "custom_transformation_configuration": "CustomTransformationConfiguration",
+ "data_deletion_policy": "DataDeletionPolicy",
+ "data_source_configuration": "DataSourceConfiguration",
+ "data_source_id": "DataSourceId",
+ "data_source_status": "DataSourceStatus",
+ "description": "Description",
+ "domain": "Domain",
+ "exclusion_filters": "ExclusionFilters",
+ "failure_reasons": "FailureReasons",
+ "filter_configuration": "FilterConfiguration",
+ "filters": "Filters",
+ "fixed_size_chunking_configuration": "FixedSizeChunkingConfiguration",
+ "hierarchical_chunking_configuration": "HierarchicalChunkingConfiguration",
+ "host_type": "HostType",
+ "host_url": "HostUrl",
+ "inclusion_filters": "InclusionFilters",
+ "inclusion_prefixes": "InclusionPrefixes",
+ "intermediate_storage": "IntermediateStorage",
+ "kms_key_arn": "KmsKeyArn",
+ "knowledge_base_id": "KnowledgeBaseId",
+ "lambda_arn": "LambdaArn",
+ "level_configurations": "LevelConfigurations",
+ "max_tokens": "MaxTokens",
+ "model_arn": "ModelArn",
+ "name": "Name",
+ "object_type": "ObjectType",
+ "overlap_percentage": "OverlapPercentage",
+ "overlap_tokens": "OverlapTokens",
+ "parsing_configuration": "ParsingConfiguration",
+ "parsing_prompt": "ParsingPrompt",
+ "parsing_prompt_text": "ParsingPromptText",
+ "parsing_strategy": "ParsingStrategy",
+ "pattern_object_filter": "PatternObjectFilter",
+ "rate_limit": "RateLimit",
+ "s3_configuration": "S3Configuration",
+ "s3_location": "S3Location",
+ "salesforce_configuration": "SalesforceConfiguration",
+ "scope": "Scope",
+ "seed_urls": "SeedUrls",
+ "semantic_chunking_configuration": "SemanticChunkingConfiguration",
+ "server_side_encryption_configuration": "ServerSideEncryptionConfiguration",
+ "share_point_configuration": "SharePointConfiguration",
+ "site_urls": "SiteUrls",
+ "source_configuration": "SourceConfiguration",
+ "step_to_apply": "StepToApply",
+ "tenant_id": "TenantId",
+ "transformation_function": "TransformationFunction",
+ "transformation_lambda_configuration": "TransformationLambdaConfiguration",
+ "transformations": "Transformations",
+ "type": "Type",
+ "updated_at": "UpdatedAt",
+ "uri": "URI",
+ "url": "Url",
+ "url_configuration": "UrlConfiguration",
+ "vector_ingestion_configuration": "VectorIngestionConfiguration",
+ "web_configuration": "WebConfiguration",
})
v, err := generic.NewSingularDataSource(ctx, opts...)
diff --git a/internal/aws/cognito/identity_pool_resource_gen.go b/internal/aws/cognito/identity_pool_resource_gen.go
index 94aadb87a..bfdc9eaa1 100644
--- a/internal/aws/cognito/identity_pool_resource_gen.go
+++ b/internal/aws/cognito/identity_pool_resource_gen.go
@@ -9,13 +9,16 @@ import (
"context"
"github.com/hashicorp/terraform-plugin-framework-jsontypes/jsontypes"
+ "github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator"
"github.com/hashicorp/terraform-plugin-framework/resource"
"github.com/hashicorp/terraform-plugin-framework/resource/schema"
"github.com/hashicorp/terraform-plugin-framework/resource/schema/boolplanmodifier"
"github.com/hashicorp/terraform-plugin-framework/resource/schema/listplanmodifier"
"github.com/hashicorp/terraform-plugin-framework/resource/schema/objectplanmodifier"
"github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier"
+ "github.com/hashicorp/terraform-plugin-framework/resource/schema/setplanmodifier"
"github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier"
+ "github.com/hashicorp/terraform-plugin-framework/schema/validator"
"github.com/hashicorp/terraform-plugin-framework/types"
"github.com/hashicorp/terraform-provider-awscc/internal/generic"
"github.com/hashicorp/terraform-provider-awscc/internal/registry"
@@ -211,6 +214,66 @@ func identityPoolResource(ctx context.Context) (resource.Resource, error) {
stringplanmodifier.UseStateForUnknown(),
}, /*END PLAN MODIFIERS*/
}, /*END ATTRIBUTE*/
+ // Property: IdentityPoolTags
+ // CloudFormation resource type schema:
+ //
+ // {
+ // "description": "An array of key-value pairs to apply to this resource.",
+ // "insertionOrder": false,
+ // "items": {
+ // "additionalProperties": false,
+ // "description": "A key-value pair to associate with a resource.",
+ // "properties": {
+ // "Key": {
+ // "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ // "maxLength": 128,
+ // "minLength": 1,
+ // "type": "string"
+ // },
+ // "Value": {
+ // "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ // "maxLength": 256,
+ // "minLength": 0,
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "Key",
+ // "Value"
+ // ],
+ // "type": "object"
+ // },
+ // "type": "array",
+ // "uniqueItems": true
+ // }
+ "identity_pool_tags": schema.SetNestedAttribute{ /*START ATTRIBUTE*/
+ NestedObject: schema.NestedAttributeObject{ /*START NESTED OBJECT*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: Key
+ "key": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.LengthBetween(1, 128),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ // Property: Value
+ "value": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ Required: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.LengthBetween(0, 256),
+ }, /*END VALIDATORS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ }, /*END NESTED OBJECT*/
+ Description: "An array of key-value pairs to apply to this resource.",
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Set{ /*START PLAN MODIFIERS*/
+ setplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
// Property: Name
// CloudFormation resource type schema:
//
@@ -357,6 +420,8 @@ func identityPoolResource(ctx context.Context) (resource.Resource, error) {
"developer_provider_name": "DeveloperProviderName",
"identity_pool_id": "Id",
"identity_pool_name": "IdentityPoolName",
+ "identity_pool_tags": "IdentityPoolTags",
+ "key": "Key",
"name": "Name",
"open_id_connect_provider_ar_ns": "OpenIdConnectProviderARNs",
"provider_name": "ProviderName",
@@ -367,6 +432,7 @@ func identityPoolResource(ctx context.Context) (resource.Resource, error) {
"stream_name": "StreamName",
"streaming_status": "StreamingStatus",
"supported_login_providers": "SupportedLoginProviders",
+ "value": "Value",
})
opts = opts.WithWriteOnlyPropertyPaths([]string{
diff --git a/internal/aws/cognito/identity_pool_singular_data_source_gen.go b/internal/aws/cognito/identity_pool_singular_data_source_gen.go
index 2700abe79..85784b338 100644
--- a/internal/aws/cognito/identity_pool_singular_data_source_gen.go
+++ b/internal/aws/cognito/identity_pool_singular_data_source_gen.go
@@ -160,6 +160,56 @@ func identityPoolDataSource(ctx context.Context) (datasource.DataSource, error)
"identity_pool_name": schema.StringAttribute{ /*START ATTRIBUTE*/
Computed: true,
}, /*END ATTRIBUTE*/
+ // Property: IdentityPoolTags
+ // CloudFormation resource type schema:
+ //
+ // {
+ // "description": "An array of key-value pairs to apply to this resource.",
+ // "insertionOrder": false,
+ // "items": {
+ // "additionalProperties": false,
+ // "description": "A key-value pair to associate with a resource.",
+ // "properties": {
+ // "Key": {
+ // "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ // "maxLength": 128,
+ // "minLength": 1,
+ // "type": "string"
+ // },
+ // "Value": {
+ // "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ // "maxLength": 256,
+ // "minLength": 0,
+ // "type": "string"
+ // }
+ // },
+ // "required": [
+ // "Key",
+ // "Value"
+ // ],
+ // "type": "object"
+ // },
+ // "type": "array",
+ // "uniqueItems": true
+ // }
+ "identity_pool_tags": schema.SetNestedAttribute{ /*START ATTRIBUTE*/
+ NestedObject: schema.NestedAttributeObject{ /*START NESTED OBJECT*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: Key
+ "key": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: Value
+ "value": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ }, /*END NESTED OBJECT*/
+ Description: "An array of key-value pairs to apply to this resource.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
// Property: Name
// CloudFormation resource type schema:
//
@@ -270,6 +320,8 @@ func identityPoolDataSource(ctx context.Context) (datasource.DataSource, error)
"developer_provider_name": "DeveloperProviderName",
"identity_pool_id": "Id",
"identity_pool_name": "IdentityPoolName",
+ "identity_pool_tags": "IdentityPoolTags",
+ "key": "Key",
"name": "Name",
"open_id_connect_provider_ar_ns": "OpenIdConnectProviderARNs",
"provider_name": "ProviderName",
@@ -280,6 +332,7 @@ func identityPoolDataSource(ctx context.Context) (datasource.DataSource, error)
"stream_name": "StreamName",
"streaming_status": "StreamingStatus",
"supported_login_providers": "SupportedLoginProviders",
+ "value": "Value",
})
v, err := generic.NewSingularDataSource(ctx, opts...)
diff --git a/internal/aws/cognito/log_delivery_configuration_resource_gen.go b/internal/aws/cognito/log_delivery_configuration_resource_gen.go
index a5764e259..da19ce586 100644
--- a/internal/aws/cognito/log_delivery_configuration_resource_gen.go
+++ b/internal/aws/cognito/log_delivery_configuration_resource_gen.go
@@ -57,8 +57,26 @@ func logDeliveryConfigurationResource(ctx context.Context) (resource.Resource, e
// "EventSource": {
// "type": "string"
// },
+ // "FirehoseConfiguration": {
+ // "additionalProperties": false,
+ // "properties": {
+ // "StreamArn": {
+ // "type": "string"
+ // }
+ // },
+ // "type": "object"
+ // },
// "LogLevel": {
// "type": "string"
+ // },
+ // "S3Configuration": {
+ // "additionalProperties": false,
+ // "properties": {
+ // "BucketArn": {
+ // "type": "string"
+ // }
+ // },
+ // "type": "object"
// }
// },
// "type": "object"
@@ -94,6 +112,24 @@ func logDeliveryConfigurationResource(ctx context.Context) (resource.Resource, e
stringplanmodifier.UseStateForUnknown(),
}, /*END PLAN MODIFIERS*/
}, /*END ATTRIBUTE*/
+ // Property: FirehoseConfiguration
+ "firehose_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: StreamArn
+ "stream_arn": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.String{ /*START PLAN MODIFIERS*/
+ stringplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
// Property: LogLevel
"log_level": schema.StringAttribute{ /*START ATTRIBUTE*/
Optional: true,
@@ -102,6 +138,24 @@ func logDeliveryConfigurationResource(ctx context.Context) (resource.Resource, e
stringplanmodifier.UseStateForUnknown(),
}, /*END PLAN MODIFIERS*/
}, /*END ATTRIBUTE*/
+ // Property: S3Configuration
+ "s3_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: BucketArn
+ "bucket_arn": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.String{ /*START PLAN MODIFIERS*/
+ stringplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Optional: true,
+ Computed: true,
+ PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
+ objectplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
}, /*END SCHEMA*/
}, /*END NESTED OBJECT*/
Optional: true,
@@ -144,12 +198,16 @@ func logDeliveryConfigurationResource(ctx context.Context) (resource.Resource, e
opts = opts.WithCloudFormationTypeName("AWS::Cognito::LogDeliveryConfiguration").WithTerraformTypeName("awscc_cognito_log_delivery_configuration")
opts = opts.WithTerraformSchema(schema)
opts = opts.WithAttributeNameMap(map[string]string{
+ "bucket_arn": "BucketArn",
"cloudwatch_logs_configuration": "CloudWatchLogsConfiguration",
"event_source": "EventSource",
+ "firehose_configuration": "FirehoseConfiguration",
"log_configurations": "LogConfigurations",
"log_delivery_configuration_id": "Id",
"log_group_arn": "LogGroupArn",
"log_level": "LogLevel",
+ "s3_configuration": "S3Configuration",
+ "stream_arn": "StreamArn",
"user_pool_id": "UserPoolId",
})
diff --git a/internal/aws/cognito/log_delivery_configuration_singular_data_source_gen.go b/internal/aws/cognito/log_delivery_configuration_singular_data_source_gen.go
index 290cef77a..57b4c6707 100644
--- a/internal/aws/cognito/log_delivery_configuration_singular_data_source_gen.go
+++ b/internal/aws/cognito/log_delivery_configuration_singular_data_source_gen.go
@@ -50,8 +50,26 @@ func logDeliveryConfigurationDataSource(ctx context.Context) (datasource.DataSou
// "EventSource": {
// "type": "string"
// },
+ // "FirehoseConfiguration": {
+ // "additionalProperties": false,
+ // "properties": {
+ // "StreamArn": {
+ // "type": "string"
+ // }
+ // },
+ // "type": "object"
+ // },
// "LogLevel": {
// "type": "string"
+ // },
+ // "S3Configuration": {
+ // "additionalProperties": false,
+ // "properties": {
+ // "BucketArn": {
+ // "type": "string"
+ // }
+ // },
+ // "type": "object"
// }
// },
// "type": "object"
@@ -75,10 +93,30 @@ func logDeliveryConfigurationDataSource(ctx context.Context) (datasource.DataSou
"event_source": schema.StringAttribute{ /*START ATTRIBUTE*/
Computed: true,
}, /*END ATTRIBUTE*/
+ // Property: FirehoseConfiguration
+ "firehose_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: StreamArn
+ "stream_arn": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Computed: true,
+ }, /*END ATTRIBUTE*/
// Property: LogLevel
"log_level": schema.StringAttribute{ /*START ATTRIBUTE*/
Computed: true,
}, /*END ATTRIBUTE*/
+ // Property: S3Configuration
+ "s3_configuration": schema.SingleNestedAttribute{ /*START ATTRIBUTE*/
+ Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
+ // Property: BucketArn
+ "bucket_arn": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ }, /*END SCHEMA*/
+ Computed: true,
+ }, /*END ATTRIBUTE*/
}, /*END SCHEMA*/
}, /*END NESTED OBJECT*/
Computed: true,
@@ -109,12 +147,16 @@ func logDeliveryConfigurationDataSource(ctx context.Context) (datasource.DataSou
opts = opts.WithCloudFormationTypeName("AWS::Cognito::LogDeliveryConfiguration").WithTerraformTypeName("awscc_cognito_log_delivery_configuration")
opts = opts.WithTerraformSchema(schema)
opts = opts.WithAttributeNameMap(map[string]string{
+ "bucket_arn": "BucketArn",
"cloudwatch_logs_configuration": "CloudWatchLogsConfiguration",
"event_source": "EventSource",
+ "firehose_configuration": "FirehoseConfiguration",
"log_configurations": "LogConfigurations",
"log_delivery_configuration_id": "Id",
"log_group_arn": "LogGroupArn",
"log_level": "LogLevel",
+ "s3_configuration": "S3Configuration",
+ "stream_arn": "StreamArn",
"user_pool_id": "UserPoolId",
})
diff --git a/internal/aws/ec2/launch_template_resource_gen.go b/internal/aws/ec2/launch_template_resource_gen.go
index 1555475df..65719361f 100644
--- a/internal/aws/ec2/launch_template_resource_gen.go
+++ b/internal/aws/ec2/launch_template_resource_gen.go
@@ -276,7 +276,7 @@ func launchTemplateResource(ctx context.Context) (resource.Resource, error) {
// "type": "object"
// },
// "ImageId": {
- // "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.\n Valid formats:\n + ``ami-17characters00000`` \n + ``resolve:ssm:parameter-name`` \n + ``resolve:ssm:parameter-name:version-number`` \n + ``resolve:ssm:parameter-name:label`` \n \n For more information, see [Use a Systems Manager parameter to find an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) in the *Amazon Elastic Compute Cloud User Guide*.",
+ // "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.\n Valid formats:\n + ``ami-0ac394d6a3example`` \n + ``resolve:ssm:parameter-name`` \n + ``resolve:ssm:parameter-name:version-number`` \n + ``resolve:ssm:parameter-name:label`` \n \n For more information, see [Use a Systems Manager parameter to find an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) in the *Amazon Elastic Compute Cloud User Guide*.",
// "type": "string"
// },
// "InstanceInitiatedShutdownBehavior": {
@@ -1340,7 +1340,7 @@ func launchTemplateResource(ctx context.Context) (resource.Resource, error) {
}, /*END ATTRIBUTE*/
// Property: ImageId
"image_id": schema.StringAttribute{ /*START ATTRIBUTE*/
- Description: "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.\n Valid formats:\n + ``ami-17characters00000`` \n + ``resolve:ssm:parameter-name`` \n + ``resolve:ssm:parameter-name:version-number`` \n + ``resolve:ssm:parameter-name:label`` \n \n For more information, see [Use a Systems Manager parameter to find an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) in the *Amazon Elastic Compute Cloud User Guide*.",
+ Description: "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.\n Valid formats:\n + ``ami-0ac394d6a3example`` \n + ``resolve:ssm:parameter-name`` \n + ``resolve:ssm:parameter-name:version-number`` \n + ``resolve:ssm:parameter-name:label`` \n \n For more information, see [Use a Systems Manager parameter to find an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) in the *Amazon Elastic Compute Cloud User Guide*.",
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.String{ /*START PLAN MODIFIERS*/
diff --git a/internal/aws/ec2/launch_template_singular_data_source_gen.go b/internal/aws/ec2/launch_template_singular_data_source_gen.go
index 8f6201ebb..0f25068e0 100644
--- a/internal/aws/ec2/launch_template_singular_data_source_gen.go
+++ b/internal/aws/ec2/launch_template_singular_data_source_gen.go
@@ -261,7 +261,7 @@ func launchTemplateDataSource(ctx context.Context) (datasource.DataSource, error
// "type": "object"
// },
// "ImageId": {
- // "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.\n Valid formats:\n + ``ami-17characters00000`` \n + ``resolve:ssm:parameter-name`` \n + ``resolve:ssm:parameter-name:version-number`` \n + ``resolve:ssm:parameter-name:label`` \n \n For more information, see [Use a Systems Manager parameter to find an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) in the *Amazon Elastic Compute Cloud User Guide*.",
+ // "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.\n Valid formats:\n + ``ami-0ac394d6a3example`` \n + ``resolve:ssm:parameter-name`` \n + ``resolve:ssm:parameter-name:version-number`` \n + ``resolve:ssm:parameter-name:label`` \n \n For more information, see [Use a Systems Manager parameter to find an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) in the *Amazon Elastic Compute Cloud User Guide*.",
// "type": "string"
// },
// "InstanceInitiatedShutdownBehavior": {
@@ -1163,7 +1163,7 @@ func launchTemplateDataSource(ctx context.Context) (datasource.DataSource, error
}, /*END ATTRIBUTE*/
// Property: ImageId
"image_id": schema.StringAttribute{ /*START ATTRIBUTE*/
- Description: "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.\n Valid formats:\n + ``ami-17characters00000`` \n + ``resolve:ssm:parameter-name`` \n + ``resolve:ssm:parameter-name:version-number`` \n + ``resolve:ssm:parameter-name:label`` \n \n For more information, see [Use a Systems Manager parameter to find an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) in the *Amazon Elastic Compute Cloud User Guide*.",
+ Description: "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.\n Valid formats:\n + ``ami-0ac394d6a3example`` \n + ``resolve:ssm:parameter-name`` \n + ``resolve:ssm:parameter-name:version-number`` \n + ``resolve:ssm:parameter-name:label`` \n \n For more information, see [Use a Systems Manager parameter to find an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) in the *Amazon Elastic Compute Cloud User Guide*.",
Computed: true,
}, /*END ATTRIBUTE*/
// Property: InstanceInitiatedShutdownBehavior
diff --git a/internal/aws/ec2/subnet_cidr_block_resource_gen.go b/internal/aws/ec2/subnet_cidr_block_resource_gen.go
index f988721e4..5975563db 100644
--- a/internal/aws/ec2/subnet_cidr_block_resource_gen.go
+++ b/internal/aws/ec2/subnet_cidr_block_resource_gen.go
@@ -42,6 +42,34 @@ func subnetCidrBlockResource(ctx context.Context) (resource.Resource, error) {
stringplanmodifier.UseStateForUnknown(),
}, /*END PLAN MODIFIERS*/
}, /*END ATTRIBUTE*/
+ // Property: IpSource
+ // CloudFormation resource type schema:
+ //
+ // {
+ // "description": "The IP Source of an IPv6 Subnet CIDR Block.",
+ // "type": "string"
+ // }
+ "ip_source": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The IP Source of an IPv6 Subnet CIDR Block.",
+ Computed: true,
+ PlanModifiers: []planmodifier.String{ /*START PLAN MODIFIERS*/
+ stringplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
+ // Property: Ipv6AddressAttribute
+ // CloudFormation resource type schema:
+ //
+ // {
+ // "description": "The value denoting whether an IPv6 Subnet CIDR Block is public or private.",
+ // "type": "string"
+ // }
+ "ipv_6_address_attribute": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The value denoting whether an IPv6 Subnet CIDR Block is public or private.",
+ Computed: true,
+ PlanModifiers: []planmodifier.String{ /*START PLAN MODIFIERS*/
+ stringplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
// Property: Ipv6CidrBlock
// CloudFormation resource type schema:
//
@@ -137,11 +165,13 @@ func subnetCidrBlockResource(ctx context.Context) (resource.Resource, error) {
opts = opts.WithCloudFormationTypeName("AWS::EC2::SubnetCidrBlock").WithTerraformTypeName("awscc_ec2_subnet_cidr_block")
opts = opts.WithTerraformSchema(schema)
opts = opts.WithAttributeNameMap(map[string]string{
- "ipv_6_cidr_block": "Ipv6CidrBlock",
- "ipv_6_ipam_pool_id": "Ipv6IpamPoolId",
- "ipv_6_netmask_length": "Ipv6NetmaskLength",
- "subnet_cidr_block_id": "Id",
- "subnet_id": "SubnetId",
+ "ip_source": "IpSource",
+ "ipv_6_address_attribute": "Ipv6AddressAttribute",
+ "ipv_6_cidr_block": "Ipv6CidrBlock",
+ "ipv_6_ipam_pool_id": "Ipv6IpamPoolId",
+ "ipv_6_netmask_length": "Ipv6NetmaskLength",
+ "subnet_cidr_block_id": "Id",
+ "subnet_id": "SubnetId",
})
opts = opts.IsImmutableType(true)
diff --git a/internal/aws/ec2/subnet_cidr_block_singular_data_source_gen.go b/internal/aws/ec2/subnet_cidr_block_singular_data_source_gen.go
index 817dfbb3d..5aa3a6abf 100644
--- a/internal/aws/ec2/subnet_cidr_block_singular_data_source_gen.go
+++ b/internal/aws/ec2/subnet_cidr_block_singular_data_source_gen.go
@@ -33,6 +33,28 @@ func subnetCidrBlockDataSource(ctx context.Context) (datasource.DataSource, erro
Description: "Information about the IPv6 association.",
Computed: true,
}, /*END ATTRIBUTE*/
+ // Property: IpSource
+ // CloudFormation resource type schema:
+ //
+ // {
+ // "description": "The IP Source of an IPv6 Subnet CIDR Block.",
+ // "type": "string"
+ // }
+ "ip_source": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The IP Source of an IPv6 Subnet CIDR Block.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
+ // Property: Ipv6AddressAttribute
+ // CloudFormation resource type schema:
+ //
+ // {
+ // "description": "The value denoting whether an IPv6 Subnet CIDR Block is public or private.",
+ // "type": "string"
+ // }
+ "ipv_6_address_attribute": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The value denoting whether an IPv6 Subnet CIDR Block is public or private.",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
// Property: Ipv6CidrBlock
// CloudFormation resource type schema:
//
@@ -97,11 +119,13 @@ func subnetCidrBlockDataSource(ctx context.Context) (datasource.DataSource, erro
opts = opts.WithCloudFormationTypeName("AWS::EC2::SubnetCidrBlock").WithTerraformTypeName("awscc_ec2_subnet_cidr_block")
opts = opts.WithTerraformSchema(schema)
opts = opts.WithAttributeNameMap(map[string]string{
- "ipv_6_cidr_block": "Ipv6CidrBlock",
- "ipv_6_ipam_pool_id": "Ipv6IpamPoolId",
- "ipv_6_netmask_length": "Ipv6NetmaskLength",
- "subnet_cidr_block_id": "Id",
- "subnet_id": "SubnetId",
+ "ip_source": "IpSource",
+ "ipv_6_address_attribute": "Ipv6AddressAttribute",
+ "ipv_6_cidr_block": "Ipv6CidrBlock",
+ "ipv_6_ipam_pool_id": "Ipv6IpamPoolId",
+ "ipv_6_netmask_length": "Ipv6NetmaskLength",
+ "subnet_cidr_block_id": "Id",
+ "subnet_id": "SubnetId",
})
v, err := generic.NewSingularDataSource(ctx, opts...)
diff --git a/internal/aws/ec2/vpc_resource_gen.go b/internal/aws/ec2/vpc_resource_gen.go
index 0e7d54c85..7d20dddb2 100644
--- a/internal/aws/ec2/vpc_resource_gen.go
+++ b/internal/aws/ec2/vpc_resource_gen.go
@@ -129,11 +129,11 @@ func vPCResource(ctx context.Context) (resource.Resource, error) {
// CloudFormation resource type schema:
//
// {
- // "description": "The allowed tenancy of instances launched into the VPC.\n + ``default``: An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.\n + ``dedicated``: An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of ``host`` during instance launch. You cannot specify a tenancy of ``default`` during instance launch.\n \n Updating ``InstanceTenancy`` requires no replacement only if you are updating its value from ``dedicated`` to ``default``. Updating ``InstanceTenancy`` from ``default`` to ``dedicated`` requires replacement.",
+ // "description": "The allowed tenancy of instances launched into the VPC.\n + ``default``: An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.\n + ``dedicated``: An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of ``host`` during instance launch. You cannot specify a tenancy of ``default`` during instance launch.\n \n Updating ``InstanceTenancy`` requires no replacement only if you are updating its value from ``dedicated`` to ``default``. Updating ``InstanceTenancy`` from ``default`` to ``dedicated`` requires replacement.",
// "type": "string"
// }
"instance_tenancy": schema.StringAttribute{ /*START ATTRIBUTE*/
- Description: "The allowed tenancy of instances launched into the VPC.\n + ``default``: An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.\n + ``dedicated``: An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of ``host`` during instance launch. You cannot specify a tenancy of ``default`` during instance launch.\n \n Updating ``InstanceTenancy`` requires no replacement only if you are updating its value from ``dedicated`` to ``default``. Updating ``InstanceTenancy`` from ``default`` to ``dedicated`` requires replacement.",
+ Description: "The allowed tenancy of instances launched into the VPC.\n + ``default``: An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.\n + ``dedicated``: An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of ``host`` during instance launch. You cannot specify a tenancy of ``default`` during instance launch.\n \n Updating ``InstanceTenancy`` requires no replacement only if you are updating its value from ``dedicated`` to ``default``. Updating ``InstanceTenancy`` from ``default`` to ``dedicated`` requires replacement.",
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.String{ /*START PLAN MODIFIERS*/
@@ -272,7 +272,7 @@ func vPCResource(ctx context.Context) (resource.Resource, error) {
}
schema := schema.Schema{
- Description: "Specifies a virtual private cloud (VPC).\n You can optionally request an IPv6 CIDR block for the VPC. You can request an Amazon-provided IPv6 CIDR block from Amazon's pool of IPv6 addresses, or an IPv6 CIDR block from an IPv6 address pool that you provisioned through bring your own IP addresses (BYOIP).\n For more information, see [Virtual private clouds (VPC)](https://docs.aws.amazon.com/vpc/latest/userguide/configure-your-vpc.html) in the *Amazon VPC User Guide*.",
+ Description: "Specifies a virtual private cloud (VPC).\n To add an IPv6 CIDR block to the VPC, see [AWS::EC2::VPCCidrBlock](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpccidrblock.html).\n For more information, see [Virtual private clouds (VPC)](https://docs.aws.amazon.com/vpc/latest/userguide/configure-your-vpc.html) in the *Amazon VPC User Guide*.",
Version: 1,
Attributes: attributes,
}
diff --git a/internal/aws/ec2/vpc_singular_data_source_gen.go b/internal/aws/ec2/vpc_singular_data_source_gen.go
index e60152119..d6588416c 100644
--- a/internal/aws/ec2/vpc_singular_data_source_gen.go
+++ b/internal/aws/ec2/vpc_singular_data_source_gen.go
@@ -101,11 +101,11 @@ func vPCDataSource(ctx context.Context) (datasource.DataSource, error) {
// CloudFormation resource type schema:
//
// {
- // "description": "The allowed tenancy of instances launched into the VPC.\n + ``default``: An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.\n + ``dedicated``: An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of ``host`` during instance launch. You cannot specify a tenancy of ``default`` during instance launch.\n \n Updating ``InstanceTenancy`` requires no replacement only if you are updating its value from ``dedicated`` to ``default``. Updating ``InstanceTenancy`` from ``default`` to ``dedicated`` requires replacement.",
+ // "description": "The allowed tenancy of instances launched into the VPC.\n + ``default``: An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.\n + ``dedicated``: An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of ``host`` during instance launch. You cannot specify a tenancy of ``default`` during instance launch.\n \n Updating ``InstanceTenancy`` requires no replacement only if you are updating its value from ``dedicated`` to ``default``. Updating ``InstanceTenancy`` from ``default`` to ``dedicated`` requires replacement.",
// "type": "string"
// }
"instance_tenancy": schema.StringAttribute{ /*START ATTRIBUTE*/
- Description: "The allowed tenancy of instances launched into the VPC.\n + ``default``: An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.\n + ``dedicated``: An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of ``host`` during instance launch. You cannot specify a tenancy of ``default`` during instance launch.\n \n Updating ``InstanceTenancy`` requires no replacement only if you are updating its value from ``dedicated`` to ``default``. Updating ``InstanceTenancy`` from ``default`` to ``dedicated`` requires replacement.",
+ Description: "The allowed tenancy of instances launched into the VPC.\n + ``default``: An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.\n + ``dedicated``: An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of ``host`` during instance launch. You cannot specify a tenancy of ``default`` during instance launch.\n \n Updating ``InstanceTenancy`` requires no replacement only if you are updating its value from ``dedicated`` to ``default``. Updating ``InstanceTenancy`` from ``default`` to ``dedicated`` requires replacement.",
Computed: true,
}, /*END ATTRIBUTE*/
// Property: Ipv4IpamPoolId
diff --git a/internal/aws/lambda/event_source_mapping_resource_gen.go b/internal/aws/lambda/event_source_mapping_resource_gen.go
index f467d8795..0f3087067 100644
--- a/internal/aws/lambda/event_source_mapping_resource_gen.go
+++ b/internal/aws/lambda/event_source_mapping_resource_gen.go
@@ -80,13 +80,13 @@ func eventSourceMappingResource(ctx context.Context) (resource.Resource, error)
// CloudFormation resource type schema:
//
// {
- // "description": "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n + *Amazon Kinesis* – Default 100. Max 10,000.\n + *Amazon DynamoDB Streams* – Default 100. Max 10,000.\n + *Amazon Simple Queue Service* – Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n + *Amazon Managed Streaming for Apache Kafka* – Default 100. Max 10,000.\n + *Self-managed Apache Kafka* – Default 100. Max 10,000.\n + *Amazon MQ (ActiveMQ and RabbitMQ)* – Default 100. Max 10,000.\n + *DocumentDB* – Default 100. Max 10,000.",
+ // "description": "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n + *Amazon Kinesis* ? Default 100. Max 10,000.\n + *Amazon DynamoDB Streams* ? Default 100. Max 10,000.\n + *Amazon Simple Queue Service* ? Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n + *Amazon Managed Streaming for Apache Kafka* ? Default 100. Max 10,000.\n + *Self-managed Apache Kafka* ? Default 100. Max 10,000.\n + *Amazon MQ (ActiveMQ and RabbitMQ)* ? Default 100. Max 10,000.\n + *DocumentDB* ? Default 100. Max 10,000.",
// "maximum": 10000,
// "minimum": 1,
// "type": "integer"
// }
"batch_size": schema.Int64Attribute{ /*START ATTRIBUTE*/
- Description: "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n + *Amazon Kinesis* – Default 100. Max 10,000.\n + *Amazon DynamoDB Streams* – Default 100. Max 10,000.\n + *Amazon Simple Queue Service* – Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n + *Amazon Managed Streaming for Apache Kafka* – Default 100. Max 10,000.\n + *Self-managed Apache Kafka* – Default 100. Max 10,000.\n + *Amazon MQ (ActiveMQ and RabbitMQ)* – Default 100. Max 10,000.\n + *DocumentDB* – Default 100. Max 10,000.",
+ Description: "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n + *Amazon Kinesis* ? Default 100. Max 10,000.\n + *Amazon DynamoDB Streams* ? Default 100. Max 10,000.\n + *Amazon Simple Queue Service* ? Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n + *Amazon Managed Streaming for Apache Kafka* ? Default 100. Max 10,000.\n + *Self-managed Apache Kafka* ? Default 100. Max 10,000.\n + *Amazon MQ (ActiveMQ and RabbitMQ)* ? Default 100. Max 10,000.\n + *DocumentDB* ? Default 100. Max 10,000.",
Optional: true,
Computed: true,
Validators: []validator.Int64{ /*START VALIDATORS*/
@@ -267,14 +267,14 @@ func eventSourceMappingResource(ctx context.Context) (resource.Resource, error)
// CloudFormation resource type schema:
//
// {
- // "description": "The Amazon Resource Name (ARN) of the event source.\n + *Amazon Kinesis* – The ARN of the data stream or a stream consumer.\n + *Amazon DynamoDB Streams* – The ARN of the stream.\n + *Amazon Simple Queue Service* – The ARN of the queue.\n + *Amazon Managed Streaming for Apache Kafka* – The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc)).\n + *Amazon MQ* – The ARN of the broker.\n + *Amazon DocumentDB* – The ARN of the DocumentDB change stream.",
+ // "description": "The Amazon Resource Name (ARN) of the event source.\n + *Amazon Kinesis* ? The ARN of the data stream or a stream consumer.\n + *Amazon DynamoDB Streams* ? The ARN of the stream.\n + *Amazon Simple Queue Service* ? The ARN of the queue.\n + *Amazon Managed Streaming for Apache Kafka* ? The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc)).\n + *Amazon MQ* ? The ARN of the broker.\n + *Amazon DocumentDB* ? The ARN of the DocumentDB change stream.",
// "maxLength": 1024,
// "minLength": 12,
// "pattern": "arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-])+:([a-z]{2}(-gov)?(-iso([a-z])?)?-[a-z]+-\\d{1})?:(\\d{12})?:(.*)",
// "type": "string"
// }
"event_source_arn": schema.StringAttribute{ /*START ATTRIBUTE*/
- Description: "The Amazon Resource Name (ARN) of the event source.\n + *Amazon Kinesis* – The ARN of the data stream or a stream consumer.\n + *Amazon DynamoDB Streams* – The ARN of the stream.\n + *Amazon Simple Queue Service* – The ARN of the queue.\n + *Amazon Managed Streaming for Apache Kafka* – The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc)).\n + *Amazon MQ* – The ARN of the broker.\n + *Amazon DocumentDB* – The ARN of the DocumentDB change stream.",
+ Description: "The Amazon Resource Name (ARN) of the event source.\n + *Amazon Kinesis* ? The ARN of the data stream or a stream consumer.\n + *Amazon DynamoDB Streams* ? The ARN of the stream.\n + *Amazon Simple Queue Service* ? The ARN of the queue.\n + *Amazon Managed Streaming for Apache Kafka* ? The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc)).\n + *Amazon MQ* ? The ARN of the broker.\n + *Amazon DocumentDB* ? The ARN of the DocumentDB change stream.",
Optional: true,
Computed: true,
Validators: []validator.String{ /*START VALIDATORS*/
@@ -361,14 +361,14 @@ func eventSourceMappingResource(ctx context.Context) (resource.Resource, error)
// CloudFormation resource type schema:
//
// {
- // "description": "The name or ARN of the Lambda function.\n **Name formats**\n + *Function name* – ``MyFunction``.\n + *Function ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction``.\n + *Version or Alias ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD``.\n + *Partial ARN* – ``123456789012:function:MyFunction``.\n \n The length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.",
+ // "description": "The name or ARN of the Lambda function.\n **Name formats**\n + *Function name* ? ``MyFunction``.\n + *Function ARN* ? ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction``.\n + *Version or Alias ARN* ? ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD``.\n + *Partial ARN* ? ``123456789012:function:MyFunction``.\n \n The length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.",
// "maxLength": 140,
// "minLength": 1,
// "pattern": "(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?(-iso([a-z])?)?-[a-z]+-\\d{1}:)?(\\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\\$LATEST|[a-zA-Z0-9-_]+))?",
// "type": "string"
// }
"function_name": schema.StringAttribute{ /*START ATTRIBUTE*/
- Description: "The name or ARN of the Lambda function.\n **Name formats**\n + *Function name* – ``MyFunction``.\n + *Function ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction``.\n + *Version or Alias ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD``.\n + *Partial ARN* – ``123456789012:function:MyFunction``.\n \n The length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.",
+ Description: "The name or ARN of the Lambda function.\n **Name formats**\n + *Function name* ? ``MyFunction``.\n + *Function ARN* ? ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction``.\n + *Version or Alias ARN* ? ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD``.\n + *Partial ARN* ? ``123456789012:function:MyFunction``.\n \n The length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.",
Required: true,
Validators: []validator.String{ /*START VALIDATORS*/
stringvalidator.LengthBetween(1, 140),
@@ -425,6 +425,28 @@ func eventSourceMappingResource(ctx context.Context) (resource.Resource, error)
stringplanmodifier.UseStateForUnknown(),
}, /*END PLAN MODIFIERS*/
}, /*END ATTRIBUTE*/
+ // Property: KmsKeyArn
+ // CloudFormation resource type schema:
+ //
+ // {
+ // "description": "",
+ // "maxLength": 2048,
+ // "minLength": 12,
+ // "pattern": "(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()",
+ // "type": "string"
+ // }
+ "kms_key_arn": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "",
+ Optional: true,
+ Computed: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.LengthBetween(12, 2048),
+ stringvalidator.RegexMatches(regexp.MustCompile("(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()"), ""),
+ }, /*END VALIDATORS*/
+ PlanModifiers: []planmodifier.String{ /*START PLAN MODIFIERS*/
+ stringplanmodifier.UseStateForUnknown(),
+ }, /*END PLAN MODIFIERS*/
+ }, /*END ATTRIBUTE*/
// Property: MaximumBatchingWindowInSeconds
// CloudFormation resource type schema:
//
@@ -698,7 +720,7 @@ func eventSourceMappingResource(ctx context.Context) (resource.Resource, error)
// "description": "An array of the authentication protocol, VPC components, or virtual host to secure and define your event source.",
// "properties": {
// "Type": {
- // "description": "The type of authentication protocol, VPC components, or virtual host for your event source. For example: ``\"Type\":\"SASL_SCRAM_512_AUTH\"``.\n + ``BASIC_AUTH`` – (Amazon MQ) The ASMlong secret that stores your broker credentials.\n + ``BASIC_AUTH`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.\n + ``VPC_SUBNET`` – (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.\n + ``VPC_SECURITY_GROUP`` – (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_256_AUTH`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_512_AUTH`` – (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.\n + ``VIRTUAL_HOST`` –- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.\n + ``CLIENT_CERTIFICATE_TLS_AUTH`` – (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.\n + ``SERVER_ROOT_CA_CERTIFICATE`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.",
+ // "description": "The type of authentication protocol, VPC components, or virtual host for your event source. For example: ``\"Type\":\"SASL_SCRAM_512_AUTH\"``.\n + ``BASIC_AUTH`` ? (Amazon MQ) The ASMlong secret that stores your broker credentials.\n + ``BASIC_AUTH`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.\n + ``VPC_SUBNET`` ? (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.\n + ``VPC_SECURITY_GROUP`` ? (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_256_AUTH`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_512_AUTH`` ? (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.\n + ``VIRTUAL_HOST`` ?- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.\n + ``CLIENT_CERTIFICATE_TLS_AUTH`` ? (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.\n + ``SERVER_ROOT_CA_CERTIFICATE`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.",
// "enum": [
// "BASIC_AUTH",
// "VPC_SUBNET",
@@ -731,7 +753,7 @@ func eventSourceMappingResource(ctx context.Context) (resource.Resource, error)
Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
// Property: Type
"type": schema.StringAttribute{ /*START ATTRIBUTE*/
- Description: "The type of authentication protocol, VPC components, or virtual host for your event source. For example: ``\"Type\":\"SASL_SCRAM_512_AUTH\"``.\n + ``BASIC_AUTH`` – (Amazon MQ) The ASMlong secret that stores your broker credentials.\n + ``BASIC_AUTH`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.\n + ``VPC_SUBNET`` – (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.\n + ``VPC_SECURITY_GROUP`` – (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_256_AUTH`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_512_AUTH`` – (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.\n + ``VIRTUAL_HOST`` –- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.\n + ``CLIENT_CERTIFICATE_TLS_AUTH`` – (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.\n + ``SERVER_ROOT_CA_CERTIFICATE`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.",
+ Description: "The type of authentication protocol, VPC components, or virtual host for your event source. For example: ``\"Type\":\"SASL_SCRAM_512_AUTH\"``.\n + ``BASIC_AUTH`` ? (Amazon MQ) The ASMlong secret that stores your broker credentials.\n + ``BASIC_AUTH`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.\n + ``VPC_SUBNET`` ? (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.\n + ``VPC_SECURITY_GROUP`` ? (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_256_AUTH`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_512_AUTH`` ? (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.\n + ``VIRTUAL_HOST`` ?- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.\n + ``CLIENT_CERTIFICATE_TLS_AUTH`` ? (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.\n + ``SERVER_ROOT_CA_CERTIFICATE`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.",
Optional: true,
Computed: true,
Validators: []validator.String{ /*START VALIDATORS*/
@@ -909,6 +931,7 @@ func eventSourceMappingResource(ctx context.Context) (resource.Resource, error)
"function_name": "FunctionName",
"function_response_types": "FunctionResponseTypes",
"kafka_bootstrap_servers": "KafkaBootstrapServers",
+ "kms_key_arn": "KmsKeyArn",
"maximum_batching_window_in_seconds": "MaximumBatchingWindowInSeconds",
"maximum_concurrency": "MaximumConcurrency",
"maximum_record_age_in_seconds": "MaximumRecordAgeInSeconds",
diff --git a/internal/aws/lambda/event_source_mapping_singular_data_source_gen.go b/internal/aws/lambda/event_source_mapping_singular_data_source_gen.go
index 06b37f403..5db124ce1 100644
--- a/internal/aws/lambda/event_source_mapping_singular_data_source_gen.go
+++ b/internal/aws/lambda/event_source_mapping_singular_data_source_gen.go
@@ -55,13 +55,13 @@ func eventSourceMappingDataSource(ctx context.Context) (datasource.DataSource, e
// CloudFormation resource type schema:
//
// {
- // "description": "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n + *Amazon Kinesis* – Default 100. Max 10,000.\n + *Amazon DynamoDB Streams* – Default 100. Max 10,000.\n + *Amazon Simple Queue Service* – Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n + *Amazon Managed Streaming for Apache Kafka* – Default 100. Max 10,000.\n + *Self-managed Apache Kafka* – Default 100. Max 10,000.\n + *Amazon MQ (ActiveMQ and RabbitMQ)* – Default 100. Max 10,000.\n + *DocumentDB* – Default 100. Max 10,000.",
+ // "description": "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n + *Amazon Kinesis* ? Default 100. Max 10,000.\n + *Amazon DynamoDB Streams* ? Default 100. Max 10,000.\n + *Amazon Simple Queue Service* ? Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n + *Amazon Managed Streaming for Apache Kafka* ? Default 100. Max 10,000.\n + *Self-managed Apache Kafka* ? Default 100. Max 10,000.\n + *Amazon MQ (ActiveMQ and RabbitMQ)* ? Default 100. Max 10,000.\n + *DocumentDB* ? Default 100. Max 10,000.",
// "maximum": 10000,
// "minimum": 1,
// "type": "integer"
// }
"batch_size": schema.Int64Attribute{ /*START ATTRIBUTE*/
- Description: "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n + *Amazon Kinesis* – Default 100. Max 10,000.\n + *Amazon DynamoDB Streams* – Default 100. Max 10,000.\n + *Amazon Simple Queue Service* – Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n + *Amazon Managed Streaming for Apache Kafka* – Default 100. Max 10,000.\n + *Self-managed Apache Kafka* – Default 100. Max 10,000.\n + *Amazon MQ (ActiveMQ and RabbitMQ)* – Default 100. Max 10,000.\n + *DocumentDB* – Default 100. Max 10,000.",
+ Description: "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n + *Amazon Kinesis* ? Default 100. Max 10,000.\n + *Amazon DynamoDB Streams* ? Default 100. Max 10,000.\n + *Amazon Simple Queue Service* ? Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n + *Amazon Managed Streaming for Apache Kafka* ? Default 100. Max 10,000.\n + *Self-managed Apache Kafka* ? Default 100. Max 10,000.\n + *Amazon MQ (ActiveMQ and RabbitMQ)* ? Default 100. Max 10,000.\n + *DocumentDB* ? Default 100. Max 10,000.",
Computed: true,
}, /*END ATTRIBUTE*/
// Property: BisectBatchOnFunctionError
@@ -183,14 +183,14 @@ func eventSourceMappingDataSource(ctx context.Context) (datasource.DataSource, e
// CloudFormation resource type schema:
//
// {
- // "description": "The Amazon Resource Name (ARN) of the event source.\n + *Amazon Kinesis* – The ARN of the data stream or a stream consumer.\n + *Amazon DynamoDB Streams* – The ARN of the stream.\n + *Amazon Simple Queue Service* – The ARN of the queue.\n + *Amazon Managed Streaming for Apache Kafka* – The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc)).\n + *Amazon MQ* – The ARN of the broker.\n + *Amazon DocumentDB* – The ARN of the DocumentDB change stream.",
+ // "description": "The Amazon Resource Name (ARN) of the event source.\n + *Amazon Kinesis* ? The ARN of the data stream or a stream consumer.\n + *Amazon DynamoDB Streams* ? The ARN of the stream.\n + *Amazon Simple Queue Service* ? The ARN of the queue.\n + *Amazon Managed Streaming for Apache Kafka* ? The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc)).\n + *Amazon MQ* ? The ARN of the broker.\n + *Amazon DocumentDB* ? The ARN of the DocumentDB change stream.",
// "maxLength": 1024,
// "minLength": 12,
// "pattern": "arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-])+:([a-z]{2}(-gov)?(-iso([a-z])?)?-[a-z]+-\\d{1})?:(\\d{12})?:(.*)",
// "type": "string"
// }
"event_source_arn": schema.StringAttribute{ /*START ATTRIBUTE*/
- Description: "The Amazon Resource Name (ARN) of the event source.\n + *Amazon Kinesis* – The ARN of the data stream or a stream consumer.\n + *Amazon DynamoDB Streams* – The ARN of the stream.\n + *Amazon Simple Queue Service* – The ARN of the queue.\n + *Amazon Managed Streaming for Apache Kafka* – The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc)).\n + *Amazon MQ* – The ARN of the broker.\n + *Amazon DocumentDB* – The ARN of the DocumentDB change stream.",
+ Description: "The Amazon Resource Name (ARN) of the event source.\n + *Amazon Kinesis* ? The ARN of the data stream or a stream consumer.\n + *Amazon DynamoDB Streams* ? The ARN of the stream.\n + *Amazon Simple Queue Service* ? The ARN of the queue.\n + *Amazon Managed Streaming for Apache Kafka* ? The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc)).\n + *Amazon MQ* ? The ARN of the broker.\n + *Amazon DocumentDB* ? The ARN of the DocumentDB change stream.",
Computed: true,
}, /*END ATTRIBUTE*/
// Property: FilterCriteria
@@ -248,14 +248,14 @@ func eventSourceMappingDataSource(ctx context.Context) (datasource.DataSource, e
// CloudFormation resource type schema:
//
// {
- // "description": "The name or ARN of the Lambda function.\n **Name formats**\n + *Function name* – ``MyFunction``.\n + *Function ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction``.\n + *Version or Alias ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD``.\n + *Partial ARN* – ``123456789012:function:MyFunction``.\n \n The length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.",
+ // "description": "The name or ARN of the Lambda function.\n **Name formats**\n + *Function name* ? ``MyFunction``.\n + *Function ARN* ? ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction``.\n + *Version or Alias ARN* ? ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD``.\n + *Partial ARN* ? ``123456789012:function:MyFunction``.\n \n The length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.",
// "maxLength": 140,
// "minLength": 1,
// "pattern": "(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?(-iso([a-z])?)?-[a-z]+-\\d{1}:)?(\\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\\$LATEST|[a-zA-Z0-9-_]+))?",
// "type": "string"
// }
"function_name": schema.StringAttribute{ /*START ATTRIBUTE*/
- Description: "The name or ARN of the Lambda function.\n **Name formats**\n + *Function name* – ``MyFunction``.\n + *Function ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction``.\n + *Version or Alias ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD``.\n + *Partial ARN* – ``123456789012:function:MyFunction``.\n \n The length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.",
+ Description: "The name or ARN of the Lambda function.\n **Name formats**\n + *Function name* ? ``MyFunction``.\n + *Function ARN* ? ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction``.\n + *Version or Alias ARN* ? ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD``.\n + *Partial ARN* ? ``123456789012:function:MyFunction``.\n \n The length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.",
Computed: true,
}, /*END ATTRIBUTE*/
// Property: FunctionResponseTypes
@@ -293,6 +293,20 @@ func eventSourceMappingDataSource(ctx context.Context) (datasource.DataSource, e
Description: "",
Computed: true,
}, /*END ATTRIBUTE*/
+ // Property: KmsKeyArn
+ // CloudFormation resource type schema:
+ //
+ // {
+ // "description": "",
+ // "maxLength": 2048,
+ // "minLength": 12,
+ // "pattern": "(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()",
+ // "type": "string"
+ // }
+ "kms_key_arn": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
// Property: MaximumBatchingWindowInSeconds
// CloudFormation resource type schema:
//
@@ -481,7 +495,7 @@ func eventSourceMappingDataSource(ctx context.Context) (datasource.DataSource, e
// "description": "An array of the authentication protocol, VPC components, or virtual host to secure and define your event source.",
// "properties": {
// "Type": {
- // "description": "The type of authentication protocol, VPC components, or virtual host for your event source. For example: ``\"Type\":\"SASL_SCRAM_512_AUTH\"``.\n + ``BASIC_AUTH`` – (Amazon MQ) The ASMlong secret that stores your broker credentials.\n + ``BASIC_AUTH`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.\n + ``VPC_SUBNET`` – (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.\n + ``VPC_SECURITY_GROUP`` – (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_256_AUTH`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_512_AUTH`` – (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.\n + ``VIRTUAL_HOST`` –- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.\n + ``CLIENT_CERTIFICATE_TLS_AUTH`` – (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.\n + ``SERVER_ROOT_CA_CERTIFICATE`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.",
+ // "description": "The type of authentication protocol, VPC components, or virtual host for your event source. For example: ``\"Type\":\"SASL_SCRAM_512_AUTH\"``.\n + ``BASIC_AUTH`` ? (Amazon MQ) The ASMlong secret that stores your broker credentials.\n + ``BASIC_AUTH`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.\n + ``VPC_SUBNET`` ? (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.\n + ``VPC_SECURITY_GROUP`` ? (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_256_AUTH`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_512_AUTH`` ? (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.\n + ``VIRTUAL_HOST`` ?- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.\n + ``CLIENT_CERTIFICATE_TLS_AUTH`` ? (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.\n + ``SERVER_ROOT_CA_CERTIFICATE`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.",
// "enum": [
// "BASIC_AUTH",
// "VPC_SUBNET",
@@ -514,7 +528,7 @@ func eventSourceMappingDataSource(ctx context.Context) (datasource.DataSource, e
Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
// Property: Type
"type": schema.StringAttribute{ /*START ATTRIBUTE*/
- Description: "The type of authentication protocol, VPC components, or virtual host for your event source. For example: ``\"Type\":\"SASL_SCRAM_512_AUTH\"``.\n + ``BASIC_AUTH`` – (Amazon MQ) The ASMlong secret that stores your broker credentials.\n + ``BASIC_AUTH`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.\n + ``VPC_SUBNET`` – (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.\n + ``VPC_SECURITY_GROUP`` – (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_256_AUTH`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_512_AUTH`` – (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.\n + ``VIRTUAL_HOST`` –- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.\n + ``CLIENT_CERTIFICATE_TLS_AUTH`` – (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.\n + ``SERVER_ROOT_CA_CERTIFICATE`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.",
+ Description: "The type of authentication protocol, VPC components, or virtual host for your event source. For example: ``\"Type\":\"SASL_SCRAM_512_AUTH\"``.\n + ``BASIC_AUTH`` ? (Amazon MQ) The ASMlong secret that stores your broker credentials.\n + ``BASIC_AUTH`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.\n + ``VPC_SUBNET`` ? (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.\n + ``VPC_SECURITY_GROUP`` ? (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_256_AUTH`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_512_AUTH`` ? (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.\n + ``VIRTUAL_HOST`` ?- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.\n + ``CLIENT_CERTIFICATE_TLS_AUTH`` ? (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.\n + ``SERVER_ROOT_CA_CERTIFICATE`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.",
Computed: true,
}, /*END ATTRIBUTE*/
// Property: URI
@@ -622,6 +636,7 @@ func eventSourceMappingDataSource(ctx context.Context) (datasource.DataSource, e
"function_name": "FunctionName",
"function_response_types": "FunctionResponseTypes",
"kafka_bootstrap_servers": "KafkaBootstrapServers",
+ "kms_key_arn": "KmsKeyArn",
"maximum_batching_window_in_seconds": "MaximumBatchingWindowInSeconds",
"maximum_concurrency": "MaximumConcurrency",
"maximum_record_age_in_seconds": "MaximumRecordAgeInSeconds",
diff --git a/internal/aws/s3/bucket_resource_gen.go b/internal/aws/s3/bucket_resource_gen.go
index 99015cb97..0ab998786 100644
--- a/internal/aws/s3/bucket_resource_gen.go
+++ b/internal/aws/s3/bucket_resource_gen.go
@@ -370,7 +370,7 @@ func bucketResource(ctx context.Context) (resource.Resource, error) {
// "insertionOrder": true,
// "items": {
// "additionalProperties": false,
- // "description": "Specifies the default server-side encryption configuration.",
+ // "description": "Specifies the default server-side encryption configuration.\n If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the requester’s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner.",
// "properties": {
// "BucketKeyEnabled": {
// "description": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the ``BucketKeyEnabled`` element to ``true`` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.\n For more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) in the *Amazon S3 User Guide*.",
@@ -381,11 +381,6 @@ func bucketResource(ctx context.Context) (resource.Resource, error) {
// "description": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.",
// "properties": {
// "KMSMasterKeyID": {
- // "anyOf": [
- // {},
- // {},
- // {}
- // ],
// "description": "AWS Key Management Service (KMS) customer AWS KMS key ID to use for the default encryption. This parameter is allowed if and only if ``SSEAlgorithm`` is set to ``aws:kms`` or ``aws:kms:dsse``.\n You can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key.\n + Key ID: ``1234abcd-12ab-34cd-56ef-1234567890ab`` \n + Key ARN: ``arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`` \n + Key Alias: ``alias/alias-name`` \n \n If you use a key ID, you can run into a LogDestination undeliverable error when creating a VPC flow log. \n If you are using encryption with cross-account or AWS service operations you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy).\n Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *Key Management Service Developer Guide*.",
// "type": "string"
// },
@@ -1808,7 +1803,7 @@ func bucketResource(ctx context.Context) (resource.Resource, error) {
// "description": "Amazon S3 keys for log objects are partitioned in the following format:\n ``[DestinationPrefix][SourceAccountId]/[SourceRegion]/[SourceBucket]/[YYYY]/[MM]/[DD]/[YYYY]-[MM]-[DD]-[hh]-[mm]-[ss]-[UniqueString]`` \n PartitionedPrefix defaults to EventTime delivery when server access logs are delivered.",
// "properties": {
// "PartitionDateSource": {
- // "description": "Specifies the partition date source for the partitioned prefix. PartitionDateSource can be EventTime or DeliveryTime.",
+ // "description": "Specifies the partition date source for the partitioned prefix. ``PartitionDateSource`` can be ``EventTime`` or ``DeliveryTime``.\n For ``DeliveryTime``, the time in the log file names corresponds to the delivery time for the log files. \n For ``EventTime``, The logs delivered are for a specific day only. The year, month, and day correspond to the day on which the event occurred, and the hour, minutes and seconds are set to 00 in the key.",
// "enum": [
// "EventTime",
// "DeliveryTime"
@@ -1857,7 +1852,7 @@ func bucketResource(ctx context.Context) (resource.Resource, error) {
Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
// Property: PartitionDateSource
"partition_date_source": schema.StringAttribute{ /*START ATTRIBUTE*/
- Description: "Specifies the partition date source for the partitioned prefix. PartitionDateSource can be EventTime or DeliveryTime.",
+ Description: "Specifies the partition date source for the partitioned prefix. ``PartitionDateSource`` can be ``EventTime`` or ``DeliveryTime``.\n For ``DeliveryTime``, the time in the log file names corresponds to the delivery time for the log files. \n For ``EventTime``, The logs delivered are for a specific day only. The year, month, and day correspond to the day on which the event occurred, and the hour, minutes and seconds are set to 00 in the key.",
Optional: true,
Computed: true,
Validators: []validator.String{ /*START VALIDATORS*/
@@ -3541,7 +3536,7 @@ func bucketResource(ctx context.Context) (resource.Resource, error) {
//
// {
// "additionalProperties": false,
- // "description": "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.",
+ // "description": "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.\n When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (``PUT`` or ``DELETE``) on objects in the bucket.",
// "properties": {
// "Status": {
// "default": "Suspended",
@@ -3577,7 +3572,7 @@ func bucketResource(ctx context.Context) (resource.Resource, error) {
}, /*END PLAN MODIFIERS*/
}, /*END ATTRIBUTE*/
}, /*END SCHEMA*/
- Description: "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.",
+ Description: "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.\n When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (``PUT`` or ``DELETE``) on objects in the bucket.",
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.Object{ /*START PLAN MODIFIERS*/
diff --git a/internal/aws/s3/bucket_singular_data_source_gen.go b/internal/aws/s3/bucket_singular_data_source_gen.go
index c82ba969d..8a77e245f 100644
--- a/internal/aws/s3/bucket_singular_data_source_gen.go
+++ b/internal/aws/s3/bucket_singular_data_source_gen.go
@@ -290,7 +290,7 @@ func bucketDataSource(ctx context.Context) (datasource.DataSource, error) {
// "insertionOrder": true,
// "items": {
// "additionalProperties": false,
- // "description": "Specifies the default server-side encryption configuration.",
+ // "description": "Specifies the default server-side encryption configuration.\n If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the requester’s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner.",
// "properties": {
// "BucketKeyEnabled": {
// "description": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the ``BucketKeyEnabled`` element to ``true`` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.\n For more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) in the *Amazon S3 User Guide*.",
@@ -301,11 +301,6 @@ func bucketDataSource(ctx context.Context) (datasource.DataSource, error) {
// "description": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.",
// "properties": {
// "KMSMasterKeyID": {
- // "anyOf": [
- // {},
- // {},
- // {}
- // ],
// "description": "AWS Key Management Service (KMS) customer AWS KMS key ID to use for the default encryption. This parameter is allowed if and only if ``SSEAlgorithm`` is set to ``aws:kms`` or ``aws:kms:dsse``.\n You can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key.\n + Key ID: ``1234abcd-12ab-34cd-56ef-1234567890ab`` \n + Key ARN: ``arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`` \n + Key Alias: ``alias/alias-name`` \n \n If you use a key ID, you can run into a LogDestination undeliverable error when creating a VPC flow log. \n If you are using encryption with cross-account or AWS service operations you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy).\n Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *Key Management Service Developer Guide*.",
// "type": "string"
// },
@@ -1367,7 +1362,7 @@ func bucketDataSource(ctx context.Context) (datasource.DataSource, error) {
// "description": "Amazon S3 keys for log objects are partitioned in the following format:\n ``[DestinationPrefix][SourceAccountId]/[SourceRegion]/[SourceBucket]/[YYYY]/[MM]/[DD]/[YYYY]-[MM]-[DD]-[hh]-[mm]-[ss]-[UniqueString]`` \n PartitionedPrefix defaults to EventTime delivery when server access logs are delivered.",
// "properties": {
// "PartitionDateSource": {
- // "description": "Specifies the partition date source for the partitioned prefix. PartitionDateSource can be EventTime or DeliveryTime.",
+ // "description": "Specifies the partition date source for the partitioned prefix. ``PartitionDateSource`` can be ``EventTime`` or ``DeliveryTime``.\n For ``DeliveryTime``, the time in the log file names corresponds to the delivery time for the log files. \n For ``EventTime``, The logs delivered are for a specific day only. The year, month, and day correspond to the day on which the event occurred, and the hour, minutes and seconds are set to 00 in the key.",
// "enum": [
// "EventTime",
// "DeliveryTime"
@@ -1408,7 +1403,7 @@ func bucketDataSource(ctx context.Context) (datasource.DataSource, error) {
Attributes: map[string]schema.Attribute{ /*START SCHEMA*/
// Property: PartitionDateSource
"partition_date_source": schema.StringAttribute{ /*START ATTRIBUTE*/
- Description: "Specifies the partition date source for the partitioned prefix. PartitionDateSource can be EventTime or DeliveryTime.",
+ Description: "Specifies the partition date source for the partitioned prefix. ``PartitionDateSource`` can be ``EventTime`` or ``DeliveryTime``.\n For ``DeliveryTime``, the time in the log file names corresponds to the delivery time for the log files. \n For ``EventTime``, The logs delivered are for a specific day only. The year, month, and day correspond to the day on which the event occurred, and the hour, minutes and seconds are set to 00 in the key.",
Computed: true,
}, /*END ATTRIBUTE*/
}, /*END SCHEMA*/
@@ -2751,7 +2746,7 @@ func bucketDataSource(ctx context.Context) (datasource.DataSource, error) {
//
// {
// "additionalProperties": false,
- // "description": "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.",
+ // "description": "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.\n When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (``PUT`` or ``DELETE``) on objects in the bucket.",
// "properties": {
// "Status": {
// "default": "Suspended",
@@ -2776,7 +2771,7 @@ func bucketDataSource(ctx context.Context) (datasource.DataSource, error) {
Computed: true,
}, /*END ATTRIBUTE*/
}, /*END SCHEMA*/
- Description: "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.",
+ Description: "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.\n When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (``PUT`` or ``DELETE``) on objects in the bucket.",
Computed: true,
}, /*END ATTRIBUTE*/
// Property: WebsiteConfiguration
diff --git a/internal/aws/signer/signing_profile_resource_gen.go b/internal/aws/signer/signing_profile_resource_gen.go
index 90f813e17..71bee5787 100644
--- a/internal/aws/signer/signing_profile_resource_gen.go
+++ b/internal/aws/signer/signing_profile_resource_gen.go
@@ -75,7 +75,7 @@ func signingProfileResource(ctx context.Context) (resource.Resource, error) {
// "description": "A name for the signing profile. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the signing profile name. ",
// "maxLength": 64,
// "minLength": 2,
- // "pattern": "^[0-9a-zA-Z_]$",
+ // "pattern": "^[0-9a-zA-Z_]{2,64}$",
// "type": "string"
// }
"profile_name": schema.StringAttribute{ /*START ATTRIBUTE*/
diff --git a/internal/aws/signer/signing_profile_singular_data_source_gen.go b/internal/aws/signer/signing_profile_singular_data_source_gen.go
index f9136a272..3a81a294e 100644
--- a/internal/aws/signer/signing_profile_singular_data_source_gen.go
+++ b/internal/aws/signer/signing_profile_singular_data_source_gen.go
@@ -56,7 +56,7 @@ func signingProfileDataSource(ctx context.Context) (datasource.DataSource, error
// "description": "A name for the signing profile. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the signing profile name. ",
// "maxLength": 64,
// "minLength": 2,
- // "pattern": "^[0-9a-zA-Z_]$",
+ // "pattern": "^[0-9a-zA-Z_]{2,64}$",
// "type": "string"
// }
"profile_name": schema.StringAttribute{ /*START ATTRIBUTE*/
diff --git a/internal/aws/systemsmanagersap/application_resource_gen.go b/internal/aws/systemsmanagersap/application_resource_gen.go
index 830c28784..24fbaaebf 100644
--- a/internal/aws/systemsmanagersap/application_resource_gen.go
+++ b/internal/aws/systemsmanagersap/application_resource_gen.go
@@ -34,13 +34,13 @@ func applicationResource(ctx context.Context) (resource.Resource, error) {
// CloudFormation resource type schema:
//
// {
- // "pattern": "[\\w\\d]{1,50}",
+ // "pattern": "[\\w\\d\\.-]{1,60}",
// "type": "string"
// }
"application_id": schema.StringAttribute{ /*START ATTRIBUTE*/
Required: true,
Validators: []validator.String{ /*START VALIDATORS*/
- stringvalidator.RegexMatches(regexp.MustCompile("[\\w\\d]{1,50}"), ""),
+ stringvalidator.RegexMatches(regexp.MustCompile("[\\w\\d\\.-]{1,60}"), ""),
}, /*END VALIDATORS*/
}, /*END ATTRIBUTE*/
// Property: ApplicationType
@@ -48,7 +48,8 @@ func applicationResource(ctx context.Context) (resource.Resource, error) {
//
// {
// "enum": [
- // "HANA"
+ // "HANA",
+ // "SAP_ABAP"
// ],
// "type": "string"
// }
@@ -57,6 +58,7 @@ func applicationResource(ctx context.Context) (resource.Resource, error) {
Validators: []validator.String{ /*START VALIDATORS*/
stringvalidator.OneOf(
"HANA",
+ "SAP_ABAP",
),
}, /*END VALIDATORS*/
}, /*END ATTRIBUTE*/
@@ -64,12 +66,12 @@ func applicationResource(ctx context.Context) (resource.Resource, error) {
// CloudFormation resource type schema:
//
// {
- // "description": "The ARN of the Helix application",
+ // "description": "The ARN of the SSM-SAP application",
// "pattern": "^arn:(.+:){2,4}.+$|^arn:(.+:){1,3}.+\\/.+$",
// "type": "string"
// }
"arn": schema.StringAttribute{ /*START ATTRIBUTE*/
- Description: "The ARN of the Helix application",
+ Description: "The ARN of the SSM-SAP application",
Computed: true,
PlanModifiers: []planmodifier.String{ /*START PLAN MODIFIERS*/
stringplanmodifier.UseStateForUnknown(),
@@ -148,6 +150,27 @@ func applicationResource(ctx context.Context) (resource.Resource, error) {
}, /*END PLAN MODIFIERS*/
// Credentials is a write-only property.
}, /*END ATTRIBUTE*/
+ // Property: DatabaseArn
+ // CloudFormation resource type schema:
+ //
+ // {
+ // "description": "The ARN of the SAP HANA database",
+ // "pattern": "^arn:(.+:){2,4}.+$|^arn:(.+:){1,3}.+\\/.+$",
+ // "type": "string"
+ // }
+ "database_arn": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The ARN of the SAP HANA database",
+ Optional: true,
+ Computed: true,
+ Validators: []validator.String{ /*START VALIDATORS*/
+ stringvalidator.RegexMatches(regexp.MustCompile("^arn:(.+:){2,4}.+$|^arn:(.+:){1,3}.+\\/.+$"), ""),
+ }, /*END VALIDATORS*/
+ PlanModifiers: []planmodifier.String{ /*START PLAN MODIFIERS*/
+ stringplanmodifier.UseStateForUnknown(),
+ stringplanmodifier.RequiresReplaceIfConfigured(),
+ }, /*END PLAN MODIFIERS*/
+ // DatabaseArn is a write-only property.
+ }, /*END ATTRIBUTE*/
// Property: Instances
// CloudFormation resource type schema:
//
@@ -300,6 +323,7 @@ func applicationResource(ctx context.Context) (resource.Resource, error) {
"arn": "Arn",
"credential_type": "CredentialType",
"credentials": "Credentials",
+ "database_arn": "DatabaseArn",
"database_name": "DatabaseName",
"instances": "Instances",
"key": "Key",
@@ -315,6 +339,7 @@ func applicationResource(ctx context.Context) (resource.Resource, error) {
"/properties/Instances",
"/properties/SapInstanceNumber",
"/properties/Sid",
+ "/properties/DatabaseArn",
})
opts = opts.WithCreateTimeoutInMinutes(0).WithDeleteTimeoutInMinutes(0)
diff --git a/internal/aws/systemsmanagersap/application_singular_data_source_gen.go b/internal/aws/systemsmanagersap/application_singular_data_source_gen.go
index 5aa131718..80d2ef3e1 100644
--- a/internal/aws/systemsmanagersap/application_singular_data_source_gen.go
+++ b/internal/aws/systemsmanagersap/application_singular_data_source_gen.go
@@ -27,7 +27,7 @@ func applicationDataSource(ctx context.Context) (datasource.DataSource, error) {
// CloudFormation resource type schema:
//
// {
- // "pattern": "[\\w\\d]{1,50}",
+ // "pattern": "[\\w\\d\\.-]{1,60}",
// "type": "string"
// }
"application_id": schema.StringAttribute{ /*START ATTRIBUTE*/
@@ -38,7 +38,8 @@ func applicationDataSource(ctx context.Context) (datasource.DataSource, error) {
//
// {
// "enum": [
- // "HANA"
+ // "HANA",
+ // "SAP_ABAP"
// ],
// "type": "string"
// }
@@ -49,12 +50,12 @@ func applicationDataSource(ctx context.Context) (datasource.DataSource, error) {
// CloudFormation resource type schema:
//
// {
- // "description": "The ARN of the Helix application",
+ // "description": "The ARN of the SSM-SAP application",
// "pattern": "^arn:(.+:){2,4}.+$|^arn:(.+:){1,3}.+\\/.+$",
// "type": "string"
// }
"arn": schema.StringAttribute{ /*START ATTRIBUTE*/
- Description: "The ARN of the Helix application",
+ Description: "The ARN of the SSM-SAP application",
Computed: true,
}, /*END ATTRIBUTE*/
// Property: Credentials
@@ -104,6 +105,18 @@ func applicationDataSource(ctx context.Context) (datasource.DataSource, error) {
}, /*END NESTED OBJECT*/
Computed: true,
}, /*END ATTRIBUTE*/
+ // Property: DatabaseArn
+ // CloudFormation resource type schema:
+ //
+ // {
+ // "description": "The ARN of the SAP HANA database",
+ // "pattern": "^arn:(.+:){2,4}.+$|^arn:(.+:){1,3}.+\\/.+$",
+ // "type": "string"
+ // }
+ "database_arn": schema.StringAttribute{ /*START ATTRIBUTE*/
+ Description: "The ARN of the SAP HANA database",
+ Computed: true,
+ }, /*END ATTRIBUTE*/
// Property: Instances
// CloudFormation resource type schema:
//
@@ -211,6 +224,7 @@ func applicationDataSource(ctx context.Context) (datasource.DataSource, error) {
"arn": "Arn",
"credential_type": "CredentialType",
"credentials": "Credentials",
+ "database_arn": "DatabaseArn",
"database_name": "DatabaseName",
"instances": "Instances",
"key": "Key",
diff --git a/internal/aws/timestream/influx_db_instance_resource_gen.go b/internal/aws/timestream/influx_db_instance_resource_gen.go
index a2cd2cb86..7e53bf37d 100644
--- a/internal/aws/timestream/influx_db_instance_resource_gen.go
+++ b/internal/aws/timestream/influx_db_instance_resource_gen.go
@@ -7,6 +7,8 @@ package timestream
import (
"context"
+ "regexp"
+
"github.com/hashicorp/terraform-plugin-framework-validators/int64validator"
"github.com/hashicorp/terraform-plugin-framework-validators/listvalidator"
"github.com/hashicorp/terraform-plugin-framework-validators/setvalidator"
@@ -25,7 +27,6 @@ import (
"github.com/hashicorp/terraform-plugin-framework/types"
"github.com/hashicorp/terraform-provider-awscc/internal/generic"
"github.com/hashicorp/terraform-provider-awscc/internal/registry"
- "regexp"
)
func init() {
diff --git a/internal/aws/vpclattice/auth_policy_resource_gen.go b/internal/aws/vpclattice/auth_policy_resource_gen.go
index 91eba3336..7b96e599a 100644
--- a/internal/aws/vpclattice/auth_policy_resource_gen.go
+++ b/internal/aws/vpclattice/auth_policy_resource_gen.go
@@ -43,14 +43,14 @@ func authPolicyResource(ctx context.Context) (resource.Resource, error) {
//
// {
// "maxLength": 200,
- // "minLength": 21,
+ // "minLength": 17,
// "pattern": "^((((sn)|(svc))-[0-9a-z]{17})|(arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:((servicenetwork/sn)|(service/svc))-[0-9a-z]{17}))$",
// "type": "string"
// }
"resource_identifier": schema.StringAttribute{ /*START ATTRIBUTE*/
Required: true,
Validators: []validator.String{ /*START VALIDATORS*/
- stringvalidator.LengthBetween(21, 200),
+ stringvalidator.LengthBetween(17, 200),
stringvalidator.RegexMatches(regexp.MustCompile("^((((sn)|(svc))-[0-9a-z]{17})|(arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:((servicenetwork/sn)|(service/svc))-[0-9a-z]{17}))$"), ""),
}, /*END VALIDATORS*/
PlanModifiers: []planmodifier.String{ /*START PLAN MODIFIERS*/
diff --git a/internal/aws/vpclattice/auth_policy_singular_data_source_gen.go b/internal/aws/vpclattice/auth_policy_singular_data_source_gen.go
index be37c3d0b..67977c456 100644
--- a/internal/aws/vpclattice/auth_policy_singular_data_source_gen.go
+++ b/internal/aws/vpclattice/auth_policy_singular_data_source_gen.go
@@ -38,7 +38,7 @@ func authPolicyDataSource(ctx context.Context) (datasource.DataSource, error) {
//
// {
// "maxLength": 200,
- // "minLength": 21,
+ // "minLength": 17,
// "pattern": "^((((sn)|(svc))-[0-9a-z]{17})|(arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:((servicenetwork/sn)|(service/svc))-[0-9a-z]{17}))$",
// "type": "string"
// }
diff --git a/internal/provider/generators/allschemas/available_schemas.2024-08-14.hcl b/internal/provider/generators/allschemas/available_schemas.2024-08-14.hcl
new file mode 100644
index 000000000..a88997694
--- /dev/null
+++ b/internal/provider/generators/allschemas/available_schemas.2024-08-14.hcl
@@ -0,0 +1,4400 @@
+# 1037 CloudFormation resource types schemas are available for use with the Cloud Control API.
+
+resource_schema "aws_acmpca_certificate" {
+ cloudformation_type_name = "AWS::ACMPCA::Certificate"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_acmpca_certificate_authority" {
+ cloudformation_type_name = "AWS::ACMPCA::CertificateAuthority"
+}
+
+resource_schema "aws_acmpca_certificate_authority_activation" {
+ cloudformation_type_name = "AWS::ACMPCA::CertificateAuthorityActivation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_acmpca_permission" {
+ cloudformation_type_name = "AWS::ACMPCA::Permission"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_aps_rule_groups_namespace" {
+ cloudformation_type_name = "AWS::APS::RuleGroupsNamespace"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_aps_scraper" {
+ cloudformation_type_name = "AWS::APS::Scraper"
+}
+
+resource_schema "aws_aps_workspace" {
+ cloudformation_type_name = "AWS::APS::Workspace"
+}
+
+resource_schema "aws_arczonalshift_autoshift_observer_notification_status" {
+ cloudformation_type_name = "AWS::ARCZonalShift::AutoshiftObserverNotificationStatus"
+}
+
+resource_schema "aws_arczonalshift_zonal_autoshift_configuration" {
+ cloudformation_type_name = "AWS::ARCZonalShift::ZonalAutoshiftConfiguration"
+}
+
+resource_schema "aws_accessanalyzer_analyzer" {
+ cloudformation_type_name = "AWS::AccessAnalyzer::Analyzer"
+}
+
+resource_schema "aws_amplify_app" {
+ cloudformation_type_name = "AWS::Amplify::App"
+}
+
+resource_schema "aws_amplify_branch" {
+ cloudformation_type_name = "AWS::Amplify::Branch"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_amplify_domain" {
+ cloudformation_type_name = "AWS::Amplify::Domain"
+}
+
+resource_schema "aws_amplifyuibuilder_component" {
+ cloudformation_type_name = "AWS::AmplifyUIBuilder::Component"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_amplifyuibuilder_form" {
+ cloudformation_type_name = "AWS::AmplifyUIBuilder::Form"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_amplifyuibuilder_theme" {
+ cloudformation_type_name = "AWS::AmplifyUIBuilder::Theme"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_apigateway_account" {
+ cloudformation_type_name = "AWS::ApiGateway::Account"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_apigateway_api_key" {
+ cloudformation_type_name = "AWS::ApiGateway::ApiKey"
+}
+
+resource_schema "aws_apigateway_authorizer" {
+ cloudformation_type_name = "AWS::ApiGateway::Authorizer"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_apigateway_base_path_mapping" {
+ cloudformation_type_name = "AWS::ApiGateway::BasePathMapping"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_apigateway_client_certificate" {
+ cloudformation_type_name = "AWS::ApiGateway::ClientCertificate"
+}
+
+resource_schema "aws_apigateway_deployment" {
+ cloudformation_type_name = "AWS::ApiGateway::Deployment"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_apigateway_documentation_part" {
+ cloudformation_type_name = "AWS::ApiGateway::DocumentationPart"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_apigateway_documentation_version" {
+ cloudformation_type_name = "AWS::ApiGateway::DocumentationVersion"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_apigateway_domain_name" {
+ cloudformation_type_name = "AWS::ApiGateway::DomainName"
+}
+
+resource_schema "aws_apigateway_gateway_response" {
+ cloudformation_type_name = "AWS::ApiGateway::GatewayResponse"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_apigateway_method" {
+ cloudformation_type_name = "AWS::ApiGateway::Method"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_apigateway_model" {
+ cloudformation_type_name = "AWS::ApiGateway::Model"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_apigateway_request_validator" {
+ cloudformation_type_name = "AWS::ApiGateway::RequestValidator"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_apigateway_resource" {
+ cloudformation_type_name = "AWS::ApiGateway::Resource"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_apigateway_rest_api" {
+ cloudformation_type_name = "AWS::ApiGateway::RestApi"
+}
+
+resource_schema "aws_apigateway_stage" {
+ cloudformation_type_name = "AWS::ApiGateway::Stage"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_apigateway_usage_plan" {
+ cloudformation_type_name = "AWS::ApiGateway::UsagePlan"
+}
+
+resource_schema "aws_apigateway_usage_plan_key" {
+ cloudformation_type_name = "AWS::ApiGateway::UsagePlanKey"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_apigateway_vpc_link" {
+ cloudformation_type_name = "AWS::ApiGateway::VpcLink"
+}
+
+resource_schema "aws_apigatewayv2_api" {
+ cloudformation_type_name = "AWS::ApiGatewayV2::Api"
+}
+
+resource_schema "aws_apigatewayv2_api_mapping" {
+ cloudformation_type_name = "AWS::ApiGatewayV2::ApiMapping"
+}
+
+resource_schema "aws_apigatewayv2_authorizer" {
+ cloudformation_type_name = "AWS::ApiGatewayV2::Authorizer"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_apigatewayv2_deployment" {
+ cloudformation_type_name = "AWS::ApiGatewayV2::Deployment"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_apigatewayv2_domain_name" {
+ cloudformation_type_name = "AWS::ApiGatewayV2::DomainName"
+}
+
+resource_schema "aws_apigatewayv2_integration_response" {
+ cloudformation_type_name = "AWS::ApiGatewayV2::IntegrationResponse"
+}
+
+resource_schema "aws_apigatewayv2_model" {
+ cloudformation_type_name = "AWS::ApiGatewayV2::Model"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_apigatewayv2_route" {
+ cloudformation_type_name = "AWS::ApiGatewayV2::Route"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_apigatewayv2_route_response" {
+ cloudformation_type_name = "AWS::ApiGatewayV2::RouteResponse"
+}
+
+resource_schema "aws_apigatewayv2_vpc_link" {
+ cloudformation_type_name = "AWS::ApiGatewayV2::VpcLink"
+}
+
+resource_schema "aws_appconfig_application" {
+ cloudformation_type_name = "AWS::AppConfig::Application"
+}
+
+resource_schema "aws_appconfig_configuration_profile" {
+ cloudformation_type_name = "AWS::AppConfig::ConfigurationProfile"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_appconfig_environment" {
+ cloudformation_type_name = "AWS::AppConfig::Environment"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_appconfig_extension" {
+ cloudformation_type_name = "AWS::AppConfig::Extension"
+}
+
+resource_schema "aws_appconfig_extension_association" {
+ cloudformation_type_name = "AWS::AppConfig::ExtensionAssociation"
+}
+
+resource_schema "aws_appconfig_hosted_configuration_version" {
+ cloudformation_type_name = "AWS::AppConfig::HostedConfigurationVersion"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_appflow_connector" {
+ cloudformation_type_name = "AWS::AppFlow::Connector"
+}
+
+resource_schema "aws_appflow_connector_profile" {
+ cloudformation_type_name = "AWS::AppFlow::ConnectorProfile"
+}
+
+resource_schema "aws_appflow_flow" {
+ cloudformation_type_name = "AWS::AppFlow::Flow"
+}
+
+resource_schema "aws_appintegrations_application" {
+ cloudformation_type_name = "AWS::AppIntegrations::Application"
+}
+
+resource_schema "aws_appintegrations_data_integration" {
+ cloudformation_type_name = "AWS::AppIntegrations::DataIntegration"
+}
+
+resource_schema "aws_appintegrations_event_integration" {
+ cloudformation_type_name = "AWS::AppIntegrations::EventIntegration"
+}
+
+resource_schema "aws_apprunner_auto_scaling_configuration" {
+ cloudformation_type_name = "AWS::AppRunner::AutoScalingConfiguration"
+}
+
+resource_schema "aws_apprunner_observability_configuration" {
+ cloudformation_type_name = "AWS::AppRunner::ObservabilityConfiguration"
+}
+
+resource_schema "aws_apprunner_service" {
+ cloudformation_type_name = "AWS::AppRunner::Service"
+}
+
+resource_schema "aws_apprunner_vpc_connector" {
+ cloudformation_type_name = "AWS::AppRunner::VpcConnector"
+}
+
+resource_schema "aws_apprunner_vpc_ingress_connection" {
+ cloudformation_type_name = "AWS::AppRunner::VpcIngressConnection"
+}
+
+resource_schema "aws_appstream_app_block" {
+ cloudformation_type_name = "AWS::AppStream::AppBlock"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_appstream_app_block_builder" {
+ cloudformation_type_name = "AWS::AppStream::AppBlockBuilder"
+}
+
+resource_schema "aws_appstream_application" {
+ cloudformation_type_name = "AWS::AppStream::Application"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_appstream_application_entitlement_association" {
+ cloudformation_type_name = "AWS::AppStream::ApplicationEntitlementAssociation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_appstream_application_fleet_association" {
+ cloudformation_type_name = "AWS::AppStream::ApplicationFleetAssociation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_appstream_directory_config" {
+ cloudformation_type_name = "AWS::AppStream::DirectoryConfig"
+}
+
+resource_schema "aws_appstream_entitlement" {
+ cloudformation_type_name = "AWS::AppStream::Entitlement"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_appstream_image_builder" {
+ cloudformation_type_name = "AWS::AppStream::ImageBuilder"
+}
+
+resource_schema "aws_appsync_domain_name" {
+ cloudformation_type_name = "AWS::AppSync::DomainName"
+}
+
+resource_schema "aws_appsync_domain_name_api_association" {
+ cloudformation_type_name = "AWS::AppSync::DomainNameApiAssociation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_appsync_function_configuration" {
+ cloudformation_type_name = "AWS::AppSync::FunctionConfiguration"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_appsync_resolver" {
+ cloudformation_type_name = "AWS::AppSync::Resolver"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_appsync_source_api_association" {
+ cloudformation_type_name = "AWS::AppSync::SourceApiAssociation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_apptest_test_case" {
+ cloudformation_type_name = "AWS::AppTest::TestCase"
+}
+
+resource_schema "aws_applicationautoscaling_scalable_target" {
+ cloudformation_type_name = "AWS::ApplicationAutoScaling::ScalableTarget"
+}
+
+resource_schema "aws_applicationautoscaling_scaling_policy" {
+ cloudformation_type_name = "AWS::ApplicationAutoScaling::ScalingPolicy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_applicationinsights_application" {
+ cloudformation_type_name = "AWS::ApplicationInsights::Application"
+}
+
+resource_schema "aws_applicationsignals_service_level_objective" {
+ cloudformation_type_name = "AWS::ApplicationSignals::ServiceLevelObjective"
+}
+
+resource_schema "aws_athena_capacity_reservation" {
+ cloudformation_type_name = "AWS::Athena::CapacityReservation"
+}
+
+resource_schema "aws_athena_data_catalog" {
+ cloudformation_type_name = "AWS::Athena::DataCatalog"
+}
+
+resource_schema "aws_athena_named_query" {
+ cloudformation_type_name = "AWS::Athena::NamedQuery"
+}
+
+resource_schema "aws_athena_prepared_statement" {
+ cloudformation_type_name = "AWS::Athena::PreparedStatement"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_athena_work_group" {
+ cloudformation_type_name = "AWS::Athena::WorkGroup"
+}
+
+resource_schema "aws_auditmanager_assessment" {
+ cloudformation_type_name = "AWS::AuditManager::Assessment"
+}
+
+resource_schema "aws_autoscaling_auto_scaling_group" {
+ cloudformation_type_name = "AWS::AutoScaling::AutoScalingGroup"
+}
+
+resource_schema "aws_autoscaling_launch_configuration" {
+ cloudformation_type_name = "AWS::AutoScaling::LaunchConfiguration"
+}
+
+resource_schema "aws_autoscaling_lifecycle_hook" {
+ cloudformation_type_name = "AWS::AutoScaling::LifecycleHook"
+}
+
+resource_schema "aws_autoscaling_scaling_policy" {
+ cloudformation_type_name = "AWS::AutoScaling::ScalingPolicy"
+}
+
+resource_schema "aws_autoscaling_scheduled_action" {
+ cloudformation_type_name = "AWS::AutoScaling::ScheduledAction"
+}
+
+resource_schema "aws_autoscaling_warm_pool" {
+ cloudformation_type_name = "AWS::AutoScaling::WarmPool"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_b2bi_capability" {
+ cloudformation_type_name = "AWS::B2BI::Capability"
+}
+
+resource_schema "aws_b2bi_partnership" {
+ cloudformation_type_name = "AWS::B2BI::Partnership"
+}
+
+resource_schema "aws_b2bi_profile" {
+ cloudformation_type_name = "AWS::B2BI::Profile"
+}
+
+resource_schema "aws_b2bi_transformer" {
+ cloudformation_type_name = "AWS::B2BI::Transformer"
+}
+
+resource_schema "aws_bcmdataexports_export" {
+ cloudformation_type_name = "AWS::BCMDataExports::Export"
+}
+
+resource_schema "aws_backup_backup_plan" {
+ cloudformation_type_name = "AWS::Backup::BackupPlan"
+}
+
+resource_schema "aws_backup_backup_selection" {
+ cloudformation_type_name = "AWS::Backup::BackupSelection"
+}
+
+resource_schema "aws_backup_backup_vault" {
+ cloudformation_type_name = "AWS::Backup::BackupVault"
+}
+
+resource_schema "aws_backup_framework" {
+ cloudformation_type_name = "AWS::Backup::Framework"
+}
+
+resource_schema "aws_backup_report_plan" {
+ cloudformation_type_name = "AWS::Backup::ReportPlan"
+}
+
+resource_schema "aws_backup_restore_testing_plan" {
+ cloudformation_type_name = "AWS::Backup::RestoreTestingPlan"
+}
+
+resource_schema "aws_backup_restore_testing_selection" {
+ cloudformation_type_name = "AWS::Backup::RestoreTestingSelection"
+}
+
+resource_schema "aws_backupgateway_hypervisor" {
+ cloudformation_type_name = "AWS::BackupGateway::Hypervisor"
+}
+
+resource_schema "aws_batch_compute_environment" {
+ cloudformation_type_name = "AWS::Batch::ComputeEnvironment"
+}
+
+resource_schema "aws_batch_job_queue" {
+ cloudformation_type_name = "AWS::Batch::JobQueue"
+}
+
+resource_schema "aws_batch_scheduling_policy" {
+ cloudformation_type_name = "AWS::Batch::SchedulingPolicy"
+}
+
+resource_schema "aws_bedrock_agent" {
+ cloudformation_type_name = "AWS::Bedrock::Agent"
+}
+
+resource_schema "aws_bedrock_agent_alias" {
+ cloudformation_type_name = "AWS::Bedrock::AgentAlias"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_bedrock_data_source" {
+ cloudformation_type_name = "AWS::Bedrock::DataSource"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_bedrock_flow" {
+ cloudformation_type_name = "AWS::Bedrock::Flow"
+}
+
+resource_schema "aws_bedrock_flow_alias" {
+ cloudformation_type_name = "AWS::Bedrock::FlowAlias"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_bedrock_flow_version" {
+ cloudformation_type_name = "AWS::Bedrock::FlowVersion"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_bedrock_guardrail" {
+ cloudformation_type_name = "AWS::Bedrock::Guardrail"
+}
+
+resource_schema "aws_bedrock_guardrail_version" {
+ cloudformation_type_name = "AWS::Bedrock::GuardrailVersion"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_bedrock_knowledge_base" {
+ cloudformation_type_name = "AWS::Bedrock::KnowledgeBase"
+}
+
+resource_schema "aws_bedrock_prompt" {
+ cloudformation_type_name = "AWS::Bedrock::Prompt"
+}
+
+resource_schema "aws_bedrock_prompt_version" {
+ cloudformation_type_name = "AWS::Bedrock::PromptVersion"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_billingconductor_billing_group" {
+ cloudformation_type_name = "AWS::BillingConductor::BillingGroup"
+}
+
+resource_schema "aws_billingconductor_custom_line_item" {
+ cloudformation_type_name = "AWS::BillingConductor::CustomLineItem"
+}
+
+resource_schema "aws_billingconductor_pricing_plan" {
+ cloudformation_type_name = "AWS::BillingConductor::PricingPlan"
+}
+
+resource_schema "aws_billingconductor_pricing_rule" {
+ cloudformation_type_name = "AWS::BillingConductor::PricingRule"
+}
+
+resource_schema "aws_budgets_budgets_action" {
+ cloudformation_type_name = "AWS::Budgets::BudgetsAction"
+}
+
+resource_schema "aws_ce_anomaly_monitor" {
+ cloudformation_type_name = "AWS::CE::AnomalyMonitor"
+}
+
+resource_schema "aws_ce_anomaly_subscription" {
+ cloudformation_type_name = "AWS::CE::AnomalySubscription"
+}
+
+resource_schema "aws_ce_cost_category" {
+ cloudformation_type_name = "AWS::CE::CostCategory"
+}
+
+resource_schema "aws_cur_report_definition" {
+ cloudformation_type_name = "AWS::CUR::ReportDefinition"
+}
+
+resource_schema "aws_cassandra_keyspace" {
+ cloudformation_type_name = "AWS::Cassandra::Keyspace"
+}
+
+resource_schema "aws_cassandra_table" {
+ cloudformation_type_name = "AWS::Cassandra::Table"
+}
+
+resource_schema "aws_certificatemanager_account" {
+ cloudformation_type_name = "AWS::CertificateManager::Account"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_chatbot_microsoft_teams_channel_configuration" {
+ cloudformation_type_name = "AWS::Chatbot::MicrosoftTeamsChannelConfiguration"
+}
+
+resource_schema "aws_chatbot_slack_channel_configuration" {
+ cloudformation_type_name = "AWS::Chatbot::SlackChannelConfiguration"
+}
+
+resource_schema "aws_cleanrooms_analysis_template" {
+ cloudformation_type_name = "AWS::CleanRooms::AnalysisTemplate"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_cleanrooms_collaboration" {
+ cloudformation_type_name = "AWS::CleanRooms::Collaboration"
+}
+
+resource_schema "aws_cleanrooms_configured_table" {
+ cloudformation_type_name = "AWS::CleanRooms::ConfiguredTable"
+}
+
+resource_schema "aws_cleanrooms_configured_table_association" {
+ cloudformation_type_name = "AWS::CleanRooms::ConfiguredTableAssociation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_cleanrooms_id_mapping_table" {
+ cloudformation_type_name = "AWS::CleanRooms::IdMappingTable"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_cleanrooms_id_namespace_association" {
+ cloudformation_type_name = "AWS::CleanRooms::IdNamespaceAssociation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_cleanrooms_membership" {
+ cloudformation_type_name = "AWS::CleanRooms::Membership"
+}
+
+resource_schema "aws_cleanrooms_privacy_budget_template" {
+ cloudformation_type_name = "AWS::CleanRooms::PrivacyBudgetTemplate"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_cleanroomsml_training_dataset" {
+ cloudformation_type_name = "AWS::CleanRoomsML::TrainingDataset"
+}
+
+resource_schema "aws_cloudformation_hook_default_version" {
+ cloudformation_type_name = "AWS::CloudFormation::HookDefaultVersion"
+}
+
+resource_schema "aws_cloudformation_hook_type_config" {
+ cloudformation_type_name = "AWS::CloudFormation::HookTypeConfig"
+}
+
+resource_schema "aws_cloudformation_hook_version" {
+ cloudformation_type_name = "AWS::CloudFormation::HookVersion"
+}
+
+resource_schema "aws_cloudformation_module_default_version" {
+ cloudformation_type_name = "AWS::CloudFormation::ModuleDefaultVersion"
+}
+
+resource_schema "aws_cloudformation_module_version" {
+ cloudformation_type_name = "AWS::CloudFormation::ModuleVersion"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_cloudformation_public_type_version" {
+ cloudformation_type_name = "AWS::CloudFormation::PublicTypeVersion"
+}
+
+resource_schema "aws_cloudformation_publisher" {
+ cloudformation_type_name = "AWS::CloudFormation::Publisher"
+}
+
+resource_schema "aws_cloudformation_resource_default_version" {
+ cloudformation_type_name = "AWS::CloudFormation::ResourceDefaultVersion"
+}
+
+resource_schema "aws_cloudformation_resource_version" {
+ cloudformation_type_name = "AWS::CloudFormation::ResourceVersion"
+}
+
+resource_schema "aws_cloudformation_stack" {
+ cloudformation_type_name = "AWS::CloudFormation::Stack"
+}
+
+resource_schema "aws_cloudformation_stack_set" {
+ cloudformation_type_name = "AWS::CloudFormation::StackSet"
+}
+
+resource_schema "aws_cloudformation_type_activation" {
+ cloudformation_type_name = "AWS::CloudFormation::TypeActivation"
+}
+
+resource_schema "aws_cloudfront_cache_policy" {
+ cloudformation_type_name = "AWS::CloudFront::CachePolicy"
+}
+
+resource_schema "aws_cloudfront_cloudfront_origin_access_identity" {
+ cloudformation_type_name = "AWS::CloudFront::CloudFrontOriginAccessIdentity"
+}
+
+resource_schema "aws_cloudfront_continuous_deployment_policy" {
+ cloudformation_type_name = "AWS::CloudFront::ContinuousDeploymentPolicy"
+}
+
+resource_schema "aws_cloudfront_distribution" {
+ cloudformation_type_name = "AWS::CloudFront::Distribution"
+}
+
+resource_schema "aws_cloudfront_function" {
+ cloudformation_type_name = "AWS::CloudFront::Function"
+}
+
+resource_schema "aws_cloudfront_key_group" {
+ cloudformation_type_name = "AWS::CloudFront::KeyGroup"
+}
+
+resource_schema "aws_cloudfront_key_value_store" {
+ cloudformation_type_name = "AWS::CloudFront::KeyValueStore"
+}
+
+resource_schema "aws_cloudfront_monitoring_subscription" {
+ cloudformation_type_name = "AWS::CloudFront::MonitoringSubscription"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_cloudfront_origin_access_control" {
+ cloudformation_type_name = "AWS::CloudFront::OriginAccessControl"
+}
+
+resource_schema "aws_cloudfront_origin_request_policy" {
+ cloudformation_type_name = "AWS::CloudFront::OriginRequestPolicy"
+}
+
+resource_schema "aws_cloudfront_public_key" {
+ cloudformation_type_name = "AWS::CloudFront::PublicKey"
+}
+
+resource_schema "aws_cloudfront_realtime_log_config" {
+ cloudformation_type_name = "AWS::CloudFront::RealtimeLogConfig"
+}
+
+resource_schema "aws_cloudfront_response_headers_policy" {
+ cloudformation_type_name = "AWS::CloudFront::ResponseHeadersPolicy"
+}
+
+resource_schema "aws_cloudtrail_channel" {
+ cloudformation_type_name = "AWS::CloudTrail::Channel"
+}
+
+resource_schema "aws_cloudtrail_event_data_store" {
+ cloudformation_type_name = "AWS::CloudTrail::EventDataStore"
+}
+
+resource_schema "aws_cloudtrail_resource_policy" {
+ cloudformation_type_name = "AWS::CloudTrail::ResourcePolicy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_cloudtrail_trail" {
+ cloudformation_type_name = "AWS::CloudTrail::Trail"
+}
+
+resource_schema "aws_cloudwatch_alarm" {
+ cloudformation_type_name = "AWS::CloudWatch::Alarm"
+}
+
+resource_schema "aws_cloudwatch_composite_alarm" {
+ cloudformation_type_name = "AWS::CloudWatch::CompositeAlarm"
+}
+
+resource_schema "aws_cloudwatch_dashboard" {
+ cloudformation_type_name = "AWS::CloudWatch::Dashboard"
+}
+
+resource_schema "aws_cloudwatch_metric_stream" {
+ cloudformation_type_name = "AWS::CloudWatch::MetricStream"
+}
+
+resource_schema "aws_codeartifact_domain" {
+ cloudformation_type_name = "AWS::CodeArtifact::Domain"
+}
+
+resource_schema "aws_codeartifact_package_group" {
+ cloudformation_type_name = "AWS::CodeArtifact::PackageGroup"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_codeartifact_repository" {
+ cloudformation_type_name = "AWS::CodeArtifact::Repository"
+}
+
+resource_schema "aws_codebuild_fleet" {
+ cloudformation_type_name = "AWS::CodeBuild::Fleet"
+}
+
+resource_schema "aws_codeconnections_connection" {
+ cloudformation_type_name = "AWS::CodeConnections::Connection"
+}
+
+resource_schema "aws_codedeploy_application" {
+ cloudformation_type_name = "AWS::CodeDeploy::Application"
+}
+
+resource_schema "aws_codedeploy_deployment_config" {
+ cloudformation_type_name = "AWS::CodeDeploy::DeploymentConfig"
+}
+
+resource_schema "aws_codeguruprofiler_profiling_group" {
+ cloudformation_type_name = "AWS::CodeGuruProfiler::ProfilingGroup"
+}
+
+resource_schema "aws_codegurureviewer_repository_association" {
+ cloudformation_type_name = "AWS::CodeGuruReviewer::RepositoryAssociation"
+}
+
+resource_schema "aws_codepipeline_custom_action_type" {
+ cloudformation_type_name = "AWS::CodePipeline::CustomActionType"
+}
+
+resource_schema "aws_codepipeline_pipeline" {
+ cloudformation_type_name = "AWS::CodePipeline::Pipeline"
+}
+
+resource_schema "aws_codestarconnections_connection" {
+ cloudformation_type_name = "AWS::CodeStarConnections::Connection"
+}
+
+resource_schema "aws_codestarconnections_repository_link" {
+ cloudformation_type_name = "AWS::CodeStarConnections::RepositoryLink"
+}
+
+resource_schema "aws_codestarconnections_sync_configuration" {
+ cloudformation_type_name = "AWS::CodeStarConnections::SyncConfiguration"
+}
+
+resource_schema "aws_codestarnotifications_notification_rule" {
+ cloudformation_type_name = "AWS::CodeStarNotifications::NotificationRule"
+}
+
+resource_schema "aws_cognito_identity_pool" {
+ cloudformation_type_name = "AWS::Cognito::IdentityPool"
+}
+
+resource_schema "aws_cognito_identity_pool_principal_tag" {
+ cloudformation_type_name = "AWS::Cognito::IdentityPoolPrincipalTag"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_cognito_identity_pool_role_attachment" {
+ cloudformation_type_name = "AWS::Cognito::IdentityPoolRoleAttachment"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_cognito_log_delivery_configuration" {
+ cloudformation_type_name = "AWS::Cognito::LogDeliveryConfiguration"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_cognito_user_pool" {
+ cloudformation_type_name = "AWS::Cognito::UserPool"
+}
+
+resource_schema "aws_cognito_user_pool_client" {
+ cloudformation_type_name = "AWS::Cognito::UserPoolClient"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_cognito_user_pool_group" {
+ cloudformation_type_name = "AWS::Cognito::UserPoolGroup"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_cognito_user_pool_resource_server" {
+ cloudformation_type_name = "AWS::Cognito::UserPoolResourceServer"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_cognito_user_pool_risk_configuration_attachment" {
+ cloudformation_type_name = "AWS::Cognito::UserPoolRiskConfigurationAttachment"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_cognito_user_pool_ui_customization_attachment" {
+ cloudformation_type_name = "AWS::Cognito::UserPoolUICustomizationAttachment"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_cognito_user_pool_user" {
+ cloudformation_type_name = "AWS::Cognito::UserPoolUser"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_cognito_user_pool_user_to_group_attachment" {
+ cloudformation_type_name = "AWS::Cognito::UserPoolUserToGroupAttachment"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_comprehend_document_classifier" {
+ cloudformation_type_name = "AWS::Comprehend::DocumentClassifier"
+}
+
+resource_schema "aws_comprehend_flywheel" {
+ cloudformation_type_name = "AWS::Comprehend::Flywheel"
+}
+
+resource_schema "aws_config_aggregation_authorization" {
+ cloudformation_type_name = "AWS::Config::AggregationAuthorization"
+}
+
+resource_schema "aws_config_config_rule" {
+ cloudformation_type_name = "AWS::Config::ConfigRule"
+}
+
+resource_schema "aws_config_configuration_aggregator" {
+ cloudformation_type_name = "AWS::Config::ConfigurationAggregator"
+}
+
+resource_schema "aws_config_conformance_pack" {
+ cloudformation_type_name = "AWS::Config::ConformancePack"
+}
+
+resource_schema "aws_config_organization_conformance_pack" {
+ cloudformation_type_name = "AWS::Config::OrganizationConformancePack"
+}
+
+resource_schema "aws_config_stored_query" {
+ cloudformation_type_name = "AWS::Config::StoredQuery"
+}
+
+resource_schema "aws_connect_approved_origin" {
+ cloudformation_type_name = "AWS::Connect::ApprovedOrigin"
+}
+
+resource_schema "aws_connect_contact_flow" {
+ cloudformation_type_name = "AWS::Connect::ContactFlow"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_connect_contact_flow_module" {
+ cloudformation_type_name = "AWS::Connect::ContactFlowModule"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_connect_evaluation_form" {
+ cloudformation_type_name = "AWS::Connect::EvaluationForm"
+}
+
+resource_schema "aws_connect_hours_of_operation" {
+ cloudformation_type_name = "AWS::Connect::HoursOfOperation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_connect_instance" {
+ cloudformation_type_name = "AWS::Connect::Instance"
+}
+
+resource_schema "aws_connect_instance_storage_config" {
+ cloudformation_type_name = "AWS::Connect::InstanceStorageConfig"
+}
+
+resource_schema "aws_connect_integration_association" {
+ cloudformation_type_name = "AWS::Connect::IntegrationAssociation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_connect_phone_number" {
+ cloudformation_type_name = "AWS::Connect::PhoneNumber"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_connect_predefined_attribute" {
+ cloudformation_type_name = "AWS::Connect::PredefinedAttribute"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_connect_prompt" {
+ cloudformation_type_name = "AWS::Connect::Prompt"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_connect_queue" {
+ cloudformation_type_name = "AWS::Connect::Queue"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_connect_quick_connect" {
+ cloudformation_type_name = "AWS::Connect::QuickConnect"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_connect_routing_profile" {
+ cloudformation_type_name = "AWS::Connect::RoutingProfile"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_connect_rule" {
+ cloudformation_type_name = "AWS::Connect::Rule"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_connect_security_key" {
+ cloudformation_type_name = "AWS::Connect::SecurityKey"
+}
+
+resource_schema "aws_connect_security_profile" {
+ cloudformation_type_name = "AWS::Connect::SecurityProfile"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_connect_task_template" {
+ cloudformation_type_name = "AWS::Connect::TaskTemplate"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_connect_traffic_distribution_group" {
+ cloudformation_type_name = "AWS::Connect::TrafficDistributionGroup"
+}
+
+resource_schema "aws_connect_user" {
+ cloudformation_type_name = "AWS::Connect::User"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_connect_user_hierarchy_group" {
+ cloudformation_type_name = "AWS::Connect::UserHierarchyGroup"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_connect_view" {
+ cloudformation_type_name = "AWS::Connect::View"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_connect_view_version" {
+ cloudformation_type_name = "AWS::Connect::ViewVersion"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_connectcampaigns_campaign" {
+ cloudformation_type_name = "AWS::ConnectCampaigns::Campaign"
+}
+
+resource_schema "aws_controltower_enabled_baseline" {
+ cloudformation_type_name = "AWS::ControlTower::EnabledBaseline"
+}
+
+resource_schema "aws_controltower_enabled_control" {
+ cloudformation_type_name = "AWS::ControlTower::EnabledControl"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_controltower_landing_zone" {
+ cloudformation_type_name = "AWS::ControlTower::LandingZone"
+}
+
+resource_schema "aws_customerprofiles_calculated_attribute_definition" {
+ cloudformation_type_name = "AWS::CustomerProfiles::CalculatedAttributeDefinition"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_customerprofiles_domain" {
+ cloudformation_type_name = "AWS::CustomerProfiles::Domain"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_customerprofiles_event_stream" {
+ cloudformation_type_name = "AWS::CustomerProfiles::EventStream"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_customerprofiles_integration" {
+ cloudformation_type_name = "AWS::CustomerProfiles::Integration"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_customerprofiles_object_type" {
+ cloudformation_type_name = "AWS::CustomerProfiles::ObjectType"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_dms_data_provider" {
+ cloudformation_type_name = "AWS::DMS::DataProvider"
+}
+
+resource_schema "aws_dms_instance_profile" {
+ cloudformation_type_name = "AWS::DMS::InstanceProfile"
+}
+
+resource_schema "aws_dms_migration_project" {
+ cloudformation_type_name = "AWS::DMS::MigrationProject"
+}
+
+resource_schema "aws_dms_replication_config" {
+ cloudformation_type_name = "AWS::DMS::ReplicationConfig"
+}
+
+resource_schema "aws_databrew_dataset" {
+ cloudformation_type_name = "AWS::DataBrew::Dataset"
+}
+
+resource_schema "aws_databrew_job" {
+ cloudformation_type_name = "AWS::DataBrew::Job"
+}
+
+resource_schema "aws_databrew_project" {
+ cloudformation_type_name = "AWS::DataBrew::Project"
+}
+
+resource_schema "aws_databrew_recipe" {
+ cloudformation_type_name = "AWS::DataBrew::Recipe"
+}
+
+resource_schema "aws_databrew_ruleset" {
+ cloudformation_type_name = "AWS::DataBrew::Ruleset"
+}
+
+resource_schema "aws_databrew_schedule" {
+ cloudformation_type_name = "AWS::DataBrew::Schedule"
+}
+
+resource_schema "aws_datapipeline_pipeline" {
+ cloudformation_type_name = "AWS::DataPipeline::Pipeline"
+}
+
+resource_schema "aws_datasync_agent" {
+ cloudformation_type_name = "AWS::DataSync::Agent"
+}
+
+resource_schema "aws_datasync_location_azure_blob" {
+ cloudformation_type_name = "AWS::DataSync::LocationAzureBlob"
+}
+
+resource_schema "aws_datasync_location_efs" {
+ cloudformation_type_name = "AWS::DataSync::LocationEFS"
+}
+
+resource_schema "aws_datasync_location_fsx_lustre" {
+ cloudformation_type_name = "AWS::DataSync::LocationFSxLustre"
+}
+
+resource_schema "aws_datasync_location_fsx_ontap" {
+ cloudformation_type_name = "AWS::DataSync::LocationFSxONTAP"
+}
+
+resource_schema "aws_datasync_location_fsx_open_zfs" {
+ cloudformation_type_name = "AWS::DataSync::LocationFSxOpenZFS"
+}
+
+resource_schema "aws_datasync_location_fsx_windows" {
+ cloudformation_type_name = "AWS::DataSync::LocationFSxWindows"
+}
+
+resource_schema "aws_datasync_location_hdfs" {
+ cloudformation_type_name = "AWS::DataSync::LocationHDFS"
+}
+
+resource_schema "aws_datasync_location_nfs" {
+ cloudformation_type_name = "AWS::DataSync::LocationNFS"
+}
+
+resource_schema "aws_datasync_location_object_storage" {
+ cloudformation_type_name = "AWS::DataSync::LocationObjectStorage"
+}
+
+resource_schema "aws_datasync_location_s3" {
+ cloudformation_type_name = "AWS::DataSync::LocationS3"
+}
+
+resource_schema "aws_datasync_location_smb" {
+ cloudformation_type_name = "AWS::DataSync::LocationSMB"
+}
+
+resource_schema "aws_datasync_storage_system" {
+ cloudformation_type_name = "AWS::DataSync::StorageSystem"
+}
+
+resource_schema "aws_datasync_task" {
+ cloudformation_type_name = "AWS::DataSync::Task"
+}
+
+resource_schema "aws_datazone_data_source" {
+ cloudformation_type_name = "AWS::DataZone::DataSource"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_datazone_domain" {
+ cloudformation_type_name = "AWS::DataZone::Domain"
+}
+
+resource_schema "aws_datazone_environment" {
+ cloudformation_type_name = "AWS::DataZone::Environment"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_datazone_environment_blueprint_configuration" {
+ cloudformation_type_name = "AWS::DataZone::EnvironmentBlueprintConfiguration"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_datazone_environment_profile" {
+ cloudformation_type_name = "AWS::DataZone::EnvironmentProfile"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_datazone_group_profile" {
+ cloudformation_type_name = "AWS::DataZone::GroupProfile"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_datazone_project" {
+ cloudformation_type_name = "AWS::DataZone::Project"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_datazone_project_membership" {
+ cloudformation_type_name = "AWS::DataZone::ProjectMembership"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_datazone_subscription_target" {
+ cloudformation_type_name = "AWS::DataZone::SubscriptionTarget"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_datazone_user_profile" {
+ cloudformation_type_name = "AWS::DataZone::UserProfile"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_deadline_farm" {
+ cloudformation_type_name = "AWS::Deadline::Farm"
+}
+
+resource_schema "aws_deadline_fleet" {
+ cloudformation_type_name = "AWS::Deadline::Fleet"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_deadline_license_endpoint" {
+ cloudformation_type_name = "AWS::Deadline::LicenseEndpoint"
+}
+
+resource_schema "aws_deadline_metered_product" {
+ cloudformation_type_name = "AWS::Deadline::MeteredProduct"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_deadline_monitor" {
+ cloudformation_type_name = "AWS::Deadline::Monitor"
+}
+
+resource_schema "aws_deadline_queue" {
+ cloudformation_type_name = "AWS::Deadline::Queue"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_deadline_queue_environment" {
+ cloudformation_type_name = "AWS::Deadline::QueueEnvironment"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_deadline_queue_fleet_association" {
+ cloudformation_type_name = "AWS::Deadline::QueueFleetAssociation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_deadline_storage_profile" {
+ cloudformation_type_name = "AWS::Deadline::StorageProfile"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_detective_graph" {
+ cloudformation_type_name = "AWS::Detective::Graph"
+}
+
+resource_schema "aws_detective_member_invitation" {
+ cloudformation_type_name = "AWS::Detective::MemberInvitation"
+}
+
+resource_schema "aws_detective_organization_admin" {
+ cloudformation_type_name = "AWS::Detective::OrganizationAdmin"
+}
+
+resource_schema "aws_devopsguru_log_anomaly_detection_integration" {
+ cloudformation_type_name = "AWS::DevOpsGuru::LogAnomalyDetectionIntegration"
+}
+
+resource_schema "aws_devopsguru_notification_channel" {
+ cloudformation_type_name = "AWS::DevOpsGuru::NotificationChannel"
+}
+
+resource_schema "aws_devopsguru_resource_collection" {
+ cloudformation_type_name = "AWS::DevOpsGuru::ResourceCollection"
+}
+
+resource_schema "aws_directoryservice_simple_ad" {
+ cloudformation_type_name = "AWS::DirectoryService::SimpleAD"
+}
+
+resource_schema "aws_docdbelastic_cluster" {
+ cloudformation_type_name = "AWS::DocDBElastic::Cluster"
+}
+
+resource_schema "aws_dynamodb_global_table" {
+ cloudformation_type_name = "AWS::DynamoDB::GlobalTable"
+}
+
+resource_schema "aws_dynamodb_table" {
+ cloudformation_type_name = "AWS::DynamoDB::Table"
+}
+
+resource_schema "aws_ec2_capacity_reservation" {
+ cloudformation_type_name = "AWS::EC2::CapacityReservation"
+}
+
+resource_schema "aws_ec2_capacity_reservation_fleet" {
+ cloudformation_type_name = "AWS::EC2::CapacityReservationFleet"
+}
+
+resource_schema "aws_ec2_carrier_gateway" {
+ cloudformation_type_name = "AWS::EC2::CarrierGateway"
+}
+
+resource_schema "aws_ec2_customer_gateway" {
+ cloudformation_type_name = "AWS::EC2::CustomerGateway"
+}
+
+resource_schema "aws_ec2_dhcp_options" {
+ cloudformation_type_name = "AWS::EC2::DHCPOptions"
+}
+
+resource_schema "aws_ec2_ec2_fleet" {
+ cloudformation_type_name = "AWS::EC2::EC2Fleet"
+}
+
+resource_schema "aws_ec2_eip" {
+ cloudformation_type_name = "AWS::EC2::EIP"
+}
+
+resource_schema "aws_ec2_eip_association" {
+ cloudformation_type_name = "AWS::EC2::EIPAssociation"
+}
+
+resource_schema "aws_ec2_egress_only_internet_gateway" {
+ cloudformation_type_name = "AWS::EC2::EgressOnlyInternetGateway"
+}
+
+resource_schema "aws_ec2_enclave_certificate_iam_role_association" {
+ cloudformation_type_name = "AWS::EC2::EnclaveCertificateIamRoleAssociation"
+}
+
+resource_schema "aws_ec2_flow_log" {
+ cloudformation_type_name = "AWS::EC2::FlowLog"
+}
+
+resource_schema "aws_ec2_gateway_route_table_association" {
+ cloudformation_type_name = "AWS::EC2::GatewayRouteTableAssociation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_ec2_host" {
+ cloudformation_type_name = "AWS::EC2::Host"
+}
+
+resource_schema "aws_ec2_ipam" {
+ cloudformation_type_name = "AWS::EC2::IPAM"
+}
+
+resource_schema "aws_ec2_ipam_allocation" {
+ cloudformation_type_name = "AWS::EC2::IPAMAllocation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_ec2_ipam_pool" {
+ cloudformation_type_name = "AWS::EC2::IPAMPool"
+}
+
+resource_schema "aws_ec2_ipam_pool_cidr" {
+ cloudformation_type_name = "AWS::EC2::IPAMPoolCidr"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_ec2_ipam_resource_discovery" {
+ cloudformation_type_name = "AWS::EC2::IPAMResourceDiscovery"
+}
+
+resource_schema "aws_ec2_ipam_resource_discovery_association" {
+ cloudformation_type_name = "AWS::EC2::IPAMResourceDiscoveryAssociation"
+}
+
+resource_schema "aws_ec2_ipam_scope" {
+ cloudformation_type_name = "AWS::EC2::IPAMScope"
+}
+
+resource_schema "aws_ec2_instance" {
+ cloudformation_type_name = "AWS::EC2::Instance"
+}
+
+resource_schema "aws_ec2_instance_connect_endpoint" {
+ cloudformation_type_name = "AWS::EC2::InstanceConnectEndpoint"
+}
+
+resource_schema "aws_ec2_internet_gateway" {
+ cloudformation_type_name = "AWS::EC2::InternetGateway"
+}
+
+resource_schema "aws_ec2_key_pair" {
+ cloudformation_type_name = "AWS::EC2::KeyPair"
+}
+
+resource_schema "aws_ec2_launch_template" {
+ cloudformation_type_name = "AWS::EC2::LaunchTemplate"
+}
+
+resource_schema "aws_ec2_local_gateway_route" {
+ cloudformation_type_name = "AWS::EC2::LocalGatewayRoute"
+}
+
+resource_schema "aws_ec2_local_gateway_route_table" {
+ cloudformation_type_name = "AWS::EC2::LocalGatewayRouteTable"
+}
+
+resource_schema "aws_ec2_local_gateway_route_table_vpc_association" {
+ cloudformation_type_name = "AWS::EC2::LocalGatewayRouteTableVPCAssociation"
+}
+
+resource_schema "aws_ec2_local_gateway_route_table_virtual_interface_group_association" {
+ cloudformation_type_name = "AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation"
+}
+
+resource_schema "aws_ec2_nat_gateway" {
+ cloudformation_type_name = "AWS::EC2::NatGateway"
+}
+
+resource_schema "aws_ec2_network_acl" {
+ cloudformation_type_name = "AWS::EC2::NetworkAcl"
+}
+
+resource_schema "aws_ec2_network_insights_access_scope" {
+ cloudformation_type_name = "AWS::EC2::NetworkInsightsAccessScope"
+}
+
+resource_schema "aws_ec2_network_insights_access_scope_analysis" {
+ cloudformation_type_name = "AWS::EC2::NetworkInsightsAccessScopeAnalysis"
+}
+
+resource_schema "aws_ec2_network_insights_analysis" {
+ cloudformation_type_name = "AWS::EC2::NetworkInsightsAnalysis"
+}
+
+resource_schema "aws_ec2_network_insights_path" {
+ cloudformation_type_name = "AWS::EC2::NetworkInsightsPath"
+}
+
+resource_schema "aws_ec2_network_interface" {
+ cloudformation_type_name = "AWS::EC2::NetworkInterface"
+}
+
+resource_schema "aws_ec2_network_interface_attachment" {
+ cloudformation_type_name = "AWS::EC2::NetworkInterfaceAttachment"
+}
+
+resource_schema "aws_ec2_network_performance_metric_subscription" {
+ cloudformation_type_name = "AWS::EC2::NetworkPerformanceMetricSubscription"
+}
+
+resource_schema "aws_ec2_placement_group" {
+ cloudformation_type_name = "AWS::EC2::PlacementGroup"
+}
+
+resource_schema "aws_ec2_prefix_list" {
+ cloudformation_type_name = "AWS::EC2::PrefixList"
+}
+
+resource_schema "aws_ec2_route" {
+ cloudformation_type_name = "AWS::EC2::Route"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_ec2_route_table" {
+ cloudformation_type_name = "AWS::EC2::RouteTable"
+}
+
+resource_schema "aws_ec2_security_group" {
+ cloudformation_type_name = "AWS::EC2::SecurityGroup"
+}
+
+resource_schema "aws_ec2_security_group_egress" {
+ cloudformation_type_name = "AWS::EC2::SecurityGroupEgress"
+}
+
+resource_schema "aws_ec2_security_group_ingress" {
+ cloudformation_type_name = "AWS::EC2::SecurityGroupIngress"
+}
+
+resource_schema "aws_ec2_snapshot_block_public_access" {
+ cloudformation_type_name = "AWS::EC2::SnapshotBlockPublicAccess"
+}
+
+resource_schema "aws_ec2_spot_fleet" {
+ cloudformation_type_name = "AWS::EC2::SpotFleet"
+}
+
+resource_schema "aws_ec2_subnet" {
+ cloudformation_type_name = "AWS::EC2::Subnet"
+}
+
+resource_schema "aws_ec2_subnet_cidr_block" {
+ cloudformation_type_name = "AWS::EC2::SubnetCidrBlock"
+}
+
+resource_schema "aws_ec2_subnet_network_acl_association" {
+ cloudformation_type_name = "AWS::EC2::SubnetNetworkAclAssociation"
+}
+
+resource_schema "aws_ec2_subnet_route_table_association" {
+ cloudformation_type_name = "AWS::EC2::SubnetRouteTableAssociation"
+}
+
+resource_schema "aws_ec2_transit_gateway" {
+ cloudformation_type_name = "AWS::EC2::TransitGateway"
+}
+
+resource_schema "aws_ec2_transit_gateway_attachment" {
+ cloudformation_type_name = "AWS::EC2::TransitGatewayAttachment"
+}
+
+resource_schema "aws_ec2_transit_gateway_connect" {
+ cloudformation_type_name = "AWS::EC2::TransitGatewayConnect"
+}
+
+resource_schema "aws_ec2_transit_gateway_multicast_domain" {
+ cloudformation_type_name = "AWS::EC2::TransitGatewayMulticastDomain"
+}
+
+resource_schema "aws_ec2_transit_gateway_multicast_domain_association" {
+ cloudformation_type_name = "AWS::EC2::TransitGatewayMulticastDomainAssociation"
+}
+
+resource_schema "aws_ec2_transit_gateway_multicast_group_member" {
+ cloudformation_type_name = "AWS::EC2::TransitGatewayMulticastGroupMember"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_ec2_transit_gateway_multicast_group_source" {
+ cloudformation_type_name = "AWS::EC2::TransitGatewayMulticastGroupSource"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_ec2_transit_gateway_peering_attachment" {
+ cloudformation_type_name = "AWS::EC2::TransitGatewayPeeringAttachment"
+}
+
+resource_schema "aws_ec2_transit_gateway_route" {
+ cloudformation_type_name = "AWS::EC2::TransitGatewayRoute"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_ec2_transit_gateway_route_table" {
+ cloudformation_type_name = "AWS::EC2::TransitGatewayRouteTable"
+}
+
+resource_schema "aws_ec2_transit_gateway_route_table_association" {
+ cloudformation_type_name = "AWS::EC2::TransitGatewayRouteTableAssociation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_ec2_transit_gateway_route_table_propagation" {
+ cloudformation_type_name = "AWS::EC2::TransitGatewayRouteTablePropagation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_ec2_transit_gateway_vpc_attachment" {
+ cloudformation_type_name = "AWS::EC2::TransitGatewayVpcAttachment"
+}
+
+resource_schema "aws_ec2_vpc" {
+ cloudformation_type_name = "AWS::EC2::VPC"
+}
+
+resource_schema "aws_ec2_vpc_cidr_block" {
+ cloudformation_type_name = "AWS::EC2::VPCCidrBlock"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_ec2_vpcdhcp_options_association" {
+ cloudformation_type_name = "AWS::EC2::VPCDHCPOptionsAssociation"
+}
+
+resource_schema "aws_ec2_vpc_endpoint" {
+ cloudformation_type_name = "AWS::EC2::VPCEndpoint"
+}
+
+resource_schema "aws_ec2_vpc_endpoint_connection_notification" {
+ cloudformation_type_name = "AWS::EC2::VPCEndpointConnectionNotification"
+}
+
+resource_schema "aws_ec2_vpc_endpoint_service" {
+ cloudformation_type_name = "AWS::EC2::VPCEndpointService"
+}
+
+resource_schema "aws_ec2_vpc_endpoint_service_permissions" {
+ cloudformation_type_name = "AWS::EC2::VPCEndpointServicePermissions"
+}
+
+resource_schema "aws_ec2_vpc_gateway_attachment" {
+ cloudformation_type_name = "AWS::EC2::VPCGatewayAttachment"
+}
+
+resource_schema "aws_ec2_vpc_peering_connection" {
+ cloudformation_type_name = "AWS::EC2::VPCPeeringConnection"
+}
+
+resource_schema "aws_ec2_vpn_connection" {
+ cloudformation_type_name = "AWS::EC2::VPNConnection"
+}
+
+resource_schema "aws_ec2_vpn_connection_route" {
+ cloudformation_type_name = "AWS::EC2::VPNConnectionRoute"
+}
+
+resource_schema "aws_ec2_vpn_gateway" {
+ cloudformation_type_name = "AWS::EC2::VPNGateway"
+}
+
+resource_schema "aws_ec2_verified_access_endpoint" {
+ cloudformation_type_name = "AWS::EC2::VerifiedAccessEndpoint"
+}
+
+resource_schema "aws_ec2_verified_access_group" {
+ cloudformation_type_name = "AWS::EC2::VerifiedAccessGroup"
+}
+
+resource_schema "aws_ec2_verified_access_instance" {
+ cloudformation_type_name = "AWS::EC2::VerifiedAccessInstance"
+}
+
+resource_schema "aws_ec2_verified_access_trust_provider" {
+ cloudformation_type_name = "AWS::EC2::VerifiedAccessTrustProvider"
+}
+
+resource_schema "aws_ec2_volume" {
+ cloudformation_type_name = "AWS::EC2::Volume"
+}
+
+resource_schema "aws_ec2_volume_attachment" {
+ cloudformation_type_name = "AWS::EC2::VolumeAttachment"
+}
+
+resource_schema "aws_ecr_public_repository" {
+ cloudformation_type_name = "AWS::ECR::PublicRepository"
+}
+
+resource_schema "aws_ecr_pull_through_cache_rule" {
+ cloudformation_type_name = "AWS::ECR::PullThroughCacheRule"
+}
+
+resource_schema "aws_ecr_registry_policy" {
+ cloudformation_type_name = "AWS::ECR::RegistryPolicy"
+}
+
+resource_schema "aws_ecr_replication_configuration" {
+ cloudformation_type_name = "AWS::ECR::ReplicationConfiguration"
+}
+
+resource_schema "aws_ecr_repository" {
+ cloudformation_type_name = "AWS::ECR::Repository"
+}
+
+resource_schema "aws_ecr_repository_creation_template" {
+ cloudformation_type_name = "AWS::ECR::RepositoryCreationTemplate"
+}
+
+resource_schema "aws_ecs_capacity_provider" {
+ cloudformation_type_name = "AWS::ECS::CapacityProvider"
+}
+
+resource_schema "aws_ecs_cluster" {
+ cloudformation_type_name = "AWS::ECS::Cluster"
+}
+
+resource_schema "aws_ecs_cluster_capacity_provider_associations" {
+ cloudformation_type_name = "AWS::ECS::ClusterCapacityProviderAssociations"
+}
+
+resource_schema "aws_ecs_primary_task_set" {
+ cloudformation_type_name = "AWS::ECS::PrimaryTaskSet"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_ecs_service" {
+ cloudformation_type_name = "AWS::ECS::Service"
+}
+
+resource_schema "aws_ecs_task_definition" {
+ cloudformation_type_name = "AWS::ECS::TaskDefinition"
+}
+
+resource_schema "aws_ecs_task_set" {
+ cloudformation_type_name = "AWS::ECS::TaskSet"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_efs_access_point" {
+ cloudformation_type_name = "AWS::EFS::AccessPoint"
+}
+
+resource_schema "aws_efs_file_system" {
+ cloudformation_type_name = "AWS::EFS::FileSystem"
+}
+
+resource_schema "aws_efs_mount_target" {
+ cloudformation_type_name = "AWS::EFS::MountTarget"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_eks_access_entry" {
+ cloudformation_type_name = "AWS::EKS::AccessEntry"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_eks_addon" {
+ cloudformation_type_name = "AWS::EKS::Addon"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_eks_cluster" {
+ cloudformation_type_name = "AWS::EKS::Cluster"
+}
+
+resource_schema "aws_eks_fargate_profile" {
+ cloudformation_type_name = "AWS::EKS::FargateProfile"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_eks_identity_provider_config" {
+ cloudformation_type_name = "AWS::EKS::IdentityProviderConfig"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_eks_nodegroup" {
+ cloudformation_type_name = "AWS::EKS::Nodegroup"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_eks_pod_identity_association" {
+ cloudformation_type_name = "AWS::EKS::PodIdentityAssociation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_emr_security_configuration" {
+ cloudformation_type_name = "AWS::EMR::SecurityConfiguration"
+}
+
+resource_schema "aws_emr_studio" {
+ cloudformation_type_name = "AWS::EMR::Studio"
+}
+
+resource_schema "aws_emr_studio_session_mapping" {
+ cloudformation_type_name = "AWS::EMR::StudioSessionMapping"
+}
+
+resource_schema "aws_emr_wal_workspace" {
+ cloudformation_type_name = "AWS::EMR::WALWorkspace"
+}
+
+resource_schema "aws_emrcontainers_virtual_cluster" {
+ cloudformation_type_name = "AWS::EMRContainers::VirtualCluster"
+}
+
+resource_schema "aws_emrserverless_application" {
+ cloudformation_type_name = "AWS::EMRServerless::Application"
+}
+
+resource_schema "aws_elasticache_global_replication_group" {
+ cloudformation_type_name = "AWS::ElastiCache::GlobalReplicationGroup"
+}
+
+resource_schema "aws_elasticache_parameter_group" {
+ cloudformation_type_name = "AWS::ElastiCache::ParameterGroup"
+}
+
+resource_schema "aws_elasticache_serverless_cache" {
+ cloudformation_type_name = "AWS::ElastiCache::ServerlessCache"
+}
+
+resource_schema "aws_elasticache_subnet_group" {
+ cloudformation_type_name = "AWS::ElastiCache::SubnetGroup"
+}
+
+resource_schema "aws_elasticache_user" {
+ cloudformation_type_name = "AWS::ElastiCache::User"
+}
+
+resource_schema "aws_elasticache_user_group" {
+ cloudformation_type_name = "AWS::ElastiCache::UserGroup"
+}
+
+resource_schema "aws_elasticbeanstalk_application" {
+ cloudformation_type_name = "AWS::ElasticBeanstalk::Application"
+}
+
+resource_schema "aws_elasticbeanstalk_application_version" {
+ cloudformation_type_name = "AWS::ElasticBeanstalk::ApplicationVersion"
+}
+
+resource_schema "aws_elasticbeanstalk_configuration_template" {
+ cloudformation_type_name = "AWS::ElasticBeanstalk::ConfigurationTemplate"
+}
+
+resource_schema "aws_elasticbeanstalk_environment" {
+ cloudformation_type_name = "AWS::ElasticBeanstalk::Environment"
+}
+
+resource_schema "aws_elasticloadbalancingv2_listener" {
+ cloudformation_type_name = "AWS::ElasticLoadBalancingV2::Listener"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_elasticloadbalancingv2_listener_rule" {
+ cloudformation_type_name = "AWS::ElasticLoadBalancingV2::ListenerRule"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_elasticloadbalancingv2_load_balancer" {
+ cloudformation_type_name = "AWS::ElasticLoadBalancingV2::LoadBalancer"
+}
+
+resource_schema "aws_elasticloadbalancingv2_target_group" {
+ cloudformation_type_name = "AWS::ElasticLoadBalancingV2::TargetGroup"
+}
+
+resource_schema "aws_elasticloadbalancingv2_trust_store" {
+ cloudformation_type_name = "AWS::ElasticLoadBalancingV2::TrustStore"
+}
+
+resource_schema "aws_elasticloadbalancingv2_trust_store_revocation" {
+ cloudformation_type_name = "AWS::ElasticLoadBalancingV2::TrustStoreRevocation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_entityresolution_id_mapping_workflow" {
+ cloudformation_type_name = "AWS::EntityResolution::IdMappingWorkflow"
+}
+
+resource_schema "aws_entityresolution_id_namespace" {
+ cloudformation_type_name = "AWS::EntityResolution::IdNamespace"
+}
+
+resource_schema "aws_entityresolution_matching_workflow" {
+ cloudformation_type_name = "AWS::EntityResolution::MatchingWorkflow"
+}
+
+resource_schema "aws_entityresolution_policy_statement" {
+ cloudformation_type_name = "AWS::EntityResolution::PolicyStatement"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_entityresolution_schema_mapping" {
+ cloudformation_type_name = "AWS::EntityResolution::SchemaMapping"
+}
+
+resource_schema "aws_eventschemas_discoverer" {
+ cloudformation_type_name = "AWS::EventSchemas::Discoverer"
+}
+
+resource_schema "aws_eventschemas_registry" {
+ cloudformation_type_name = "AWS::EventSchemas::Registry"
+}
+
+resource_schema "aws_eventschemas_registry_policy" {
+ cloudformation_type_name = "AWS::EventSchemas::RegistryPolicy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_eventschemas_schema" {
+ cloudformation_type_name = "AWS::EventSchemas::Schema"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_events_api_destination" {
+ cloudformation_type_name = "AWS::Events::ApiDestination"
+}
+
+resource_schema "aws_events_archive" {
+ cloudformation_type_name = "AWS::Events::Archive"
+}
+
+resource_schema "aws_events_connection" {
+ cloudformation_type_name = "AWS::Events::Connection"
+}
+
+resource_schema "aws_events_endpoint" {
+ cloudformation_type_name = "AWS::Events::Endpoint"
+}
+
+resource_schema "aws_events_event_bus" {
+ cloudformation_type_name = "AWS::Events::EventBus"
+}
+
+resource_schema "aws_events_rule" {
+ cloudformation_type_name = "AWS::Events::Rule"
+}
+
+resource_schema "aws_evidently_experiment" {
+ cloudformation_type_name = "AWS::Evidently::Experiment"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_evidently_feature" {
+ cloudformation_type_name = "AWS::Evidently::Feature"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_evidently_launch" {
+ cloudformation_type_name = "AWS::Evidently::Launch"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_evidently_project" {
+ cloudformation_type_name = "AWS::Evidently::Project"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_evidently_segment" {
+ cloudformation_type_name = "AWS::Evidently::Segment"
+}
+
+resource_schema "aws_fis_experiment_template" {
+ cloudformation_type_name = "AWS::FIS::ExperimentTemplate"
+}
+
+resource_schema "aws_fis_target_account_configuration" {
+ cloudformation_type_name = "AWS::FIS::TargetAccountConfiguration"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_fms_notification_channel" {
+ cloudformation_type_name = "AWS::FMS::NotificationChannel"
+}
+
+resource_schema "aws_fms_policy" {
+ cloudformation_type_name = "AWS::FMS::Policy"
+}
+
+resource_schema "aws_fms_resource_set" {
+ cloudformation_type_name = "AWS::FMS::ResourceSet"
+}
+
+resource_schema "aws_fsx_data_repository_association" {
+ cloudformation_type_name = "AWS::FSx::DataRepositoryAssociation"
+}
+
+resource_schema "aws_finspace_environment" {
+ cloudformation_type_name = "AWS::FinSpace::Environment"
+}
+
+resource_schema "aws_forecast_dataset" {
+ cloudformation_type_name = "AWS::Forecast::Dataset"
+}
+
+resource_schema "aws_forecast_dataset_group" {
+ cloudformation_type_name = "AWS::Forecast::DatasetGroup"
+}
+
+resource_schema "aws_frauddetector_detector" {
+ cloudformation_type_name = "AWS::FraudDetector::Detector"
+}
+
+resource_schema "aws_frauddetector_entity_type" {
+ cloudformation_type_name = "AWS::FraudDetector::EntityType"
+}
+
+resource_schema "aws_frauddetector_event_type" {
+ cloudformation_type_name = "AWS::FraudDetector::EventType"
+}
+
+resource_schema "aws_frauddetector_label" {
+ cloudformation_type_name = "AWS::FraudDetector::Label"
+}
+
+resource_schema "aws_frauddetector_list" {
+ cloudformation_type_name = "AWS::FraudDetector::List"
+}
+
+resource_schema "aws_frauddetector_outcome" {
+ cloudformation_type_name = "AWS::FraudDetector::Outcome"
+}
+
+resource_schema "aws_frauddetector_variable" {
+ cloudformation_type_name = "AWS::FraudDetector::Variable"
+}
+
+resource_schema "aws_gamelift_alias" {
+ cloudformation_type_name = "AWS::GameLift::Alias"
+}
+
+resource_schema "aws_gamelift_build" {
+ cloudformation_type_name = "AWS::GameLift::Build"
+}
+
+resource_schema "aws_gamelift_container_group_definition" {
+ cloudformation_type_name = "AWS::GameLift::ContainerGroupDefinition"
+}
+
+resource_schema "aws_gamelift_fleet" {
+ cloudformation_type_name = "AWS::GameLift::Fleet"
+}
+
+resource_schema "aws_gamelift_game_server_group" {
+ cloudformation_type_name = "AWS::GameLift::GameServerGroup"
+}
+
+resource_schema "aws_gamelift_game_session_queue" {
+ cloudformation_type_name = "AWS::GameLift::GameSessionQueue"
+}
+
+resource_schema "aws_gamelift_location" {
+ cloudformation_type_name = "AWS::GameLift::Location"
+}
+
+resource_schema "aws_gamelift_matchmaking_configuration" {
+ cloudformation_type_name = "AWS::GameLift::MatchmakingConfiguration"
+}
+
+resource_schema "aws_gamelift_matchmaking_rule_set" {
+ cloudformation_type_name = "AWS::GameLift::MatchmakingRuleSet"
+}
+
+resource_schema "aws_gamelift_script" {
+ cloudformation_type_name = "AWS::GameLift::Script"
+}
+
+resource_schema "aws_globalaccelerator_accelerator" {
+ cloudformation_type_name = "AWS::GlobalAccelerator::Accelerator"
+}
+
+resource_schema "aws_globalaccelerator_cross_account_attachment" {
+ cloudformation_type_name = "AWS::GlobalAccelerator::CrossAccountAttachment"
+}
+
+resource_schema "aws_globalaccelerator_endpoint_group" {
+ cloudformation_type_name = "AWS::GlobalAccelerator::EndpointGroup"
+}
+
+resource_schema "aws_globalaccelerator_listener" {
+ cloudformation_type_name = "AWS::GlobalAccelerator::Listener"
+}
+
+resource_schema "aws_glue_registry" {
+ cloudformation_type_name = "AWS::Glue::Registry"
+}
+
+resource_schema "aws_glue_schema" {
+ cloudformation_type_name = "AWS::Glue::Schema"
+}
+
+resource_schema "aws_glue_schema_version" {
+ cloudformation_type_name = "AWS::Glue::SchemaVersion"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_glue_schema_version_metadata" {
+ cloudformation_type_name = "AWS::Glue::SchemaVersionMetadata"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_glue_trigger" {
+ cloudformation_type_name = "AWS::Glue::Trigger"
+}
+
+resource_schema "aws_grafana_workspace" {
+ cloudformation_type_name = "AWS::Grafana::Workspace"
+}
+
+resource_schema "aws_greengrassv2_component_version" {
+ cloudformation_type_name = "AWS::GreengrassV2::ComponentVersion"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_greengrassv2_deployment" {
+ cloudformation_type_name = "AWS::GreengrassV2::Deployment"
+}
+
+resource_schema "aws_groundstation_config" {
+ cloudformation_type_name = "AWS::GroundStation::Config"
+}
+
+resource_schema "aws_groundstation_dataflow_endpoint_group" {
+ cloudformation_type_name = "AWS::GroundStation::DataflowEndpointGroup"
+}
+
+resource_schema "aws_groundstation_mission_profile" {
+ cloudformation_type_name = "AWS::GroundStation::MissionProfile"
+}
+
+resource_schema "aws_guardduty_detector" {
+ cloudformation_type_name = "AWS::GuardDuty::Detector"
+}
+
+resource_schema "aws_guardduty_filter" {
+ cloudformation_type_name = "AWS::GuardDuty::Filter"
+}
+
+resource_schema "aws_guardduty_ip_set" {
+ cloudformation_type_name = "AWS::GuardDuty::IPSet"
+}
+
+resource_schema "aws_guardduty_malware_protection_plan" {
+ cloudformation_type_name = "AWS::GuardDuty::MalwareProtectionPlan"
+}
+
+resource_schema "aws_guardduty_master" {
+ cloudformation_type_name = "AWS::GuardDuty::Master"
+}
+
+resource_schema "aws_guardduty_member" {
+ cloudformation_type_name = "AWS::GuardDuty::Member"
+}
+
+resource_schema "aws_guardduty_threat_intel_set" {
+ cloudformation_type_name = "AWS::GuardDuty::ThreatIntelSet"
+}
+
+resource_schema "aws_healthimaging_datastore" {
+ cloudformation_type_name = "AWS::HealthImaging::Datastore"
+}
+
+resource_schema "aws_healthlake_fhir_datastore" {
+ cloudformation_type_name = "AWS::HealthLake::FHIRDatastore"
+}
+
+resource_schema "aws_iam_group" {
+ cloudformation_type_name = "AWS::IAM::Group"
+}
+
+resource_schema "aws_iam_group_policy" {
+ cloudformation_type_name = "AWS::IAM::GroupPolicy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_iam_instance_profile" {
+ cloudformation_type_name = "AWS::IAM::InstanceProfile"
+}
+
+resource_schema "aws_iam_managed_policy" {
+ cloudformation_type_name = "AWS::IAM::ManagedPolicy"
+}
+
+resource_schema "aws_iam_oidc_provider" {
+ cloudformation_type_name = "AWS::IAM::OIDCProvider"
+}
+
+resource_schema "aws_iam_role" {
+ cloudformation_type_name = "AWS::IAM::Role"
+}
+
+resource_schema "aws_iam_role_policy" {
+ cloudformation_type_name = "AWS::IAM::RolePolicy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_iam_saml_provider" {
+ cloudformation_type_name = "AWS::IAM::SAMLProvider"
+}
+
+resource_schema "aws_iam_server_certificate" {
+ cloudformation_type_name = "AWS::IAM::ServerCertificate"
+}
+
+resource_schema "aws_iam_service_linked_role" {
+ cloudformation_type_name = "AWS::IAM::ServiceLinkedRole"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_iam_user" {
+ cloudformation_type_name = "AWS::IAM::User"
+}
+
+resource_schema "aws_iam_user_policy" {
+ cloudformation_type_name = "AWS::IAM::UserPolicy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_iam_virtual_mfa_device" {
+ cloudformation_type_name = "AWS::IAM::VirtualMFADevice"
+}
+
+resource_schema "aws_ivs_channel" {
+ cloudformation_type_name = "AWS::IVS::Channel"
+}
+
+resource_schema "aws_ivs_encoder_configuration" {
+ cloudformation_type_name = "AWS::IVS::EncoderConfiguration"
+}
+
+resource_schema "aws_ivs_playback_key_pair" {
+ cloudformation_type_name = "AWS::IVS::PlaybackKeyPair"
+}
+
+resource_schema "aws_ivs_playback_restriction_policy" {
+ cloudformation_type_name = "AWS::IVS::PlaybackRestrictionPolicy"
+}
+
+resource_schema "aws_ivs_recording_configuration" {
+ cloudformation_type_name = "AWS::IVS::RecordingConfiguration"
+}
+
+resource_schema "aws_ivs_stage" {
+ cloudformation_type_name = "AWS::IVS::Stage"
+}
+
+resource_schema "aws_ivs_storage_configuration" {
+ cloudformation_type_name = "AWS::IVS::StorageConfiguration"
+}
+
+resource_schema "aws_ivs_stream_key" {
+ cloudformation_type_name = "AWS::IVS::StreamKey"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_ivschat_logging_configuration" {
+ cloudformation_type_name = "AWS::IVSChat::LoggingConfiguration"
+}
+
+resource_schema "aws_ivschat_room" {
+ cloudformation_type_name = "AWS::IVSChat::Room"
+}
+
+resource_schema "aws_identitystore_group" {
+ cloudformation_type_name = "AWS::IdentityStore::Group"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_identitystore_group_membership" {
+ cloudformation_type_name = "AWS::IdentityStore::GroupMembership"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_imagebuilder_component" {
+ cloudformation_type_name = "AWS::ImageBuilder::Component"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_imagebuilder_container_recipe" {
+ cloudformation_type_name = "AWS::ImageBuilder::ContainerRecipe"
+}
+
+resource_schema "aws_imagebuilder_distribution_configuration" {
+ cloudformation_type_name = "AWS::ImageBuilder::DistributionConfiguration"
+}
+
+resource_schema "aws_imagebuilder_image" {
+ cloudformation_type_name = "AWS::ImageBuilder::Image"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_imagebuilder_image_pipeline" {
+ cloudformation_type_name = "AWS::ImageBuilder::ImagePipeline"
+}
+
+resource_schema "aws_imagebuilder_image_recipe" {
+ cloudformation_type_name = "AWS::ImageBuilder::ImageRecipe"
+}
+
+resource_schema "aws_imagebuilder_infrastructure_configuration" {
+ cloudformation_type_name = "AWS::ImageBuilder::InfrastructureConfiguration"
+}
+
+resource_schema "aws_imagebuilder_lifecycle_policy" {
+ cloudformation_type_name = "AWS::ImageBuilder::LifecyclePolicy"
+}
+
+resource_schema "aws_imagebuilder_workflow" {
+ cloudformation_type_name = "AWS::ImageBuilder::Workflow"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_inspector_assessment_target" {
+ cloudformation_type_name = "AWS::Inspector::AssessmentTarget"
+}
+
+resource_schema "aws_inspector_assessment_template" {
+ cloudformation_type_name = "AWS::Inspector::AssessmentTemplate"
+}
+
+resource_schema "aws_inspector_resource_group" {
+ cloudformation_type_name = "AWS::Inspector::ResourceGroup"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_inspectorv2_cis_scan_configuration" {
+ cloudformation_type_name = "AWS::InspectorV2::CisScanConfiguration"
+}
+
+resource_schema "aws_inspectorv2_filter" {
+ cloudformation_type_name = "AWS::InspectorV2::Filter"
+}
+
+resource_schema "aws_internetmonitor_monitor" {
+ cloudformation_type_name = "AWS::InternetMonitor::Monitor"
+}
+
+resource_schema "aws_iot_account_audit_configuration" {
+ cloudformation_type_name = "AWS::IoT::AccountAuditConfiguration"
+}
+
+resource_schema "aws_iot_authorizer" {
+ cloudformation_type_name = "AWS::IoT::Authorizer"
+}
+
+resource_schema "aws_iot_billing_group" {
+ cloudformation_type_name = "AWS::IoT::BillingGroup"
+}
+
+resource_schema "aws_iot_ca_certificate" {
+ cloudformation_type_name = "AWS::IoT::CACertificate"
+}
+
+resource_schema "aws_iot_certificate" {
+ cloudformation_type_name = "AWS::IoT::Certificate"
+}
+
+resource_schema "aws_iot_certificate_provider" {
+ cloudformation_type_name = "AWS::IoT::CertificateProvider"
+}
+
+resource_schema "aws_iot_custom_metric" {
+ cloudformation_type_name = "AWS::IoT::CustomMetric"
+}
+
+resource_schema "aws_iot_dimension" {
+ cloudformation_type_name = "AWS::IoT::Dimension"
+}
+
+resource_schema "aws_iot_domain_configuration" {
+ cloudformation_type_name = "AWS::IoT::DomainConfiguration"
+}
+
+resource_schema "aws_iot_fleet_metric" {
+ cloudformation_type_name = "AWS::IoT::FleetMetric"
+}
+
+resource_schema "aws_iot_job_template" {
+ cloudformation_type_name = "AWS::IoT::JobTemplate"
+}
+
+resource_schema "aws_iot_logging" {
+ cloudformation_type_name = "AWS::IoT::Logging"
+}
+
+resource_schema "aws_iot_mitigation_action" {
+ cloudformation_type_name = "AWS::IoT::MitigationAction"
+}
+
+resource_schema "aws_iot_policy" {
+ cloudformation_type_name = "AWS::IoT::Policy"
+}
+
+resource_schema "aws_iot_provisioning_template" {
+ cloudformation_type_name = "AWS::IoT::ProvisioningTemplate"
+}
+
+resource_schema "aws_iot_resource_specific_logging" {
+ cloudformation_type_name = "AWS::IoT::ResourceSpecificLogging"
+}
+
+resource_schema "aws_iot_role_alias" {
+ cloudformation_type_name = "AWS::IoT::RoleAlias"
+}
+
+resource_schema "aws_iot_scheduled_audit" {
+ cloudformation_type_name = "AWS::IoT::ScheduledAudit"
+}
+
+resource_schema "aws_iot_security_profile" {
+ cloudformation_type_name = "AWS::IoT::SecurityProfile"
+}
+
+resource_schema "aws_iot_software_package" {
+ cloudformation_type_name = "AWS::IoT::SoftwarePackage"
+}
+
+resource_schema "aws_iot_software_package_version" {
+ cloudformation_type_name = "AWS::IoT::SoftwarePackageVersion"
+}
+
+resource_schema "aws_iot_thing" {
+ cloudformation_type_name = "AWS::IoT::Thing"
+}
+
+resource_schema "aws_iot_thing_group" {
+ cloudformation_type_name = "AWS::IoT::ThingGroup"
+}
+
+resource_schema "aws_iot_thing_type" {
+ cloudformation_type_name = "AWS::IoT::ThingType"
+}
+
+resource_schema "aws_iot_topic_rule" {
+ cloudformation_type_name = "AWS::IoT::TopicRule"
+}
+
+resource_schema "aws_iot_topic_rule_destination" {
+ cloudformation_type_name = "AWS::IoT::TopicRuleDestination"
+}
+
+resource_schema "aws_iotanalytics_channel" {
+ cloudformation_type_name = "AWS::IoTAnalytics::Channel"
+}
+
+resource_schema "aws_iotanalytics_dataset" {
+ cloudformation_type_name = "AWS::IoTAnalytics::Dataset"
+}
+
+resource_schema "aws_iotanalytics_datastore" {
+ cloudformation_type_name = "AWS::IoTAnalytics::Datastore"
+}
+
+resource_schema "aws_iotanalytics_pipeline" {
+ cloudformation_type_name = "AWS::IoTAnalytics::Pipeline"
+}
+
+resource_schema "aws_iotcoredeviceadvisor_suite_definition" {
+ cloudformation_type_name = "AWS::IoTCoreDeviceAdvisor::SuiteDefinition"
+}
+
+resource_schema "aws_iotevents_alarm_model" {
+ cloudformation_type_name = "AWS::IoTEvents::AlarmModel"
+}
+
+resource_schema "aws_iotevents_detector_model" {
+ cloudformation_type_name = "AWS::IoTEvents::DetectorModel"
+}
+
+resource_schema "aws_iotevents_input" {
+ cloudformation_type_name = "AWS::IoTEvents::Input"
+}
+
+resource_schema "aws_iotfleethub_application" {
+ cloudformation_type_name = "AWS::IoTFleetHub::Application"
+}
+
+resource_schema "aws_iotfleetwise_campaign" {
+ cloudformation_type_name = "AWS::IoTFleetWise::Campaign"
+}
+
+resource_schema "aws_iotfleetwise_decoder_manifest" {
+ cloudformation_type_name = "AWS::IoTFleetWise::DecoderManifest"
+}
+
+resource_schema "aws_iotfleetwise_fleet" {
+ cloudformation_type_name = "AWS::IoTFleetWise::Fleet"
+}
+
+resource_schema "aws_iotfleetwise_model_manifest" {
+ cloudformation_type_name = "AWS::IoTFleetWise::ModelManifest"
+}
+
+resource_schema "aws_iotfleetwise_signal_catalog" {
+ cloudformation_type_name = "AWS::IoTFleetWise::SignalCatalog"
+}
+
+resource_schema "aws_iotfleetwise_vehicle" {
+ cloudformation_type_name = "AWS::IoTFleetWise::Vehicle"
+}
+
+resource_schema "aws_iotsitewise_access_policy" {
+ cloudformation_type_name = "AWS::IoTSiteWise::AccessPolicy"
+}
+
+resource_schema "aws_iotsitewise_asset" {
+ cloudformation_type_name = "AWS::IoTSiteWise::Asset"
+}
+
+resource_schema "aws_iotsitewise_asset_model" {
+ cloudformation_type_name = "AWS::IoTSiteWise::AssetModel"
+}
+
+resource_schema "aws_iotsitewise_dashboard" {
+ cloudformation_type_name = "AWS::IoTSiteWise::Dashboard"
+}
+
+resource_schema "aws_iotsitewise_gateway" {
+ cloudformation_type_name = "AWS::IoTSiteWise::Gateway"
+}
+
+resource_schema "aws_iotsitewise_portal" {
+ cloudformation_type_name = "AWS::IoTSiteWise::Portal"
+}
+
+resource_schema "aws_iotsitewise_project" {
+ cloudformation_type_name = "AWS::IoTSiteWise::Project"
+}
+
+resource_schema "aws_iottwinmaker_component_type" {
+ cloudformation_type_name = "AWS::IoTTwinMaker::ComponentType"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_iottwinmaker_entity" {
+ cloudformation_type_name = "AWS::IoTTwinMaker::Entity"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_iottwinmaker_scene" {
+ cloudformation_type_name = "AWS::IoTTwinMaker::Scene"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_iottwinmaker_sync_job" {
+ cloudformation_type_name = "AWS::IoTTwinMaker::SyncJob"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_iottwinmaker_workspace" {
+ cloudformation_type_name = "AWS::IoTTwinMaker::Workspace"
+}
+
+resource_schema "aws_iotwireless_destination" {
+ cloudformation_type_name = "AWS::IoTWireless::Destination"
+}
+
+resource_schema "aws_iotwireless_device_profile" {
+ cloudformation_type_name = "AWS::IoTWireless::DeviceProfile"
+}
+
+resource_schema "aws_iotwireless_fuota_task" {
+ cloudformation_type_name = "AWS::IoTWireless::FuotaTask"
+}
+
+resource_schema "aws_iotwireless_multicast_group" {
+ cloudformation_type_name = "AWS::IoTWireless::MulticastGroup"
+}
+
+resource_schema "aws_iotwireless_network_analyzer_configuration" {
+ cloudformation_type_name = "AWS::IoTWireless::NetworkAnalyzerConfiguration"
+}
+
+resource_schema "aws_iotwireless_partner_account" {
+ cloudformation_type_name = "AWS::IoTWireless::PartnerAccount"
+}
+
+resource_schema "aws_iotwireless_service_profile" {
+ cloudformation_type_name = "AWS::IoTWireless::ServiceProfile"
+}
+
+resource_schema "aws_iotwireless_task_definition" {
+ cloudformation_type_name = "AWS::IoTWireless::TaskDefinition"
+}
+
+resource_schema "aws_iotwireless_wireless_device" {
+ cloudformation_type_name = "AWS::IoTWireless::WirelessDevice"
+}
+
+resource_schema "aws_iotwireless_wireless_device_import_task" {
+ cloudformation_type_name = "AWS::IoTWireless::WirelessDeviceImportTask"
+}
+
+resource_schema "aws_iotwireless_wireless_gateway" {
+ cloudformation_type_name = "AWS::IoTWireless::WirelessGateway"
+}
+
+resource_schema "aws_kms_alias" {
+ cloudformation_type_name = "AWS::KMS::Alias"
+}
+
+resource_schema "aws_kms_key" {
+ cloudformation_type_name = "AWS::KMS::Key"
+}
+
+resource_schema "aws_kms_replica_key" {
+ cloudformation_type_name = "AWS::KMS::ReplicaKey"
+}
+
+resource_schema "aws_kafkaconnect_connector" {
+ cloudformation_type_name = "AWS::KafkaConnect::Connector"
+}
+
+resource_schema "aws_kafkaconnect_custom_plugin" {
+ cloudformation_type_name = "AWS::KafkaConnect::CustomPlugin"
+}
+
+resource_schema "aws_kafkaconnect_worker_configuration" {
+ cloudformation_type_name = "AWS::KafkaConnect::WorkerConfiguration"
+}
+
+resource_schema "aws_kendra_data_source" {
+ cloudformation_type_name = "AWS::Kendra::DataSource"
+}
+
+resource_schema "aws_kendra_faq" {
+ cloudformation_type_name = "AWS::Kendra::Faq"
+}
+
+resource_schema "aws_kendra_index" {
+ cloudformation_type_name = "AWS::Kendra::Index"
+}
+
+resource_schema "aws_kendraranking_execution_plan" {
+ cloudformation_type_name = "AWS::KendraRanking::ExecutionPlan"
+}
+
+resource_schema "aws_kinesis_stream" {
+ cloudformation_type_name = "AWS::Kinesis::Stream"
+}
+
+resource_schema "aws_kinesisanalyticsv2_application" {
+ cloudformation_type_name = "AWS::KinesisAnalyticsV2::Application"
+}
+
+resource_schema "aws_kinesisfirehose_delivery_stream" {
+ cloudformation_type_name = "AWS::KinesisFirehose::DeliveryStream"
+}
+
+resource_schema "aws_kinesisvideo_signaling_channel" {
+ cloudformation_type_name = "AWS::KinesisVideo::SignalingChannel"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_kinesisvideo_stream" {
+ cloudformation_type_name = "AWS::KinesisVideo::Stream"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_lakeformation_data_cells_filter" {
+ cloudformation_type_name = "AWS::LakeFormation::DataCellsFilter"
+}
+
+resource_schema "aws_lakeformation_principal_permissions" {
+ cloudformation_type_name = "AWS::LakeFormation::PrincipalPermissions"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_lakeformation_tag" {
+ cloudformation_type_name = "AWS::LakeFormation::Tag"
+}
+
+resource_schema "aws_lakeformation_tag_association" {
+ cloudformation_type_name = "AWS::LakeFormation::TagAssociation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_lambda_alias" {
+ cloudformation_type_name = "AWS::Lambda::Alias"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_lambda_code_signing_config" {
+ cloudformation_type_name = "AWS::Lambda::CodeSigningConfig"
+}
+
+resource_schema "aws_lambda_event_invoke_config" {
+ cloudformation_type_name = "AWS::Lambda::EventInvokeConfig"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_lambda_event_source_mapping" {
+ cloudformation_type_name = "AWS::Lambda::EventSourceMapping"
+}
+
+resource_schema "aws_lambda_function" {
+ cloudformation_type_name = "AWS::Lambda::Function"
+}
+
+resource_schema "aws_lambda_layer_version" {
+ cloudformation_type_name = "AWS::Lambda::LayerVersion"
+}
+
+resource_schema "aws_lambda_layer_version_permission" {
+ cloudformation_type_name = "AWS::Lambda::LayerVersionPermission"
+}
+
+resource_schema "aws_lambda_permission" {
+ cloudformation_type_name = "AWS::Lambda::Permission"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_lambda_url" {
+ cloudformation_type_name = "AWS::Lambda::Url"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_lambda_version" {
+ cloudformation_type_name = "AWS::Lambda::Version"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_launchwizard_deployment" {
+ cloudformation_type_name = "AWS::LaunchWizard::Deployment"
+}
+
+resource_schema "aws_lex_bot" {
+ cloudformation_type_name = "AWS::Lex::Bot"
+}
+
+resource_schema "aws_lex_bot_alias" {
+ cloudformation_type_name = "AWS::Lex::BotAlias"
+}
+
+resource_schema "aws_lex_bot_version" {
+ cloudformation_type_name = "AWS::Lex::BotVersion"
+}
+
+resource_schema "aws_lex_resource_policy" {
+ cloudformation_type_name = "AWS::Lex::ResourcePolicy"
+}
+
+resource_schema "aws_licensemanager_grant" {
+ cloudformation_type_name = "AWS::LicenseManager::Grant"
+}
+
+resource_schema "aws_licensemanager_license" {
+ cloudformation_type_name = "AWS::LicenseManager::License"
+}
+
+resource_schema "aws_lightsail_alarm" {
+ cloudformation_type_name = "AWS::Lightsail::Alarm"
+}
+
+resource_schema "aws_lightsail_bucket" {
+ cloudformation_type_name = "AWS::Lightsail::Bucket"
+}
+
+resource_schema "aws_lightsail_certificate" {
+ cloudformation_type_name = "AWS::Lightsail::Certificate"
+}
+
+resource_schema "aws_lightsail_container" {
+ cloudformation_type_name = "AWS::Lightsail::Container"
+}
+
+resource_schema "aws_lightsail_database" {
+ cloudformation_type_name = "AWS::Lightsail::Database"
+}
+
+resource_schema "aws_lightsail_disk" {
+ cloudformation_type_name = "AWS::Lightsail::Disk"
+}
+
+resource_schema "aws_lightsail_distribution" {
+ cloudformation_type_name = "AWS::Lightsail::Distribution"
+}
+
+resource_schema "aws_lightsail_instance" {
+ cloudformation_type_name = "AWS::Lightsail::Instance"
+}
+
+resource_schema "aws_lightsail_load_balancer" {
+ cloudformation_type_name = "AWS::Lightsail::LoadBalancer"
+}
+
+resource_schema "aws_lightsail_load_balancer_tls_certificate" {
+ cloudformation_type_name = "AWS::Lightsail::LoadBalancerTlsCertificate"
+}
+
+resource_schema "aws_lightsail_static_ip" {
+ cloudformation_type_name = "AWS::Lightsail::StaticIp"
+}
+
+resource_schema "aws_location_api_key" {
+ cloudformation_type_name = "AWS::Location::APIKey"
+}
+
+resource_schema "aws_location_geofence_collection" {
+ cloudformation_type_name = "AWS::Location::GeofenceCollection"
+}
+
+resource_schema "aws_location_map" {
+ cloudformation_type_name = "AWS::Location::Map"
+}
+
+resource_schema "aws_location_place_index" {
+ cloudformation_type_name = "AWS::Location::PlaceIndex"
+}
+
+resource_schema "aws_location_route_calculator" {
+ cloudformation_type_name = "AWS::Location::RouteCalculator"
+}
+
+resource_schema "aws_location_tracker" {
+ cloudformation_type_name = "AWS::Location::Tracker"
+}
+
+resource_schema "aws_location_tracker_consumer" {
+ cloudformation_type_name = "AWS::Location::TrackerConsumer"
+}
+
+resource_schema "aws_logs_account_policy" {
+ cloudformation_type_name = "AWS::Logs::AccountPolicy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_logs_delivery" {
+ cloudformation_type_name = "AWS::Logs::Delivery"
+}
+
+resource_schema "aws_logs_delivery_destination" {
+ cloudformation_type_name = "AWS::Logs::DeliveryDestination"
+}
+
+resource_schema "aws_logs_delivery_source" {
+ cloudformation_type_name = "AWS::Logs::DeliverySource"
+}
+
+resource_schema "aws_logs_destination" {
+ cloudformation_type_name = "AWS::Logs::Destination"
+}
+
+resource_schema "aws_logs_log_anomaly_detector" {
+ cloudformation_type_name = "AWS::Logs::LogAnomalyDetector"
+}
+
+resource_schema "aws_logs_log_group" {
+ cloudformation_type_name = "AWS::Logs::LogGroup"
+}
+
+resource_schema "aws_logs_log_stream" {
+ cloudformation_type_name = "AWS::Logs::LogStream"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_logs_metric_filter" {
+ cloudformation_type_name = "AWS::Logs::MetricFilter"
+}
+
+resource_schema "aws_logs_query_definition" {
+ cloudformation_type_name = "AWS::Logs::QueryDefinition"
+}
+
+resource_schema "aws_logs_resource_policy" {
+ cloudformation_type_name = "AWS::Logs::ResourcePolicy"
+}
+
+resource_schema "aws_logs_subscription_filter" {
+ cloudformation_type_name = "AWS::Logs::SubscriptionFilter"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_lookoutequipment_inference_scheduler" {
+ cloudformation_type_name = "AWS::LookoutEquipment::InferenceScheduler"
+}
+
+resource_schema "aws_lookoutmetrics_alert" {
+ cloudformation_type_name = "AWS::LookoutMetrics::Alert"
+}
+
+resource_schema "aws_lookoutmetrics_anomaly_detector" {
+ cloudformation_type_name = "AWS::LookoutMetrics::AnomalyDetector"
+}
+
+resource_schema "aws_lookoutvision_project" {
+ cloudformation_type_name = "AWS::LookoutVision::Project"
+}
+
+resource_schema "aws_m2_application" {
+ cloudformation_type_name = "AWS::M2::Application"
+}
+
+resource_schema "aws_m2_environment" {
+ cloudformation_type_name = "AWS::M2::Environment"
+}
+
+resource_schema "aws_msk_batch_scram_secret" {
+ cloudformation_type_name = "AWS::MSK::BatchScramSecret"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_msk_cluster" {
+ cloudformation_type_name = "AWS::MSK::Cluster"
+}
+
+resource_schema "aws_msk_cluster_policy" {
+ cloudformation_type_name = "AWS::MSK::ClusterPolicy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_msk_configuration" {
+ cloudformation_type_name = "AWS::MSK::Configuration"
+}
+
+resource_schema "aws_msk_replicator" {
+ cloudformation_type_name = "AWS::MSK::Replicator"
+}
+
+resource_schema "aws_msk_serverless_cluster" {
+ cloudformation_type_name = "AWS::MSK::ServerlessCluster"
+}
+
+resource_schema "aws_msk_vpc_connection" {
+ cloudformation_type_name = "AWS::MSK::VpcConnection"
+}
+
+resource_schema "aws_mwaa_environment" {
+ cloudformation_type_name = "AWS::MWAA::Environment"
+}
+
+resource_schema "aws_macie_allow_list" {
+ cloudformation_type_name = "AWS::Macie::AllowList"
+}
+
+resource_schema "aws_macie_custom_data_identifier" {
+ cloudformation_type_name = "AWS::Macie::CustomDataIdentifier"
+}
+
+resource_schema "aws_macie_findings_filter" {
+ cloudformation_type_name = "AWS::Macie::FindingsFilter"
+}
+
+resource_schema "aws_macie_session" {
+ cloudformation_type_name = "AWS::Macie::Session"
+}
+
+resource_schema "aws_managedblockchain_accessor" {
+ cloudformation_type_name = "AWS::ManagedBlockchain::Accessor"
+}
+
+resource_schema "aws_mediaconnect_bridge" {
+ cloudformation_type_name = "AWS::MediaConnect::Bridge"
+}
+
+resource_schema "aws_mediaconnect_bridge_output" {
+ cloudformation_type_name = "AWS::MediaConnect::BridgeOutput"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_mediaconnect_bridge_source" {
+ cloudformation_type_name = "AWS::MediaConnect::BridgeSource"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_mediaconnect_flow" {
+ cloudformation_type_name = "AWS::MediaConnect::Flow"
+}
+
+resource_schema "aws_mediaconnect_flow_entitlement" {
+ cloudformation_type_name = "AWS::MediaConnect::FlowEntitlement"
+}
+
+resource_schema "aws_mediaconnect_flow_output" {
+ cloudformation_type_name = "AWS::MediaConnect::FlowOutput"
+}
+
+resource_schema "aws_mediaconnect_flow_source" {
+ cloudformation_type_name = "AWS::MediaConnect::FlowSource"
+}
+
+resource_schema "aws_mediaconnect_flow_vpc_interface" {
+ cloudformation_type_name = "AWS::MediaConnect::FlowVpcInterface"
+}
+
+resource_schema "aws_mediaconnect_gateway" {
+ cloudformation_type_name = "AWS::MediaConnect::Gateway"
+}
+
+resource_schema "aws_medialive_multiplex" {
+ cloudformation_type_name = "AWS::MediaLive::Multiplex"
+}
+
+resource_schema "aws_medialive_multiplexprogram" {
+ cloudformation_type_name = "AWS::MediaLive::Multiplexprogram"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_mediapackage_asset" {
+ cloudformation_type_name = "AWS::MediaPackage::Asset"
+}
+
+resource_schema "aws_mediapackage_channel" {
+ cloudformation_type_name = "AWS::MediaPackage::Channel"
+}
+
+resource_schema "aws_mediapackage_origin_endpoint" {
+ cloudformation_type_name = "AWS::MediaPackage::OriginEndpoint"
+}
+
+resource_schema "aws_mediapackage_packaging_configuration" {
+ cloudformation_type_name = "AWS::MediaPackage::PackagingConfiguration"
+}
+
+resource_schema "aws_mediapackage_packaging_group" {
+ cloudformation_type_name = "AWS::MediaPackage::PackagingGroup"
+}
+
+resource_schema "aws_mediapackagev2_channel" {
+ cloudformation_type_name = "AWS::MediaPackageV2::Channel"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_mediapackagev2_channel_group" {
+ cloudformation_type_name = "AWS::MediaPackageV2::ChannelGroup"
+}
+
+resource_schema "aws_mediapackagev2_channel_policy" {
+ cloudformation_type_name = "AWS::MediaPackageV2::ChannelPolicy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_mediapackagev2_origin_endpoint" {
+ cloudformation_type_name = "AWS::MediaPackageV2::OriginEndpoint"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_mediapackagev2_origin_endpoint_policy" {
+ cloudformation_type_name = "AWS::MediaPackageV2::OriginEndpointPolicy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_mediatailor_channel" {
+ cloudformation_type_name = "AWS::MediaTailor::Channel"
+}
+
+resource_schema "aws_mediatailor_channel_policy" {
+ cloudformation_type_name = "AWS::MediaTailor::ChannelPolicy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_mediatailor_live_source" {
+ cloudformation_type_name = "AWS::MediaTailor::LiveSource"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_mediatailor_playback_configuration" {
+ cloudformation_type_name = "AWS::MediaTailor::PlaybackConfiguration"
+}
+
+resource_schema "aws_mediatailor_source_location" {
+ cloudformation_type_name = "AWS::MediaTailor::SourceLocation"
+}
+
+resource_schema "aws_mediatailor_vod_source" {
+ cloudformation_type_name = "AWS::MediaTailor::VodSource"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_memorydb_acl" {
+ cloudformation_type_name = "AWS::MemoryDB::ACL"
+}
+
+resource_schema "aws_memorydb_cluster" {
+ cloudformation_type_name = "AWS::MemoryDB::Cluster"
+}
+
+resource_schema "aws_memorydb_parameter_group" {
+ cloudformation_type_name = "AWS::MemoryDB::ParameterGroup"
+}
+
+resource_schema "aws_memorydb_subnet_group" {
+ cloudformation_type_name = "AWS::MemoryDB::SubnetGroup"
+}
+
+resource_schema "aws_memorydb_user" {
+ cloudformation_type_name = "AWS::MemoryDB::User"
+}
+
+resource_schema "aws_neptune_db_cluster" {
+ cloudformation_type_name = "AWS::Neptune::DBCluster"
+}
+
+resource_schema "aws_neptunegraph_graph" {
+ cloudformation_type_name = "AWS::NeptuneGraph::Graph"
+}
+
+resource_schema "aws_neptunegraph_private_graph_endpoint" {
+ cloudformation_type_name = "AWS::NeptuneGraph::PrivateGraphEndpoint"
+}
+
+resource_schema "aws_networkfirewall_firewall" {
+ cloudformation_type_name = "AWS::NetworkFirewall::Firewall"
+}
+
+resource_schema "aws_networkfirewall_firewall_policy" {
+ cloudformation_type_name = "AWS::NetworkFirewall::FirewallPolicy"
+}
+
+resource_schema "aws_networkfirewall_logging_configuration" {
+ cloudformation_type_name = "AWS::NetworkFirewall::LoggingConfiguration"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_networkfirewall_rule_group" {
+ cloudformation_type_name = "AWS::NetworkFirewall::RuleGroup"
+}
+
+resource_schema "aws_networkfirewall_tls_inspection_configuration" {
+ cloudformation_type_name = "AWS::NetworkFirewall::TLSInspectionConfiguration"
+}
+
+resource_schema "aws_networkmanager_connect_attachment" {
+ cloudformation_type_name = "AWS::NetworkManager::ConnectAttachment"
+}
+
+resource_schema "aws_networkmanager_connect_peer" {
+ cloudformation_type_name = "AWS::NetworkManager::ConnectPeer"
+}
+
+resource_schema "aws_networkmanager_core_network" {
+ cloudformation_type_name = "AWS::NetworkManager::CoreNetwork"
+}
+
+resource_schema "aws_networkmanager_customer_gateway_association" {
+ cloudformation_type_name = "AWS::NetworkManager::CustomerGatewayAssociation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_networkmanager_device" {
+ cloudformation_type_name = "AWS::NetworkManager::Device"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_networkmanager_global_network" {
+ cloudformation_type_name = "AWS::NetworkManager::GlobalNetwork"
+}
+
+resource_schema "aws_networkmanager_link" {
+ cloudformation_type_name = "AWS::NetworkManager::Link"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_networkmanager_link_association" {
+ cloudformation_type_name = "AWS::NetworkManager::LinkAssociation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_networkmanager_site" {
+ cloudformation_type_name = "AWS::NetworkManager::Site"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_networkmanager_site_to_site_vpn_attachment" {
+ cloudformation_type_name = "AWS::NetworkManager::SiteToSiteVpnAttachment"
+}
+
+resource_schema "aws_networkmanager_transit_gateway_peering" {
+ cloudformation_type_name = "AWS::NetworkManager::TransitGatewayPeering"
+}
+
+resource_schema "aws_networkmanager_transit_gateway_registration" {
+ cloudformation_type_name = "AWS::NetworkManager::TransitGatewayRegistration"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_networkmanager_transit_gateway_route_table_attachment" {
+ cloudformation_type_name = "AWS::NetworkManager::TransitGatewayRouteTableAttachment"
+}
+
+resource_schema "aws_networkmanager_vpc_attachment" {
+ cloudformation_type_name = "AWS::NetworkManager::VpcAttachment"
+}
+
+resource_schema "aws_nimblestudio_launch_profile" {
+ cloudformation_type_name = "AWS::NimbleStudio::LaunchProfile"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_nimblestudio_streaming_image" {
+ cloudformation_type_name = "AWS::NimbleStudio::StreamingImage"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_nimblestudio_studio" {
+ cloudformation_type_name = "AWS::NimbleStudio::Studio"
+}
+
+resource_schema "aws_nimblestudio_studio_component" {
+ cloudformation_type_name = "AWS::NimbleStudio::StudioComponent"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_osis_pipeline" {
+ cloudformation_type_name = "AWS::OSIS::Pipeline"
+}
+
+resource_schema "aws_oam_link" {
+ cloudformation_type_name = "AWS::Oam::Link"
+}
+
+resource_schema "aws_oam_sink" {
+ cloudformation_type_name = "AWS::Oam::Sink"
+}
+
+resource_schema "aws_omics_annotation_store" {
+ cloudformation_type_name = "AWS::Omics::AnnotationStore"
+}
+
+resource_schema "aws_omics_reference_store" {
+ cloudformation_type_name = "AWS::Omics::ReferenceStore"
+}
+
+resource_schema "aws_omics_run_group" {
+ cloudformation_type_name = "AWS::Omics::RunGroup"
+}
+
+resource_schema "aws_omics_sequence_store" {
+ cloudformation_type_name = "AWS::Omics::SequenceStore"
+}
+
+resource_schema "aws_omics_variant_store" {
+ cloudformation_type_name = "AWS::Omics::VariantStore"
+}
+
+resource_schema "aws_omics_workflow" {
+ cloudformation_type_name = "AWS::Omics::Workflow"
+}
+
+resource_schema "aws_opensearchserverless_access_policy" {
+ cloudformation_type_name = "AWS::OpenSearchServerless::AccessPolicy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_opensearchserverless_collection" {
+ cloudformation_type_name = "AWS::OpenSearchServerless::Collection"
+}
+
+resource_schema "aws_opensearchserverless_lifecycle_policy" {
+ cloudformation_type_name = "AWS::OpenSearchServerless::LifecyclePolicy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_opensearchserverless_security_config" {
+ cloudformation_type_name = "AWS::OpenSearchServerless::SecurityConfig"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_opensearchserverless_security_policy" {
+ cloudformation_type_name = "AWS::OpenSearchServerless::SecurityPolicy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_opensearchserverless_vpc_endpoint" {
+ cloudformation_type_name = "AWS::OpenSearchServerless::VpcEndpoint"
+}
+
+resource_schema "aws_opensearchservice_domain" {
+ cloudformation_type_name = "AWS::OpenSearchService::Domain"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_opsworkscm_server" {
+ cloudformation_type_name = "AWS::OpsWorksCM::Server"
+}
+
+resource_schema "aws_organizations_account" {
+ cloudformation_type_name = "AWS::Organizations::Account"
+}
+
+resource_schema "aws_organizations_organization" {
+ cloudformation_type_name = "AWS::Organizations::Organization"
+}
+
+resource_schema "aws_organizations_organizational_unit" {
+ cloudformation_type_name = "AWS::Organizations::OrganizationalUnit"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_organizations_policy" {
+ cloudformation_type_name = "AWS::Organizations::Policy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_organizations_resource_policy" {
+ cloudformation_type_name = "AWS::Organizations::ResourcePolicy"
+}
+
+resource_schema "aws_pcaconnectorad_connector" {
+ cloudformation_type_name = "AWS::PCAConnectorAD::Connector"
+}
+
+resource_schema "aws_pcaconnectorad_directory_registration" {
+ cloudformation_type_name = "AWS::PCAConnectorAD::DirectoryRegistration"
+}
+
+resource_schema "aws_pcaconnectorad_service_principal_name" {
+ cloudformation_type_name = "AWS::PCAConnectorAD::ServicePrincipalName"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_pcaconnectorad_template" {
+ cloudformation_type_name = "AWS::PCAConnectorAD::Template"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_pcaconnectorad_template_group_access_control_entry" {
+ cloudformation_type_name = "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_panorama_application_instance" {
+ cloudformation_type_name = "AWS::Panorama::ApplicationInstance"
+}
+
+resource_schema "aws_panorama_package" {
+ cloudformation_type_name = "AWS::Panorama::Package"
+}
+
+resource_schema "aws_panorama_package_version" {
+ cloudformation_type_name = "AWS::Panorama::PackageVersion"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_paymentcryptography_alias" {
+ cloudformation_type_name = "AWS::PaymentCryptography::Alias"
+}
+
+resource_schema "aws_paymentcryptography_key" {
+ cloudformation_type_name = "AWS::PaymentCryptography::Key"
+}
+
+resource_schema "aws_personalize_dataset" {
+ cloudformation_type_name = "AWS::Personalize::Dataset"
+}
+
+resource_schema "aws_personalize_dataset_group" {
+ cloudformation_type_name = "AWS::Personalize::DatasetGroup"
+}
+
+resource_schema "aws_personalize_schema" {
+ cloudformation_type_name = "AWS::Personalize::Schema"
+}
+
+resource_schema "aws_personalize_solution" {
+ cloudformation_type_name = "AWS::Personalize::Solution"
+}
+
+resource_schema "aws_pinpoint_in_app_template" {
+ cloudformation_type_name = "AWS::Pinpoint::InAppTemplate"
+}
+
+resource_schema "aws_pipes_pipe" {
+ cloudformation_type_name = "AWS::Pipes::Pipe"
+}
+
+resource_schema "aws_proton_environment_account_connection" {
+ cloudformation_type_name = "AWS::Proton::EnvironmentAccountConnection"
+}
+
+resource_schema "aws_proton_environment_template" {
+ cloudformation_type_name = "AWS::Proton::EnvironmentTemplate"
+}
+
+resource_schema "aws_proton_service_template" {
+ cloudformation_type_name = "AWS::Proton::ServiceTemplate"
+}
+
+resource_schema "aws_qbusiness_application" {
+ cloudformation_type_name = "AWS::QBusiness::Application"
+}
+
+resource_schema "aws_qbusiness_data_source" {
+ cloudformation_type_name = "AWS::QBusiness::DataSource"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_qbusiness_index" {
+ cloudformation_type_name = "AWS::QBusiness::Index"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_qbusiness_plugin" {
+ cloudformation_type_name = "AWS::QBusiness::Plugin"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_qbusiness_retriever" {
+ cloudformation_type_name = "AWS::QBusiness::Retriever"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_qbusiness_web_experience" {
+ cloudformation_type_name = "AWS::QBusiness::WebExperience"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_qldb_stream" {
+ cloudformation_type_name = "AWS::QLDB::Stream"
+}
+
+resource_schema "aws_quicksight_analysis" {
+ cloudformation_type_name = "AWS::QuickSight::Analysis"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_quicksight_dashboard" {
+ cloudformation_type_name = "AWS::QuickSight::Dashboard"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_quicksight_data_set" {
+ cloudformation_type_name = "AWS::QuickSight::DataSet"
+}
+
+resource_schema "aws_quicksight_data_source" {
+ cloudformation_type_name = "AWS::QuickSight::DataSource"
+}
+
+resource_schema "aws_quicksight_refresh_schedule" {
+ cloudformation_type_name = "AWS::QuickSight::RefreshSchedule"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_quicksight_template" {
+ cloudformation_type_name = "AWS::QuickSight::Template"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_quicksight_theme" {
+ cloudformation_type_name = "AWS::QuickSight::Theme"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_quicksight_topic" {
+ cloudformation_type_name = "AWS::QuickSight::Topic"
+}
+
+resource_schema "aws_quicksight_vpc_connection" {
+ cloudformation_type_name = "AWS::QuickSight::VPCConnection"
+}
+
+resource_schema "aws_ram_permission" {
+ cloudformation_type_name = "AWS::RAM::Permission"
+}
+
+resource_schema "aws_rds_custom_db_engine_version" {
+ cloudformation_type_name = "AWS::RDS::CustomDBEngineVersion"
+}
+
+resource_schema "aws_rds_db_cluster" {
+ cloudformation_type_name = "AWS::RDS::DBCluster"
+}
+
+resource_schema "aws_rds_db_cluster_parameter_group" {
+ cloudformation_type_name = "AWS::RDS::DBClusterParameterGroup"
+}
+
+resource_schema "aws_rds_db_instance" {
+ cloudformation_type_name = "AWS::RDS::DBInstance"
+}
+
+resource_schema "aws_rds_db_parameter_group" {
+ cloudformation_type_name = "AWS::RDS::DBParameterGroup"
+}
+
+resource_schema "aws_rds_db_proxy" {
+ cloudformation_type_name = "AWS::RDS::DBProxy"
+}
+
+resource_schema "aws_rds_db_proxy_endpoint" {
+ cloudformation_type_name = "AWS::RDS::DBProxyEndpoint"
+}
+
+resource_schema "aws_rds_db_proxy_target_group" {
+ cloudformation_type_name = "AWS::RDS::DBProxyTargetGroup"
+}
+
+resource_schema "aws_rds_db_subnet_group" {
+ cloudformation_type_name = "AWS::RDS::DBSubnetGroup"
+}
+
+resource_schema "aws_rds_event_subscription" {
+ cloudformation_type_name = "AWS::RDS::EventSubscription"
+}
+
+resource_schema "aws_rds_global_cluster" {
+ cloudformation_type_name = "AWS::RDS::GlobalCluster"
+}
+
+resource_schema "aws_rds_integration" {
+ cloudformation_type_name = "AWS::RDS::Integration"
+}
+
+resource_schema "aws_rds_option_group" {
+ cloudformation_type_name = "AWS::RDS::OptionGroup"
+}
+
+resource_schema "aws_rum_app_monitor" {
+ cloudformation_type_name = "AWS::RUM::AppMonitor"
+}
+
+resource_schema "aws_redshift_cluster" {
+ cloudformation_type_name = "AWS::Redshift::Cluster"
+}
+
+resource_schema "aws_redshift_cluster_parameter_group" {
+ cloudformation_type_name = "AWS::Redshift::ClusterParameterGroup"
+}
+
+resource_schema "aws_redshift_cluster_subnet_group" {
+ cloudformation_type_name = "AWS::Redshift::ClusterSubnetGroup"
+}
+
+resource_schema "aws_redshift_endpoint_access" {
+ cloudformation_type_name = "AWS::Redshift::EndpointAccess"
+}
+
+resource_schema "aws_redshift_endpoint_authorization" {
+ cloudformation_type_name = "AWS::Redshift::EndpointAuthorization"
+}
+
+resource_schema "aws_redshift_event_subscription" {
+ cloudformation_type_name = "AWS::Redshift::EventSubscription"
+}
+
+resource_schema "aws_redshift_scheduled_action" {
+ cloudformation_type_name = "AWS::Redshift::ScheduledAction"
+}
+
+resource_schema "aws_redshiftserverless_namespace" {
+ cloudformation_type_name = "AWS::RedshiftServerless::Namespace"
+}
+
+resource_schema "aws_redshiftserverless_workgroup" {
+ cloudformation_type_name = "AWS::RedshiftServerless::Workgroup"
+}
+
+resource_schema "aws_refactorspaces_application" {
+ cloudformation_type_name = "AWS::RefactorSpaces::Application"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_refactorspaces_environment" {
+ cloudformation_type_name = "AWS::RefactorSpaces::Environment"
+}
+
+resource_schema "aws_refactorspaces_route" {
+ cloudformation_type_name = "AWS::RefactorSpaces::Route"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_refactorspaces_service" {
+ cloudformation_type_name = "AWS::RefactorSpaces::Service"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_rekognition_collection" {
+ cloudformation_type_name = "AWS::Rekognition::Collection"
+}
+
+resource_schema "aws_rekognition_project" {
+ cloudformation_type_name = "AWS::Rekognition::Project"
+}
+
+resource_schema "aws_rekognition_stream_processor" {
+ cloudformation_type_name = "AWS::Rekognition::StreamProcessor"
+}
+
+resource_schema "aws_resiliencehub_app" {
+ cloudformation_type_name = "AWS::ResilienceHub::App"
+}
+
+resource_schema "aws_resiliencehub_resiliency_policy" {
+ cloudformation_type_name = "AWS::ResilienceHub::ResiliencyPolicy"
+}
+
+resource_schema "aws_resourceexplorer2_default_view_association" {
+ cloudformation_type_name = "AWS::ResourceExplorer2::DefaultViewAssociation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_resourceexplorer2_index" {
+ cloudformation_type_name = "AWS::ResourceExplorer2::Index"
+}
+
+resource_schema "aws_resourceexplorer2_view" {
+ cloudformation_type_name = "AWS::ResourceExplorer2::View"
+}
+
+resource_schema "aws_resourcegroups_group" {
+ cloudformation_type_name = "AWS::ResourceGroups::Group"
+}
+
+resource_schema "aws_robomaker_fleet" {
+ cloudformation_type_name = "AWS::RoboMaker::Fleet"
+}
+
+resource_schema "aws_robomaker_robot" {
+ cloudformation_type_name = "AWS::RoboMaker::Robot"
+}
+
+resource_schema "aws_robomaker_robot_application" {
+ cloudformation_type_name = "AWS::RoboMaker::RobotApplication"
+}
+
+resource_schema "aws_robomaker_robot_application_version" {
+ cloudformation_type_name = "AWS::RoboMaker::RobotApplicationVersion"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_robomaker_simulation_application" {
+ cloudformation_type_name = "AWS::RoboMaker::SimulationApplication"
+}
+
+resource_schema "aws_robomaker_simulation_application_version" {
+ cloudformation_type_name = "AWS::RoboMaker::SimulationApplicationVersion"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_rolesanywhere_crl" {
+ cloudformation_type_name = "AWS::RolesAnywhere::CRL"
+}
+
+resource_schema "aws_rolesanywhere_profile" {
+ cloudformation_type_name = "AWS::RolesAnywhere::Profile"
+}
+
+resource_schema "aws_rolesanywhere_trust_anchor" {
+ cloudformation_type_name = "AWS::RolesAnywhere::TrustAnchor"
+}
+
+resource_schema "aws_route53_cidr_collection" {
+ cloudformation_type_name = "AWS::Route53::CidrCollection"
+}
+
+resource_schema "aws_route53_dnssec" {
+ cloudformation_type_name = "AWS::Route53::DNSSEC"
+}
+
+resource_schema "aws_route53_health_check" {
+ cloudformation_type_name = "AWS::Route53::HealthCheck"
+}
+
+resource_schema "aws_route53_hosted_zone" {
+ cloudformation_type_name = "AWS::Route53::HostedZone"
+}
+
+resource_schema "aws_route53_key_signing_key" {
+ cloudformation_type_name = "AWS::Route53::KeySigningKey"
+}
+
+resource_schema "aws_route53profiles_profile" {
+ cloudformation_type_name = "AWS::Route53Profiles::Profile"
+}
+
+resource_schema "aws_route53profiles_profile_association" {
+ cloudformation_type_name = "AWS::Route53Profiles::ProfileAssociation"
+}
+
+resource_schema "aws_route53profiles_profile_resource_association" {
+ cloudformation_type_name = "AWS::Route53Profiles::ProfileResourceAssociation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_route53recoverycontrol_cluster" {
+ cloudformation_type_name = "AWS::Route53RecoveryControl::Cluster"
+}
+
+resource_schema "aws_route53recoverycontrol_control_panel" {
+ cloudformation_type_name = "AWS::Route53RecoveryControl::ControlPanel"
+}
+
+resource_schema "aws_route53recoverycontrol_routing_control" {
+ cloudformation_type_name = "AWS::Route53RecoveryControl::RoutingControl"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_route53recoverycontrol_safety_rule" {
+ cloudformation_type_name = "AWS::Route53RecoveryControl::SafetyRule"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_route53recoveryreadiness_cell" {
+ cloudformation_type_name = "AWS::Route53RecoveryReadiness::Cell"
+}
+
+resource_schema "aws_route53recoveryreadiness_readiness_check" {
+ cloudformation_type_name = "AWS::Route53RecoveryReadiness::ReadinessCheck"
+}
+
+resource_schema "aws_route53recoveryreadiness_recovery_group" {
+ cloudformation_type_name = "AWS::Route53RecoveryReadiness::RecoveryGroup"
+}
+
+resource_schema "aws_route53recoveryreadiness_resource_set" {
+ cloudformation_type_name = "AWS::Route53RecoveryReadiness::ResourceSet"
+}
+
+resource_schema "aws_route53resolver_firewall_domain_list" {
+ cloudformation_type_name = "AWS::Route53Resolver::FirewallDomainList"
+}
+
+resource_schema "aws_route53resolver_firewall_rule_group" {
+ cloudformation_type_name = "AWS::Route53Resolver::FirewallRuleGroup"
+}
+
+resource_schema "aws_route53resolver_firewall_rule_group_association" {
+ cloudformation_type_name = "AWS::Route53Resolver::FirewallRuleGroupAssociation"
+}
+
+resource_schema "aws_route53resolver_outpost_resolver" {
+ cloudformation_type_name = "AWS::Route53Resolver::OutpostResolver"
+}
+
+resource_schema "aws_route53resolver_resolver_config" {
+ cloudformation_type_name = "AWS::Route53Resolver::ResolverConfig"
+}
+
+resource_schema "aws_route53resolver_resolver_dnssec_config" {
+ cloudformation_type_name = "AWS::Route53Resolver::ResolverDNSSECConfig"
+}
+
+resource_schema "aws_route53resolver_resolver_query_logging_config" {
+ cloudformation_type_name = "AWS::Route53Resolver::ResolverQueryLoggingConfig"
+}
+
+resource_schema "aws_route53resolver_resolver_query_logging_config_association" {
+ cloudformation_type_name = "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation"
+}
+
+resource_schema "aws_route53resolver_resolver_rule" {
+ cloudformation_type_name = "AWS::Route53Resolver::ResolverRule"
+}
+
+resource_schema "aws_route53resolver_resolver_rule_association" {
+ cloudformation_type_name = "AWS::Route53Resolver::ResolverRuleAssociation"
+}
+
+resource_schema "aws_s3_access_grant" {
+ cloudformation_type_name = "AWS::S3::AccessGrant"
+}
+
+resource_schema "aws_s3_access_grants_instance" {
+ cloudformation_type_name = "AWS::S3::AccessGrantsInstance"
+}
+
+resource_schema "aws_s3_access_grants_location" {
+ cloudformation_type_name = "AWS::S3::AccessGrantsLocation"
+}
+
+resource_schema "aws_s3_access_point" {
+ cloudformation_type_name = "AWS::S3::AccessPoint"
+}
+
+resource_schema "aws_s3_bucket" {
+ cloudformation_type_name = "AWS::S3::Bucket"
+}
+
+resource_schema "aws_s3_bucket_policy" {
+ cloudformation_type_name = "AWS::S3::BucketPolicy"
+}
+
+resource_schema "aws_s3_multi_region_access_point" {
+ cloudformation_type_name = "AWS::S3::MultiRegionAccessPoint"
+}
+
+resource_schema "aws_s3_multi_region_access_point_policy" {
+ cloudformation_type_name = "AWS::S3::MultiRegionAccessPointPolicy"
+}
+
+resource_schema "aws_s3_storage_lens" {
+ cloudformation_type_name = "AWS::S3::StorageLens"
+}
+
+resource_schema "aws_s3_storage_lens_group" {
+ cloudformation_type_name = "AWS::S3::StorageLensGroup"
+}
+
+resource_schema "aws_s3express_bucket_policy" {
+ cloudformation_type_name = "AWS::S3Express::BucketPolicy"
+}
+
+resource_schema "aws_s3express_directory_bucket" {
+ cloudformation_type_name = "AWS::S3Express::DirectoryBucket"
+}
+
+resource_schema "aws_s3objectlambda_access_point" {
+ cloudformation_type_name = "AWS::S3ObjectLambda::AccessPoint"
+}
+
+resource_schema "aws_s3objectlambda_access_point_policy" {
+ cloudformation_type_name = "AWS::S3ObjectLambda::AccessPointPolicy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_s3outposts_access_point" {
+ cloudformation_type_name = "AWS::S3Outposts::AccessPoint"
+}
+
+resource_schema "aws_s3outposts_bucket" {
+ cloudformation_type_name = "AWS::S3Outposts::Bucket"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_s3outposts_bucket_policy" {
+ cloudformation_type_name = "AWS::S3Outposts::BucketPolicy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_s3outposts_endpoint" {
+ cloudformation_type_name = "AWS::S3Outposts::Endpoint"
+}
+
+resource_schema "aws_ses_configuration_set" {
+ cloudformation_type_name = "AWS::SES::ConfigurationSet"
+}
+
+resource_schema "aws_ses_configuration_set_event_destination" {
+ cloudformation_type_name = "AWS::SES::ConfigurationSetEventDestination"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_ses_contact_list" {
+ cloudformation_type_name = "AWS::SES::ContactList"
+}
+
+resource_schema "aws_ses_dedicated_ip_pool" {
+ cloudformation_type_name = "AWS::SES::DedicatedIpPool"
+}
+
+resource_schema "aws_ses_email_identity" {
+ cloudformation_type_name = "AWS::SES::EmailIdentity"
+}
+
+resource_schema "aws_ses_mail_manager_addon_instance" {
+ cloudformation_type_name = "AWS::SES::MailManagerAddonInstance"
+}
+
+resource_schema "aws_ses_mail_manager_addon_subscription" {
+ cloudformation_type_name = "AWS::SES::MailManagerAddonSubscription"
+}
+
+resource_schema "aws_ses_mail_manager_archive" {
+ cloudformation_type_name = "AWS::SES::MailManagerArchive"
+}
+
+resource_schema "aws_ses_mail_manager_ingress_point" {
+ cloudformation_type_name = "AWS::SES::MailManagerIngressPoint"
+}
+
+resource_schema "aws_ses_mail_manager_relay" {
+ cloudformation_type_name = "AWS::SES::MailManagerRelay"
+}
+
+resource_schema "aws_ses_mail_manager_rule_set" {
+ cloudformation_type_name = "AWS::SES::MailManagerRuleSet"
+}
+
+resource_schema "aws_ses_mail_manager_traffic_policy" {
+ cloudformation_type_name = "AWS::SES::MailManagerTrafficPolicy"
+}
+
+resource_schema "aws_ses_template" {
+ cloudformation_type_name = "AWS::SES::Template"
+}
+
+resource_schema "aws_ses_vdm_attributes" {
+ cloudformation_type_name = "AWS::SES::VdmAttributes"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_sns_topic" {
+ cloudformation_type_name = "AWS::SNS::Topic"
+}
+
+resource_schema "aws_sns_topic_inline_policy" {
+ cloudformation_type_name = "AWS::SNS::TopicInlinePolicy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_sqs_queue" {
+ cloudformation_type_name = "AWS::SQS::Queue"
+}
+
+resource_schema "aws_sqs_queue_inline_policy" {
+ cloudformation_type_name = "AWS::SQS::QueueInlinePolicy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_ssm_association" {
+ cloudformation_type_name = "AWS::SSM::Association"
+}
+
+resource_schema "aws_ssm_document" {
+ cloudformation_type_name = "AWS::SSM::Document"
+}
+
+resource_schema "aws_ssm_parameter" {
+ cloudformation_type_name = "AWS::SSM::Parameter"
+}
+
+resource_schema "aws_ssm_patch_baseline" {
+ cloudformation_type_name = "AWS::SSM::PatchBaseline"
+}
+
+resource_schema "aws_ssm_resource_data_sync" {
+ cloudformation_type_name = "AWS::SSM::ResourceDataSync"
+}
+
+resource_schema "aws_ssm_resource_policy" {
+ cloudformation_type_name = "AWS::SSM::ResourcePolicy"
+}
+
+resource_schema "aws_ssmcontacts_contact" {
+ cloudformation_type_name = "AWS::SSMContacts::Contact"
+}
+
+resource_schema "aws_ssmcontacts_contact_channel" {
+ cloudformation_type_name = "AWS::SSMContacts::ContactChannel"
+}
+
+resource_schema "aws_ssmcontacts_plan" {
+ cloudformation_type_name = "AWS::SSMContacts::Plan"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_ssmcontacts_rotation" {
+ cloudformation_type_name = "AWS::SSMContacts::Rotation"
+}
+
+resource_schema "aws_ssmincidents_replication_set" {
+ cloudformation_type_name = "AWS::SSMIncidents::ReplicationSet"
+}
+
+resource_schema "aws_ssmincidents_response_plan" {
+ cloudformation_type_name = "AWS::SSMIncidents::ResponsePlan"
+}
+
+resource_schema "aws_sso_application" {
+ cloudformation_type_name = "AWS::SSO::Application"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_sso_application_assignment" {
+ cloudformation_type_name = "AWS::SSO::ApplicationAssignment"
+}
+
+resource_schema "aws_sso_assignment" {
+ cloudformation_type_name = "AWS::SSO::Assignment"
+}
+
+resource_schema "aws_sso_instance" {
+ cloudformation_type_name = "AWS::SSO::Instance"
+}
+
+resource_schema "aws_sso_instance_access_control_attribute_configuration" {
+ cloudformation_type_name = "AWS::SSO::InstanceAccessControlAttributeConfiguration"
+}
+
+resource_schema "aws_sso_permission_set" {
+ cloudformation_type_name = "AWS::SSO::PermissionSet"
+}
+
+resource_schema "aws_sagemaker_app" {
+ cloudformation_type_name = "AWS::SageMaker::App"
+}
+
+resource_schema "aws_sagemaker_app_image_config" {
+ cloudformation_type_name = "AWS::SageMaker::AppImageConfig"
+}
+
+resource_schema "aws_sagemaker_data_quality_job_definition" {
+ cloudformation_type_name = "AWS::SageMaker::DataQualityJobDefinition"
+}
+
+resource_schema "aws_sagemaker_device" {
+ cloudformation_type_name = "AWS::SageMaker::Device"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_sagemaker_device_fleet" {
+ cloudformation_type_name = "AWS::SageMaker::DeviceFleet"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_sagemaker_domain" {
+ cloudformation_type_name = "AWS::SageMaker::Domain"
+}
+
+resource_schema "aws_sagemaker_feature_group" {
+ cloudformation_type_name = "AWS::SageMaker::FeatureGroup"
+}
+
+resource_schema "aws_sagemaker_image" {
+ cloudformation_type_name = "AWS::SageMaker::Image"
+}
+
+resource_schema "aws_sagemaker_image_version" {
+ cloudformation_type_name = "AWS::SageMaker::ImageVersion"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_sagemaker_inference_component" {
+ cloudformation_type_name = "AWS::SageMaker::InferenceComponent"
+}
+
+resource_schema "aws_sagemaker_inference_experiment" {
+ cloudformation_type_name = "AWS::SageMaker::InferenceExperiment"
+}
+
+resource_schema "aws_sagemaker_mlflow_tracking_server" {
+ cloudformation_type_name = "AWS::SageMaker::MlflowTrackingServer"
+}
+
+resource_schema "aws_sagemaker_model_bias_job_definition" {
+ cloudformation_type_name = "AWS::SageMaker::ModelBiasJobDefinition"
+}
+
+resource_schema "aws_sagemaker_model_card" {
+ cloudformation_type_name = "AWS::SageMaker::ModelCard"
+}
+
+resource_schema "aws_sagemaker_model_explainability_job_definition" {
+ cloudformation_type_name = "AWS::SageMaker::ModelExplainabilityJobDefinition"
+}
+
+resource_schema "aws_sagemaker_model_package" {
+ cloudformation_type_name = "AWS::SageMaker::ModelPackage"
+}
+
+resource_schema "aws_sagemaker_model_package_group" {
+ cloudformation_type_name = "AWS::SageMaker::ModelPackageGroup"
+}
+
+resource_schema "aws_sagemaker_model_quality_job_definition" {
+ cloudformation_type_name = "AWS::SageMaker::ModelQualityJobDefinition"
+}
+
+resource_schema "aws_sagemaker_monitoring_schedule" {
+ cloudformation_type_name = "AWS::SageMaker::MonitoringSchedule"
+}
+
+resource_schema "aws_sagemaker_pipeline" {
+ cloudformation_type_name = "AWS::SageMaker::Pipeline"
+}
+
+resource_schema "aws_sagemaker_project" {
+ cloudformation_type_name = "AWS::SageMaker::Project"
+}
+
+resource_schema "aws_sagemaker_space" {
+ cloudformation_type_name = "AWS::SageMaker::Space"
+}
+
+resource_schema "aws_sagemaker_studio_lifecycle_config" {
+ cloudformation_type_name = "AWS::SageMaker::StudioLifecycleConfig"
+}
+
+resource_schema "aws_sagemaker_user_profile" {
+ cloudformation_type_name = "AWS::SageMaker::UserProfile"
+}
+
+resource_schema "aws_scheduler_schedule" {
+ cloudformation_type_name = "AWS::Scheduler::Schedule"
+}
+
+resource_schema "aws_scheduler_schedule_group" {
+ cloudformation_type_name = "AWS::Scheduler::ScheduleGroup"
+}
+
+resource_schema "aws_secretsmanager_resource_policy" {
+ cloudformation_type_name = "AWS::SecretsManager::ResourcePolicy"
+}
+
+resource_schema "aws_secretsmanager_secret" {
+ cloudformation_type_name = "AWS::SecretsManager::Secret"
+}
+
+resource_schema "aws_securityhub_automation_rule" {
+ cloudformation_type_name = "AWS::SecurityHub::AutomationRule"
+}
+
+resource_schema "aws_securityhub_configuration_policy" {
+ cloudformation_type_name = "AWS::SecurityHub::ConfigurationPolicy"
+}
+
+resource_schema "aws_securityhub_delegated_admin" {
+ cloudformation_type_name = "AWS::SecurityHub::DelegatedAdmin"
+}
+
+resource_schema "aws_securityhub_finding_aggregator" {
+ cloudformation_type_name = "AWS::SecurityHub::FindingAggregator"
+}
+
+resource_schema "aws_securityhub_hub" {
+ cloudformation_type_name = "AWS::SecurityHub::Hub"
+}
+
+resource_schema "aws_securityhub_insight" {
+ cloudformation_type_name = "AWS::SecurityHub::Insight"
+}
+
+resource_schema "aws_securityhub_organization_configuration" {
+ cloudformation_type_name = "AWS::SecurityHub::OrganizationConfiguration"
+}
+
+resource_schema "aws_securityhub_policy_association" {
+ cloudformation_type_name = "AWS::SecurityHub::PolicyAssociation"
+}
+
+resource_schema "aws_securityhub_product_subscription" {
+ cloudformation_type_name = "AWS::SecurityHub::ProductSubscription"
+}
+
+resource_schema "aws_securityhub_security_control" {
+ cloudformation_type_name = "AWS::SecurityHub::SecurityControl"
+}
+
+resource_schema "aws_securityhub_standard" {
+ cloudformation_type_name = "AWS::SecurityHub::Standard"
+}
+
+resource_schema "aws_securitylake_aws_log_source" {
+ cloudformation_type_name = "AWS::SecurityLake::AwsLogSource"
+}
+
+resource_schema "aws_securitylake_data_lake" {
+ cloudformation_type_name = "AWS::SecurityLake::DataLake"
+}
+
+resource_schema "aws_securitylake_subscriber" {
+ cloudformation_type_name = "AWS::SecurityLake::Subscriber"
+}
+
+resource_schema "aws_securitylake_subscriber_notification" {
+ cloudformation_type_name = "AWS::SecurityLake::SubscriberNotification"
+}
+
+resource_schema "aws_servicecatalog_cloudformation_provisioned_product" {
+ cloudformation_type_name = "AWS::ServiceCatalog::CloudFormationProvisionedProduct"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_servicecatalog_service_action" {
+ cloudformation_type_name = "AWS::ServiceCatalog::ServiceAction"
+}
+
+resource_schema "aws_servicecatalog_service_action_association" {
+ cloudformation_type_name = "AWS::ServiceCatalog::ServiceActionAssociation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_servicecatalogappregistry_application" {
+ cloudformation_type_name = "AWS::ServiceCatalogAppRegistry::Application"
+}
+
+resource_schema "aws_servicecatalogappregistry_attribute_group" {
+ cloudformation_type_name = "AWS::ServiceCatalogAppRegistry::AttributeGroup"
+}
+
+resource_schema "aws_servicecatalogappregistry_attribute_group_association" {
+ cloudformation_type_name = "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_servicecatalogappregistry_resource_association" {
+ cloudformation_type_name = "AWS::ServiceCatalogAppRegistry::ResourceAssociation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_shield_drt_access" {
+ cloudformation_type_name = "AWS::Shield::DRTAccess"
+}
+
+resource_schema "aws_shield_proactive_engagement" {
+ cloudformation_type_name = "AWS::Shield::ProactiveEngagement"
+}
+
+resource_schema "aws_shield_protection" {
+ cloudformation_type_name = "AWS::Shield::Protection"
+}
+
+resource_schema "aws_shield_protection_group" {
+ cloudformation_type_name = "AWS::Shield::ProtectionGroup"
+}
+
+resource_schema "aws_signer_profile_permission" {
+ cloudformation_type_name = "AWS::Signer::ProfilePermission"
+}
+
+resource_schema "aws_signer_signing_profile" {
+ cloudformation_type_name = "AWS::Signer::SigningProfile"
+}
+
+resource_schema "aws_simspaceweaver_simulation" {
+ cloudformation_type_name = "AWS::SimSpaceWeaver::Simulation"
+}
+
+resource_schema "aws_stepfunctions_activity" {
+ cloudformation_type_name = "AWS::StepFunctions::Activity"
+}
+
+resource_schema "aws_stepfunctions_state_machine" {
+ cloudformation_type_name = "AWS::StepFunctions::StateMachine"
+}
+
+resource_schema "aws_stepfunctions_state_machine_alias" {
+ cloudformation_type_name = "AWS::StepFunctions::StateMachineAlias"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_stepfunctions_state_machine_version" {
+ cloudformation_type_name = "AWS::StepFunctions::StateMachineVersion"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_supportapp_account_alias" {
+ cloudformation_type_name = "AWS::SupportApp::AccountAlias"
+}
+
+resource_schema "aws_supportapp_slack_channel_configuration" {
+ cloudformation_type_name = "AWS::SupportApp::SlackChannelConfiguration"
+}
+
+resource_schema "aws_supportapp_slack_workspace_configuration" {
+ cloudformation_type_name = "AWS::SupportApp::SlackWorkspaceConfiguration"
+}
+
+resource_schema "aws_synthetics_canary" {
+ cloudformation_type_name = "AWS::Synthetics::Canary"
+}
+
+resource_schema "aws_synthetics_group" {
+ cloudformation_type_name = "AWS::Synthetics::Group"
+}
+
+resource_schema "aws_systemsmanagersap_application" {
+ cloudformation_type_name = "AWS::SystemsManagerSAP::Application"
+}
+
+resource_schema "aws_timestream_database" {
+ cloudformation_type_name = "AWS::Timestream::Database"
+}
+
+resource_schema "aws_timestream_influx_db_instance" {
+ cloudformation_type_name = "AWS::Timestream::InfluxDBInstance"
+}
+
+resource_schema "aws_timestream_scheduled_query" {
+ cloudformation_type_name = "AWS::Timestream::ScheduledQuery"
+}
+
+resource_schema "aws_timestream_table" {
+ cloudformation_type_name = "AWS::Timestream::Table"
+}
+
+resource_schema "aws_transfer_agreement" {
+ cloudformation_type_name = "AWS::Transfer::Agreement"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_transfer_certificate" {
+ cloudformation_type_name = "AWS::Transfer::Certificate"
+}
+
+resource_schema "aws_transfer_connector" {
+ cloudformation_type_name = "AWS::Transfer::Connector"
+}
+
+resource_schema "aws_transfer_profile" {
+ cloudformation_type_name = "AWS::Transfer::Profile"
+}
+
+resource_schema "aws_transfer_workflow" {
+ cloudformation_type_name = "AWS::Transfer::Workflow"
+}
+
+resource_schema "aws_verifiedpermissions_identity_source" {
+ cloudformation_type_name = "AWS::VerifiedPermissions::IdentitySource"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_verifiedpermissions_policy" {
+ cloudformation_type_name = "AWS::VerifiedPermissions::Policy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_verifiedpermissions_policy_store" {
+ cloudformation_type_name = "AWS::VerifiedPermissions::PolicyStore"
+}
+
+resource_schema "aws_verifiedpermissions_policy_template" {
+ cloudformation_type_name = "AWS::VerifiedPermissions::PolicyTemplate"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_voiceid_domain" {
+ cloudformation_type_name = "AWS::VoiceID::Domain"
+}
+
+resource_schema "aws_vpclattice_access_log_subscription" {
+ cloudformation_type_name = "AWS::VpcLattice::AccessLogSubscription"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_vpclattice_auth_policy" {
+ cloudformation_type_name = "AWS::VpcLattice::AuthPolicy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_vpclattice_listener" {
+ cloudformation_type_name = "AWS::VpcLattice::Listener"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_vpclattice_resource_policy" {
+ cloudformation_type_name = "AWS::VpcLattice::ResourcePolicy"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_vpclattice_rule" {
+ cloudformation_type_name = "AWS::VpcLattice::Rule"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_vpclattice_service" {
+ cloudformation_type_name = "AWS::VpcLattice::Service"
+}
+
+resource_schema "aws_vpclattice_service_network" {
+ cloudformation_type_name = "AWS::VpcLattice::ServiceNetwork"
+}
+
+resource_schema "aws_vpclattice_service_network_service_association" {
+ cloudformation_type_name = "AWS::VpcLattice::ServiceNetworkServiceAssociation"
+}
+
+resource_schema "aws_vpclattice_service_network_vpc_association" {
+ cloudformation_type_name = "AWS::VpcLattice::ServiceNetworkVpcAssociation"
+}
+
+resource_schema "aws_vpclattice_target_group" {
+ cloudformation_type_name = "AWS::VpcLattice::TargetGroup"
+}
+
+resource_schema "aws_wafv2_ip_set" {
+ cloudformation_type_name = "AWS::WAFv2::IPSet"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_wafv2_logging_configuration" {
+ cloudformation_type_name = "AWS::WAFv2::LoggingConfiguration"
+}
+
+resource_schema "aws_wafv2_regex_pattern_set" {
+ cloudformation_type_name = "AWS::WAFv2::RegexPatternSet"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_wafv2_rule_group" {
+ cloudformation_type_name = "AWS::WAFv2::RuleGroup"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_wafv2_web_acl" {
+ cloudformation_type_name = "AWS::WAFv2::WebACL"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_wafv2_web_acl_association" {
+ cloudformation_type_name = "AWS::WAFv2::WebACLAssociation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_wisdom_assistant" {
+ cloudformation_type_name = "AWS::Wisdom::Assistant"
+}
+
+resource_schema "aws_wisdom_assistant_association" {
+ cloudformation_type_name = "AWS::Wisdom::AssistantAssociation"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_wisdom_knowledge_base" {
+ cloudformation_type_name = "AWS::Wisdom::KnowledgeBase"
+}
+
+resource_schema "aws_workspaces_connection_alias" {
+ cloudformation_type_name = "AWS::WorkSpaces::ConnectionAlias"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_workspaces_workspaces_pool" {
+ cloudformation_type_name = "AWS::WorkSpaces::WorkspacesPool"
+}
+
+resource_schema "aws_workspacesthinclient_environment" {
+ cloudformation_type_name = "AWS::WorkSpacesThinClient::Environment"
+}
+
+resource_schema "aws_workspacesweb_browser_settings" {
+ cloudformation_type_name = "AWS::WorkSpacesWeb::BrowserSettings"
+}
+
+resource_schema "aws_workspacesweb_identity_provider" {
+ cloudformation_type_name = "AWS::WorkSpacesWeb::IdentityProvider"
+ suppress_plural_data_source_generation = true
+}
+
+resource_schema "aws_workspacesweb_ip_access_settings" {
+ cloudformation_type_name = "AWS::WorkSpacesWeb::IpAccessSettings"
+}
+
+resource_schema "aws_workspacesweb_network_settings" {
+ cloudformation_type_name = "AWS::WorkSpacesWeb::NetworkSettings"
+}
+
+resource_schema "aws_workspacesweb_portal" {
+ cloudformation_type_name = "AWS::WorkSpacesWeb::Portal"
+}
+
+resource_schema "aws_workspacesweb_trust_store" {
+ cloudformation_type_name = "AWS::WorkSpacesWeb::TrustStore"
+}
+
+resource_schema "aws_workspacesweb_user_access_logging_settings" {
+ cloudformation_type_name = "AWS::WorkSpacesWeb::UserAccessLoggingSettings"
+}
+
+resource_schema "aws_workspacesweb_user_settings" {
+ cloudformation_type_name = "AWS::WorkSpacesWeb::UserSettings"
+}
+
+resource_schema "aws_xray_group" {
+ cloudformation_type_name = "AWS::XRay::Group"
+}
+
+resource_schema "aws_xray_resource_policy" {
+ cloudformation_type_name = "AWS::XRay::ResourcePolicy"
+}
+
+resource_schema "aws_xray_sampling_rule" {
+ cloudformation_type_name = "AWS::XRay::SamplingRule"
+}
diff --git a/internal/service/cloudformation/schemas/AWS_Bedrock_DataSource.json b/internal/service/cloudformation/schemas/AWS_Bedrock_DataSource.json
index 97493fed5..1c5db564c 100644
--- a/internal/service/cloudformation/schemas/AWS_Bedrock_DataSource.json
+++ b/internal/service/cloudformation/schemas/AWS_Bedrock_DataSource.json
@@ -3,6 +3,26 @@
"description": "Definition of AWS::Bedrock::DataSource Resource Type",
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-aps",
"definitions": {
+ "BedrockFoundationModelConfiguration": {
+ "type": "object",
+ "description": "Settings for a foundation model used to parse documents for a data source.",
+ "properties": {
+ "ModelArn": {
+ "type": "string",
+ "maxLength": 2048,
+ "minLength": 1,
+ "pattern": "^arn:aws(-[^:]+)?:bedrock:[a-z0-9-]{1,20}::foundation-model/([a-z0-9-]{1,63}[.]{1}[a-z0-9-]{1,63}([.]?[a-z0-9-]{1,63})([:][a-z0-9-]{1,63}){0,2})$",
+ "description": "The model's ARN."
+ },
+ "ParsingPrompt": {
+ "$ref": "#/definitions/ParsingPrompt"
+ }
+ },
+ "required": [
+ "ModelArn"
+ ],
+ "additionalProperties": false
+ },
"ChunkingConfiguration": {
"type": "object",
"description": "Details about how to chunk the documents in the data source. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried.",
@@ -12,6 +32,12 @@
},
"FixedSizeChunkingConfiguration": {
"$ref": "#/definitions/FixedSizeChunkingConfiguration"
+ },
+ "HierarchicalChunkingConfiguration": {
+ "$ref": "#/definitions/HierarchicalChunkingConfiguration"
+ },
+ "SemanticChunkingConfiguration": {
+ "$ref": "#/definitions/SemanticChunkingConfiguration"
}
},
"required": [
@@ -24,9 +50,35 @@
"description": "Knowledge base can split your source data into chunks. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. You have the following options for chunking your data. If you opt for NONE, then you may want to pre-process your files by splitting them up such that each file corresponds to a chunk.",
"enum": [
"FIXED_SIZE",
- "NONE"
+ "NONE",
+ "HIERARCHICAL",
+ "SEMANTIC"
]
},
+ "CustomTransformationConfiguration": {
+ "type": "object",
+ "description": "Settings for customizing steps in the data source content ingestion pipeline.",
+ "properties": {
+ "IntermediateStorage": {
+ "$ref": "#/definitions/IntermediateStorage"
+ },
+ "Transformations": {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/Transformation"
+ },
+ "maxItems": 1,
+ "minItems": 1,
+ "description": "A list of Lambda functions that process documents.",
+ "insertionOrder": false
+ }
+ },
+ "required": [
+ "IntermediateStorage",
+ "Transformations"
+ ],
+ "additionalProperties": false
+ },
"DataSourceConfiguration": {
"type": "object",
"description": "Specifies a raw data source location to ingest.",
@@ -36,11 +88,49 @@
},
"S3Configuration": {
"$ref": "#/definitions/S3DataSourceConfiguration"
+ },
+ "ConfluenceConfiguration": {
+ "$ref": "#/definitions/ConfluenceDataSourceConfiguration"
+ },
+ "SalesforceConfiguration": {
+ "$ref": "#/definitions/SalesforceDataSourceConfiguration"
+ },
+ "SharePointConfiguration": {
+ "$ref": "#/definitions/SharePointDataSourceConfiguration"
+ },
+ "WebConfiguration": {
+ "$ref": "#/definitions/WebDataSourceConfiguration"
}
},
"required": [
- "Type",
- "S3Configuration"
+ "Type"
+ ],
+ "oneOf": [
+ {
+ "required": [
+ "S3Configuration"
+ ]
+ },
+ {
+ "required": [
+ "ConfluenceConfiguration"
+ ]
+ },
+ {
+ "required": [
+ "SalesforceConfiguration"
+ ]
+ },
+ {
+ "required": [
+ "SharePointConfiguration"
+ ]
+ },
+ {
+ "required": [
+ "WebConfiguration"
+ ]
+ }
],
"additionalProperties": false
},
@@ -57,7 +147,11 @@
"type": "string",
"description": "The type of the data source location.",
"enum": [
- "S3"
+ "S3",
+ "CONFLUENCE",
+ "SALESFORCE",
+ "SHAREPOINT",
+ "WEB"
]
},
"DataDeletionPolicy": {
@@ -90,9 +184,103 @@
],
"additionalProperties": false
},
+ "HierarchicalChunkingConfiguration": {
+ "type": "object",
+ "description": "Configurations for when you choose hierarchical chunking. If you set the chunkingStrategy as NONE, exclude this field.",
+ "properties": {
+ "LevelConfigurations": {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/HierarchicalChunkingLevelConfiguration"
+ },
+ "maxItems": 2,
+ "minItems": 2,
+ "description": "Token settings for each layer.",
+ "insertionOrder": false
+ },
+ "OverlapTokens": {
+ "type": "integer",
+ "minimum": 1,
+ "description": "The number of tokens to repeat across chunks in the same layer."
+ }
+ },
+ "required": [
+ "LevelConfigurations",
+ "OverlapTokens"
+ ],
+ "additionalProperties": false
+ },
+ "HierarchicalChunkingLevelConfiguration": {
+ "type": "object",
+ "description": "Token settings for a layer in a hierarchical chunking configuration.",
+ "properties": {
+ "MaxTokens": {
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 8192,
+ "description": "The maximum number of tokens that a chunk can contain in this layer."
+ }
+ },
+ "required": [
+ "MaxTokens"
+ ],
+ "additionalProperties": false
+ },
+ "IntermediateStorage": {
+ "type": "object",
+ "description": "A location for storing content from data sources temporarily as it is processed by custom components in the ingestion pipeline.",
+ "properties": {
+ "S3Location": {
+ "$ref": "#/definitions/S3Location"
+ }
+ },
+ "required": [
+ "S3Location"
+ ],
+ "additionalProperties": false
+ },
+ "ParsingConfiguration": {
+ "type": "object",
+ "description": "Settings for parsing document contents",
+ "properties": {
+ "ParsingStrategy": {
+ "$ref": "#/definitions/ParsingStrategy"
+ },
+ "BedrockFoundationModelConfiguration": {
+ "$ref": "#/definitions/BedrockFoundationModelConfiguration"
+ }
+ },
+ "required": [
+ "ParsingStrategy"
+ ],
+ "additionalProperties": false
+ },
+ "ParsingPrompt": {
+ "type": "object",
+ "description": "Instructions for interpreting the contents of a document.",
+ "properties": {
+ "ParsingPromptText": {
+ "type": "string",
+ "maxLength": 10000,
+ "minLength": 1,
+ "description": "Instructions for interpreting the contents of a document."
+ }
+ },
+ "required": [
+ "ParsingPromptText"
+ ],
+ "additionalProperties": false
+ },
+ "ParsingStrategy": {
+ "type": "string",
+ "description": "The parsing strategy for the data source.",
+ "enum": [
+ "BEDROCK_FOUNDATION_MODEL"
+ ]
+ },
"S3DataSourceConfiguration": {
"type": "object",
- "description": "Contains information about the S3 configuration of the data source.",
+ "description": "The configuration information to connect to Amazon S3 as your data source.",
"properties": {
"BucketArn": {
"type": "string",
@@ -127,6 +315,116 @@
],
"additionalProperties": false
},
+ "ConfluenceDataSourceConfiguration": {
+ "type": "object",
+ "description": "The configuration information to connect to Confluence as your data source.",
+ "properties": {
+ "SourceConfiguration": {
+ "$ref": "#/definitions/ConfluenceSourceConfiguration"
+ },
+ "CrawlerConfiguration": {
+ "$ref": "#/definitions/ConfluenceCrawlerConfiguration"
+ }
+ },
+ "required": [
+ "SourceConfiguration"
+ ],
+ "additionalProperties": false
+ },
+ "SalesforceDataSourceConfiguration": {
+ "type": "object",
+ "description": "The configuration information to connect to Salesforce as your data source.",
+ "properties": {
+ "SourceConfiguration": {
+ "$ref": "#/definitions/SalesforceSourceConfiguration"
+ },
+ "CrawlerConfiguration": {
+ "$ref": "#/definitions/SalesforceCrawlerConfiguration"
+ }
+ },
+ "required": [
+ "SourceConfiguration"
+ ],
+ "additionalProperties": false
+ },
+ "SharePointDataSourceConfiguration": {
+ "type": "object",
+ "description": "The configuration information to connect to SharePoint as your data source.",
+ "properties": {
+ "SourceConfiguration": {
+ "$ref": "#/definitions/SharePointSourceConfiguration"
+ },
+ "CrawlerConfiguration": {
+ "$ref": "#/definitions/SharePointCrawlerConfiguration"
+ }
+ },
+ "required": [
+ "SourceConfiguration"
+ ],
+ "additionalProperties": false
+ },
+ "WebDataSourceConfiguration": {
+ "type": "object",
+ "description": "Configures a web data source location.",
+ "properties": {
+ "SourceConfiguration": {
+ "$ref": "#/definitions/WebSourceConfiguration"
+ },
+ "CrawlerConfiguration": {
+ "$ref": "#/definitions/WebCrawlerConfiguration"
+ }
+ },
+ "required": [
+ "SourceConfiguration"
+ ],
+ "additionalProperties": false
+ },
+ "S3Location": {
+ "type": "object",
+ "description": "An Amazon S3 location.",
+ "properties": {
+ "URI": {
+ "type": "string",
+ "maxLength": 2048,
+ "minLength": 1,
+ "pattern": "^s3://.{1,128}$",
+ "description": "The location's URI"
+ }
+ },
+ "required": [
+ "URI"
+ ],
+ "additionalProperties": false
+ },
+ "SemanticChunkingConfiguration": {
+ "type": "object",
+ "description": "Configurations for when you choose semantic chunking. If you set the chunkingStrategy as NONE, exclude this field.",
+ "properties": {
+ "BreakpointPercentileThreshold": {
+ "type": "integer",
+ "minimum": 50,
+ "maximum": 99,
+ "description": "The dissimilarity threshold for splitting chunks."
+ },
+ "BufferSize": {
+ "type": "integer",
+ "minimum": 0,
+ "maximum": 1,
+ "description": "The buffer size."
+ },
+ "MaxTokens": {
+ "type": "integer",
+ "minimum": 1,
+ "description": "The maximum number of tokens that a chunk can contain."
+ }
+ },
+ "required": [
+ "BreakpointPercentileThreshold",
+ "BufferSize",
+ "MaxTokens"
+ ],
+ "additionalProperties": false
+ },
"ServerSideEncryptionConfiguration": {
"type": "object",
"description": "Contains details about the server-side encryption for the data source.",
@@ -141,15 +439,396 @@
},
"additionalProperties": false
},
+ "Transformation": {
+ "type": "object",
+ "description": "A Lambda function that processes documents.",
+ "properties": {
+ "StepToApply": {
+ "type": "string",
+ "description": "When the service applies the transformation.",
+ "enum": [
+ "POST_CHUNKING"
+ ]
+ },
+ "TransformationFunction": {
+ "$ref": "#/definitions/TransformationFunction"
+ }
+ },
+ "required": [
+ "StepToApply",
+ "TransformationFunction"
+ ],
+ "additionalProperties": false
+ },
+ "TransformationFunction": {
+ "type": "object",
+ "description": "A Lambda function that processes documents.",
+ "properties": {
+ "TransformationLambdaConfiguration": {
+ "$ref": "#/definitions/TransformationLambdaConfiguration"
+ }
+ },
+ "required": [
+ "TransformationLambdaConfiguration"
+ ],
+ "additionalProperties": false
+ },
+ "TransformationLambdaConfiguration": {
+ "type": "object",
+ "description": "A Lambda function that processes documents.",
+ "properties": {
+ "LambdaArn": {
+ "type": "string",
+ "maxLength": 2048,
+ "minLength": 0,
+ "pattern": "^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\\d{1}:\\d{12}:function:[a-zA-Z0-9-_\\.]+(:(\\$LATEST|[a-zA-Z0-9-_]+))?$",
+ "description": "The function's ARN identifier."
+ }
+ },
+ "required": [
+ "LambdaArn"
+ ],
+ "additionalProperties": false
+ },
"VectorIngestionConfiguration": {
"type": "object",
"description": "Details about how to chunk the documents in the data source. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried.",
"properties": {
"ChunkingConfiguration": {
"$ref": "#/definitions/ChunkingConfiguration"
+ },
+ "CustomTransformationConfiguration": {
+ "$ref": "#/definitions/CustomTransformationConfiguration"
+ },
+ "ParsingConfiguration": {
+ "$ref": "#/definitions/ParsingConfiguration"
}
},
"additionalProperties": false
+ },
+ "ConfluenceSourceConfiguration": {
+ "type": "object",
+ "description": "The endpoint information to connect to your Confluence data source.",
+ "properties": {
+ "HostUrl": {
+ "type": "string",
+ "maxLength": 2048,
+ "minLength": 1,
+ "pattern": "^https://[A-Za-z0-9][^\\s]*$",
+ "description": "The Confluence host URL or instance URL."
+ },
+ "HostType": {
+ "type": "string",
+ "description": "The supported host type, whether online/cloud or server/on-premises.",
+ "enum": [
+ "SAAS"
+ ]
+ },
+ "AuthType": {
+ "type": "string",
+ "description": "The supported authentication type to authenticate and connect to your Confluence instance.",
+ "enum": [
+ "BASIC",
+ "OAUTH2_CLIENT_CREDENTIALS"
+ ]
+ },
+ "CredentialsSecretArn": {
+ "type": "string",
+ "description": "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Confluence instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see Confluence connection configuration.",
+ "pattern": "^arn:aws(|-cn|-us-gov):secretsmanager:[a-z0-9-]{1,20}:([0-9]{12}|):secret:[a-zA-Z0-9!/_+=.@-]{1,512}$"
+ }
+ },
+ "required": [
+ "HostUrl",
+ "HostType",
+ "AuthType",
+ "CredentialsSecretArn"
+ ],
+ "additionalProperties": false
+ },
+ "ConfluenceCrawlerConfiguration": {
+ "type": "object",
+ "description": "The configuration of the Confluence content. For example, configuring specific types of Confluence content.",
+ "properties": {
+ "FilterConfiguration": {
+ "$ref": "#/definitions/CrawlFilterConfiguration"
+ }
+ },
+ "additionalProperties": false
+ },
+ "SalesforceSourceConfiguration": {
+ "type": "object",
+ "description": "The endpoint information to connect to your Salesforce data source.",
+ "properties": {
+ "HostUrl": {
+ "type": "string",
+ "maxLength": 2048,
+ "minLength": 1,
+ "pattern": "^https://[A-Za-z0-9][^\\s]*$",
+ "description": "The Salesforce host URL or instance URL."
+ },
+ "AuthType": {
+ "type": "string",
+ "description": "The supported authentication type to authenticate and connect to your Salesforce instance.",
+ "enum": [
+ "OAUTH2_CLIENT_CREDENTIALS"
+ ]
+ },
+ "CredentialsSecretArn": {
+ "type": "string",
+ "description": "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Salesforce instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see Salesforce connection configuration.",
+ "pattern": "^arn:aws(|-cn|-us-gov):secretsmanager:[a-z0-9-]{1,20}:([0-9]{12}|):secret:[a-zA-Z0-9!/_+=.@-]{1,512}$"
+ }
+ },
+ "required": [
+ "HostUrl",
+ "AuthType",
+ "CredentialsSecretArn"
+ ],
+ "additionalProperties": false
+ },
+ "SalesforceCrawlerConfiguration": {
+ "type": "object",
+ "description": "The configuration of filtering the Salesforce content. For example, configuring regular expression patterns to include or exclude certain content.",
+ "properties": {
+ "FilterConfiguration": {
+ "$ref": "#/definitions/CrawlFilterConfiguration"
+ }
+ },
+ "additionalProperties": false
+ },
+ "SharePointSourceConfiguration": {
+ "type": "object",
+ "description": "The endpoint information to connect to your SharePoint data source.",
+ "properties": {
+ "SiteUrls": {
+ "type": "array",
+ "description": "A list of one or more SharePoint site URLs.",
+ "items": {
+ "type": "string",
+ "pattern": "^https://[A-Za-z0-9][^\\s]*$",
+ "description": "A forced-HTTPS web url."
+ },
+ "maxItems": 100,
+ "minItems": 1,
+ "insertionOrder": false
+ },
+ "HostType": {
+ "type": "string",
+ "description": "The supported host type, whether online/cloud or server/on-premises.",
+ "enum": [
+ "ONLINE"
+ ]
+ },
+ "AuthType": {
+ "type": "string",
+ "description": "The supported authentication type to authenticate and connect to your SharePoint site/sites.",
+ "enum": [
+ "OAUTH2_CLIENT_CREDENTIALS"
+ ]
+ },
+ "CredentialsSecretArn": {
+ "type": "string",
+ "description": "The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your SharePoint site/sites. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see SharePoint connection configuration.",
+ "pattern": "^arn:aws(|-cn|-us-gov):secretsmanager:[a-z0-9-]{1,20}:([0-9]{12}|):secret:[a-zA-Z0-9!/_+=.@-]{1,512}$"
+ },
+ "TenantId": {
+ "type": "string",
+ "description": "The identifier of your Microsoft 365 tenant.",
+ "pattern": "^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$"
+ },
+ "Domain": {
+ "type": "string",
+ "description": "The domain of your SharePoint instance or site URL/URLs.",
+ "maxLength": 50,
+ "minLength": 1
+ }
+ },
+ "required": [
+ "Domain",
+ "SiteUrls",
+ "HostType",
+ "AuthType",
+ "CredentialsSecretArn"
+ ],
+ "additionalProperties": false
+ },
+ "SharePointCrawlerConfiguration": {
+ "type": "object",
+ "description": "The configuration of the SharePoint content. For example, configuring specific types of SharePoint content.",
+ "properties": {
+ "FilterConfiguration": {
+ "$ref": "#/definitions/CrawlFilterConfiguration"
+ }
+ },
+ "additionalProperties": false
+ },
+ "WebSourceConfiguration": {
+ "type": "object",
+ "description": "A web source configuration.",
+ "properties": {
+ "UrlConfiguration": {
+ "$ref": "#/definitions/UrlConfiguration"
+ }
+ },
+ "required": [
+ "UrlConfiguration"
+ ],
+ "additionalProperties": false
+ },
+ "UrlConfiguration": {
+ "type": "object",
+ "description": "A url configuration.",
+ "properties": {
+ "SeedUrls": {
+ "$ref": "#/definitions/SeedUrls"
+ }
+ },
+ "required": [
+ "SeedUrls"
+ ],
+ "additionalProperties": false
+ },
+ "SeedUrl": {
+ "type": "object",
+ "description": "A seed url object.",
+ "properties": {
+ "Url": {
+ "type": "string",
+ "pattern": "^https?://[A-Za-z0-9][^\\s]*$",
+ "description": "A web url."
+ }
+ },
+ "required": [
+ "Url"
+ ],
+ "additionalProperties": false
+ },
+ "SeedUrls": {
+ "type": "array",
+ "description": "A list of web urls.",
+ "items": {
+ "$ref": "#/definitions/SeedUrl"
+ },
+ "maxItems": 100,
+ "minItems": 1,
+ "insertionOrder": false
+ },
+ "WebCrawlerConfiguration": {
+ "type": "object",
+ "description": "Configuration for the web crawler.",
+ "properties": {
+ "CrawlerLimits": {
+ "$ref": "#/definitions/WebCrawlerLimits"
+ },
+ "InclusionFilters": {
+ "$ref": "#/definitions/FilterList"
+ },
+ "ExclusionFilters": {
+ "$ref": "#/definitions/FilterList"
+ },
+ "Scope": {
+ "$ref": "#/definitions/WebScopeType"
+ }
+ },
+ "additionalProperties": false
+ },
+ "WebCrawlerLimits": {
+ "type": "object",
+ "description": "Limit settings for the web crawler.",
+ "properties": {
+ "RateLimit": {
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 300,
+ "description": "Rate of web URLs retrieved per minute."
+ }
+ },
+ "additionalProperties": false
+ },
+ "WebScopeType": {
+ "type": "string",
+ "description": "The scope that a web crawl job will be restricted to.",
+ "enum": [
+ "HOST_ONLY",
+ "SUBDOMAINS"
+ ]
+ },
+ "CrawlFilterConfiguration": {
+ "type": "object",
+ "description": "The type of filtering that you want to apply to certain objects or content of the data source. For example, the PATTERN type is regular expression patterns you can apply to filter your content.",
+ "properties": {
+ "Type": {
+ "type": "string",
+ "description": "The crawl filter type.",
+ "enum": [
+ "PATTERN"
+ ]
+ },
+ "PatternObjectFilter": {
+ "$ref": "#/definitions/PatternObjectFilterConfiguration"
+ }
+ },
+ "required": [
+ "Type"
+ ],
+ "additionalProperties": false
+ },
+ "PatternObjectFilterConfiguration": {
+ "type": "object",
+ "description": "The configuration of specific filters applied to your data source content. You can filter out or include certain content.",
+ "properties": {
+ "Filters": {
+ "$ref": "#/definitions/PatternObjectFilterList"
+ }
+ },
+ "required": [
+ "Filters"
+ ],
+ "additionalProperties": false
+ },
+ "PatternObjectFilterList": {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/PatternObjectFilter"
+ },
+ "maxItems": 25,
+ "minItems": 1,
+ "description": "Contains information"
+ },
+ "PatternObjectFilter": {
+ "type": "object",
+ "description": "The specific filters applied to your data source content. You can filter out or include certain content.",
+ "properties": {
+ "ObjectType": {
+ "type": "string",
+ "maxLength": 50,
+ "minLength": 1,
+ "description": "The supported object type or content type of the data source."
+ },
+ "InclusionFilters": {
+ "$ref": "#/definitions/FilterList"
+ },
+ "ExclusionFilters": {
+ "$ref": "#/definitions/FilterList"
+ }
+ },
+ "required": [
+ "ObjectType"
+ ],
+ "additionalProperties": false
+ },
+ "FilterList": {
+ "type": "array",
+ "description": "A set of regular expression filter patterns for a type of object.",
+ "items": {
+ "type": "string",
+ "maxLength": 1000,
+ "description": "A list of one or more inclusion/exclusion regular expression patterns to include certain object types that adhere to the pattern. If you specify an inclusion and exclusion filter/pattern and both match a document, the exclusion filter takes precedence and the document isn't crawled."
+ },
+ "maxItems": 25,
+ "minItems": 1,
+ "insertionOrder": false
}
},
"properties": {
@@ -223,7 +902,9 @@
],
"createOnlyProperties": [
"/properties/KnowledgeBaseId",
- "/properties/VectorIngestionConfiguration"
+ "/properties/VectorIngestionConfiguration/ChunkingConfiguration",
+ "/properties/VectorIngestionConfiguration/ParsingConfiguration",
+ "/properties/DataSourceConfiguration/Type"
],
"primaryIdentifier": [
"/properties/KnowledgeBaseId",
diff --git a/internal/service/cloudformation/schemas/AWS_Cognito_IdentityPool.json b/internal/service/cloudformation/schemas/AWS_Cognito_IdentityPool.json
index fc3bed1c1..bc2a27461 100644
--- a/internal/service/cloudformation/schemas/AWS_Cognito_IdentityPool.json
+++ b/internal/service/cloudformation/schemas/AWS_Cognito_IdentityPool.json
@@ -4,12 +4,40 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
"additionalProperties": false,
"tagging": {
- "taggable": false,
- "tagOnCreate": false,
- "tagUpdatable": false,
- "cloudFormationSystemTags": false
+ "taggable": true,
+ "tagOnCreate": true,
+ "tagUpdatable": true,
+ "cloudFormationSystemTags": false,
+ "tagProperty": "/properties/IdentityPoolTags",
+ "permissions": [
+ "cognito-identity:TagResource",
+ "cognito-identity:UntagResource"
+ ]
},
"definitions": {
+ "Tag": {
+ "description": "A key-value pair to associate with a resource.",
+ "type": "object",
+ "properties": {
+ "Key": {
+ "type": "string",
+ "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ "minLength": 1,
+ "maxLength": 128
+ },
+ "Value": {
+ "type": "string",
+ "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ "minLength": 0,
+ "maxLength": 256
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ],
+ "additionalProperties": false
+ },
"PushSync": {
"type": "object",
"additionalProperties": false,
@@ -116,6 +144,15 @@
},
"AllowClassicFlow": {
"type": "boolean"
+ },
+ "IdentityPoolTags": {
+ "description": "An array of key-value pairs to apply to this resource.",
+ "type": "array",
+ "uniqueItems": true,
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ }
}
},
"required": [
@@ -139,6 +176,7 @@
"cognito-identity:CreateIdentityPool",
"cognito-sync:SetIdentityPoolConfiguration",
"cognito-sync:SetCognitoEvents",
+ "cognito-identity:TagResource",
"iam:PassRole"
]
},
@@ -153,6 +191,8 @@
"cognito-identity:DescribeIdentityPool",
"cognito-sync:SetIdentityPoolConfiguration",
"cognito-sync:SetCognitoEvents",
+ "cognito-identity:TagResource",
+ "cognito-identity:UntagResource",
"iam:PassRole"
]
},
diff --git a/internal/service/cloudformation/schemas/AWS_Cognito_LogDeliveryConfiguration.json b/internal/service/cloudformation/schemas/AWS_Cognito_LogDeliveryConfiguration.json
index 7f448ec9d..1b2cc6c79 100644
--- a/internal/service/cloudformation/schemas/AWS_Cognito_LogDeliveryConfiguration.json
+++ b/internal/service/cloudformation/schemas/AWS_Cognito_LogDeliveryConfiguration.json
@@ -12,6 +12,24 @@
},
"additionalProperties": false
},
+ "S3Configuration": {
+ "type": "object",
+ "properties": {
+ "BucketArn": {
+ "type": "string"
+ }
+ },
+ "additionalProperties": false
+ },
+ "FirehoseConfiguration": {
+ "type": "object",
+ "properties": {
+ "StreamArn": {
+ "type": "string"
+ }
+ },
+ "additionalProperties": false
+ },
"LogConfiguration": {
"type": "object",
"properties": {
@@ -23,6 +41,12 @@
},
"CloudWatchLogsConfiguration": {
"$ref": "#/definitions/CloudWatchLogsConfiguration"
+ },
+ "S3Configuration": {
+ "$ref": "#/definitions/S3Configuration"
+ },
+ "FirehoseConfiguration": {
+ "$ref": "#/definitions/FirehoseConfiguration"
}
},
"additionalProperties": false
@@ -76,7 +100,14 @@
"logs:ListLogDeliveries",
"logs:PutResourcePolicy",
"logs:DescribeResourcePolicies",
- "logs:DescribeLogGroups"
+ "logs:DescribeLogGroups",
+ "s3:GetBucketPolicy",
+ "s3:PutBucketPolicy",
+ "s3:ListBucket",
+ "s3:PutObject",
+ "s3:GetBucketAcl",
+ "firehose:TagDeliveryStream",
+ "iam:CreateServiceLinkedRole"
],
"timeoutInMinutes": 2
},
@@ -96,7 +127,14 @@
"logs:ListLogDeliveries",
"logs:PutResourcePolicy",
"logs:DescribeResourcePolicies",
- "logs:DescribeLogGroups"
+ "logs:DescribeLogGroups",
+ "s3:GetBucketPolicy",
+ "s3:PutBucketPolicy",
+ "s3:ListBucket",
+ "s3:PutObject",
+ "s3:GetBucketAcl",
+ "firehose:TagDeliveryStream",
+ "iam:CreateServiceLinkedRole"
],
"timeoutInMinutes": 2
},
@@ -111,7 +149,14 @@
"logs:ListLogDeliveries",
"logs:PutResourcePolicy",
"logs:DescribeResourcePolicies",
- "logs:DescribeLogGroups"
+ "logs:DescribeLogGroups",
+ "s3:GetBucketPolicy",
+ "s3:PutBucketPolicy",
+ "s3:ListBucket",
+ "s3:PutObject",
+ "s3:GetBucketAcl",
+ "firehose:TagDeliveryStream",
+ "iam:CreateServiceLinkedRole"
],
"timeoutInMinutes": 2
}
diff --git a/internal/service/cloudformation/schemas/AWS_Cognito_UserPool.json b/internal/service/cloudformation/schemas/AWS_Cognito_UserPool.json
index d5c9c8539..a5b344926 100644
--- a/internal/service/cloudformation/schemas/AWS_Cognito_UserPool.json
+++ b/internal/service/cloudformation/schemas/AWS_Cognito_UserPool.json
@@ -1,13 +1,18 @@
{
"typeName": "AWS::Cognito::UserPool",
- "description": "Resource Type definition for AWS::Cognito::UserPool",
+ "description": "Definition of AWS::Cognito::UserPool Resource Type",
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
"tagging": {
"taggable": true,
"tagOnCreate": true,
"tagUpdatable": true,
"cloudFormationSystemTags": false,
- "tagProperty": "/properties/UserPoolTags"
+ "tagProperty": "/properties/UserPoolTags",
+ "permissions": [
+ "cognito-idp:ListTagsForResource",
+ "cognito-idp:UntagResource",
+ "cognito-idp:TagResource"
+ ]
},
"definitions": {
"PasswordPolicy": {
@@ -30,6 +35,9 @@
},
"TemporaryPasswordValidityDays": {
"type": "integer"
+ },
+ "PasswordHistorySize": {
+ "type": "integer"
}
},
"additionalProperties": false
@@ -328,11 +336,23 @@
},
"additionalProperties": false
},
+ "AdvancedSecurityAdditionalFlows": {
+ "type": "object",
+ "properties": {
+ "CustomAuthMode": {
+ "type": "string"
+ }
+ },
+ "additionalProperties": false
+ },
"UserPoolAddOns": {
"type": "object",
"properties": {
"AdvancedSecurityMode": {
"type": "string"
+ },
+ "AdvancedSecurityAdditionalFlows": {
+ "$ref": "#/definitions/AdvancedSecurityAdditionalFlows"
}
},
"additionalProperties": false
@@ -485,7 +505,8 @@
},
"read": {
"permissions": [
- "cognito-idp:DescribeUserPool"
+ "cognito-idp:DescribeUserPool",
+ "cognito-idp:GetUserPoolMfaConfig"
]
},
"update": {
@@ -497,6 +518,7 @@
"cognito-idp:SetUserPoolMfaConfig",
"cognito-idp:AddCustomAttributes",
"cognito-idp:DescribeUserPool",
+ "cognito-idp:GetUserPoolMfaConfig",
"iam:PassRole"
],
"timeoutInMinutes": 2
diff --git a/internal/service/cloudformation/schemas/AWS_EC2_LaunchTemplate.json b/internal/service/cloudformation/schemas/AWS_EC2_LaunchTemplate.json
index 9fc718742..289031d01 100644
--- a/internal/service/cloudformation/schemas/AWS_EC2_LaunchTemplate.json
+++ b/internal/service/cloudformation/schemas/AWS_EC2_LaunchTemplate.json
@@ -137,7 +137,7 @@
"$ref": "#/definitions/EnclaveOptions"
},
"ImageId": {
- "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.\n Valid formats:\n + ``ami-17characters00000`` \n + ``resolve:ssm:parameter-name`` \n + ``resolve:ssm:parameter-name:version-number`` \n + ``resolve:ssm:parameter-name:label`` \n \n For more information, see [Use a Systems Manager parameter to find an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) in the *Amazon Elastic Compute Cloud User Guide*.",
+ "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.\n Valid formats:\n + ``ami-0ac394d6a3example`` \n + ``resolve:ssm:parameter-name`` \n + ``resolve:ssm:parameter-name:version-number`` \n + ``resolve:ssm:parameter-name:label`` \n \n For more information, see [Use a Systems Manager parameter to find an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) in the *Amazon Elastic Compute Cloud User Guide*.",
"type": "string"
},
"InstanceType": {
diff --git a/internal/service/cloudformation/schemas/AWS_EC2_SecurityGroup.json b/internal/service/cloudformation/schemas/AWS_EC2_SecurityGroup.json
index e1c7ba4be..97b8680d1 100644
--- a/internal/service/cloudformation/schemas/AWS_EC2_SecurityGroup.json
+++ b/internal/service/cloudformation/schemas/AWS_EC2_SecurityGroup.json
@@ -1,5 +1,9 @@
{
"tagging": {
+ "permissions": [
+ "ec2:CreateTags",
+ "ec2:DeleteTags"
+ ],
"taggable": true,
"tagOnCreate": true,
"tagUpdatable": true,
@@ -69,6 +73,7 @@
},
"delete": {
"permissions": [
+ "ec2:DescribeSecurityGroups",
"ec2:DeleteSecurityGroup",
"ec2:DescribeInstances"
]
diff --git a/internal/service/cloudformation/schemas/AWS_EC2_SubnetCidrBlock.json b/internal/service/cloudformation/schemas/AWS_EC2_SubnetCidrBlock.json
index a94a13c1d..3a3d75b2a 100644
--- a/internal/service/cloudformation/schemas/AWS_EC2_SubnetCidrBlock.json
+++ b/internal/service/cloudformation/schemas/AWS_EC2_SubnetCidrBlock.json
@@ -1,41 +1,82 @@
{
- "tagging": {
- "taggable": false,
- "tagOnCreate": false,
- "tagUpdatable": false,
- "cloudFormationSystemTags": false
- },
- "$schema": "https://schema.cloudformation.us-east-1.amazonaws.com/provider.definition.schema.v1.json",
"typeName": "AWS::EC2::SubnetCidrBlock",
- "readOnlyProperties": [
- "/properties/Id"
- ],
+ "$schema": "https://schema.cloudformation.us-east-1.amazonaws.com/provider.definition.schema.v1.json",
"description": "The AWS::EC2::SubnetCidrBlock resource creates association between subnet and IPv6 CIDR",
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ec2/subnetcidrblock",
+ "additionalProperties": false,
+ "properties": {
+ "Id": {
+ "description": "Information about the IPv6 association.",
+ "type": "string"
+ },
+ "Ipv6CidrBlock": {
+ "description": "The IPv6 network range for the subnet, in CIDR notation. The subnet size must use a /64 prefix length",
+ "type": "string",
+ "maxLength": 42
+ },
+ "Ipv6IpamPoolId": {
+ "description": "The ID of an IPv6 Amazon VPC IP Address Manager (IPAM) pool from which to allocate, to get the subnet's CIDR",
+ "type": "string"
+ },
+ "Ipv6NetmaskLength": {
+ "description": "The netmask length of the IPv6 CIDR to allocate to the subnet from an IPAM pool",
+ "type": "integer",
+ "minimum": 0,
+ "maximum": 128
+ },
+ "SubnetId": {
+ "description": "The ID of the subnet",
+ "type": "string"
+ },
+ "Ipv6AddressAttribute": {
+ "type": "string",
+ "description": "The value denoting whether an IPv6 Subnet CIDR Block is public or private."
+ },
+ "IpSource": {
+ "type": "string",
+ "description": "The IP Source of an IPv6 Subnet CIDR Block."
+ }
+ },
+ "required": [
+ "SubnetId"
+ ],
"createOnlyProperties": [
"/properties/Ipv6CidrBlock",
"/properties/SubnetId",
"/properties/Ipv6IpamPoolId",
"/properties/Ipv6NetmaskLength"
],
+ "readOnlyProperties": [
+ "/properties/Id",
+ "/properties/Ipv6AddressAttribute",
+ "/properties/IpSource"
+ ],
+ "writeOnlyProperties": [
+ "/properties/Ipv6IpamPoolId",
+ "/properties/Ipv6NetmaskLength"
+ ],
"primaryIdentifier": [
"/properties/Id"
],
- "required": [
- "SubnetId"
- ],
- "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ec2/subnetcidrblock",
"propertyTransform": {
"/properties/Ipv6CidrBlock": "$join([$match($replace(Ipv6CidrBlock, /(^|:)(0{1,4})([0-9a-fA-F]{1,4})/, \"$1$3\"), /^([0-9a-fA-F]{1,4}:){4}/).match, \":/64\"])"
},
+ "tagging": {
+ "taggable": false,
+ "tagOnCreate": false,
+ "tagUpdatable": false,
+ "cloudFormationSystemTags": false
+ },
"handlers": {
- "read": {
+ "create": {
"permissions": [
+ "ec2:AssociateSubnetCidrBlock",
"ec2:DescribeSubnets"
]
},
- "create": {
+ "delete": {
"permissions": [
- "ec2:AssociateSubnetCidrBlock",
+ "ec2:DisassociateSubnetCidrBlock",
"ec2:DescribeSubnets"
]
},
@@ -44,41 +85,10 @@
"ec2:DescribeSubnets"
]
},
- "delete": {
+ "read": {
"permissions": [
- "ec2:DisassociateSubnetCidrBlock",
"ec2:DescribeSubnets"
]
}
- },
- "writeOnlyProperties": [
- "/properties/Ipv6IpamPoolId",
- "/properties/Ipv6NetmaskLength"
- ],
- "additionalProperties": false,
- "properties": {
- "Ipv6NetmaskLength": {
- "description": "The netmask length of the IPv6 CIDR to allocate to the subnet from an IPAM pool",
- "maximum": 128,
- "type": "integer",
- "minimum": 0
- },
- "Ipv6IpamPoolId": {
- "description": "The ID of an IPv6 Amazon VPC IP Address Manager (IPAM) pool from which to allocate, to get the subnet's CIDR",
- "type": "string"
- },
- "Id": {
- "description": "Information about the IPv6 association.",
- "type": "string"
- },
- "SubnetId": {
- "description": "The ID of the subnet",
- "type": "string"
- },
- "Ipv6CidrBlock": {
- "description": "The IPv6 network range for the subnet, in CIDR notation. The subnet size must use a /64 prefix length",
- "type": "string",
- "maxLength": 42
- }
}
}
diff --git a/internal/service/cloudformation/schemas/AWS_EC2_VPC.json b/internal/service/cloudformation/schemas/AWS_EC2_VPC.json
index 821c5b758..b684beac3 100644
--- a/internal/service/cloudformation/schemas/AWS_EC2_VPC.json
+++ b/internal/service/cloudformation/schemas/AWS_EC2_VPC.json
@@ -51,7 +51,7 @@
"/properties/Ipv6CidrBlocks",
"/properties/VpcId"
],
- "description": "Specifies a virtual private cloud (VPC).\n You can optionally request an IPv6 CIDR block for the VPC. You can request an Amazon-provided IPv6 CIDR block from Amazon's pool of IPv6 addresses, or an IPv6 CIDR block from an IPv6 address pool that you provisioned through bring your own IP addresses (BYOIP).\n For more information, see [Virtual private clouds (VPC)](https://docs.aws.amazon.com/vpc/latest/userguide/configure-your-vpc.html) in the *Amazon VPC User Guide*.",
+ "description": "Specifies a virtual private cloud (VPC).\n To add an IPv6 CIDR block to the VPC, see [AWS::EC2::VPCCidrBlock](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpccidrblock.html).\n For more information, see [Virtual private clouds (VPC)](https://docs.aws.amazon.com/vpc/latest/userguide/configure-your-vpc.html) in the *Amazon VPC User Guide*.",
"writeOnlyProperties": [
"/properties/Ipv4IpamPoolId",
"/properties/Ipv4NetmaskLength"
@@ -92,7 +92,7 @@
"type": "string"
},
"InstanceTenancy": {
- "description": "The allowed tenancy of instances launched into the VPC.\n + ``default``: An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.\n + ``dedicated``: An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of ``host`` during instance launch. You cannot specify a tenancy of ``default`` during instance launch.\n \n Updating ``InstanceTenancy`` requires no replacement only if you are updating its value from ``dedicated`` to ``default``. Updating ``InstanceTenancy`` from ``default`` to ``dedicated`` requires replacement.",
+ "description": "The allowed tenancy of instances launched into the VPC.\n + ``default``: An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.\n + ``dedicated``: An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of ``host`` during instance launch. You cannot specify a tenancy of ``default`` during instance launch.\n \n Updating ``InstanceTenancy`` requires no replacement only if you are updating its value from ``dedicated`` to ``default``. Updating ``InstanceTenancy`` from ``default`` to ``dedicated`` requires replacement.",
"type": "string"
},
"Ipv4NetmaskLength": {
diff --git a/internal/service/cloudformation/schemas/AWS_EC2_VPCPeeringConnection.json b/internal/service/cloudformation/schemas/AWS_EC2_VPCPeeringConnection.json
index d5055da4b..34ffa2331 100644
--- a/internal/service/cloudformation/schemas/AWS_EC2_VPCPeeringConnection.json
+++ b/internal/service/cloudformation/schemas/AWS_EC2_VPCPeeringConnection.json
@@ -1,66 +1,16 @@
{
- "typeName": "AWS::EC2::VPCPeeringConnection",
- "description": "Resource Type definition for AWS::EC2::VPCPeeringConnection",
- "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-ec2-vpcpeering.git",
- "additionalProperties": false,
- "properties": {
- "Id": {
- "type": "string"
- },
- "PeerOwnerId": {
- "description": "The AWS account ID of the owner of the accepter VPC.",
- "type": "string"
- },
- "PeerRegion": {
- "description": "The Region code for the accepter VPC, if the accepter VPC is located in a Region other than the Region in which you make the request.",
- "type": "string"
- },
- "PeerRoleArn": {
- "description": "The Amazon Resource Name (ARN) of the VPC peer role for the peering connection in another AWS account.",
- "type": "string"
- },
- "PeerVpcId": {
- "description": "The ID of the VPC with which you are creating the VPC peering connection. You must specify this parameter in the request.",
- "type": "string"
- },
- "VpcId": {
- "description": "The ID of the VPC.",
- "type": "string"
- },
- "Tags": {
- "type": "array",
- "uniqueItems": false,
- "insertionOrder": false,
- "items": {
- "$ref": "#/definitions/Tag"
- }
- }
- },
- "definitions": {
- "Tag": {
- "description": "A key-value pair to associate with a resource.",
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "Key": {
- "type": "string",
- "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -."
- },
- "Value": {
- "type": "string",
- "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -."
- }
- },
- "required": [
- "Key",
- "Value"
- ]
- }
+ "tagging": {
+ "taggable": true,
+ "tagOnCreate": true,
+ "tagUpdatable": true,
+ "tagProperty": "/properties/Tags",
+ "cloudFormationSystemTags": true
},
- "required": [
- "VpcId",
- "PeerVpcId"
+ "typeName": "AWS::EC2::VPCPeeringConnection",
+ "readOnlyProperties": [
+ "/properties/Id"
],
+ "description": "Resource Type definition for AWS::EC2::VPCPeeringConnection",
"createOnlyProperties": [
"/properties/PeerRegion",
"/properties/PeerOwnerId",
@@ -68,23 +18,20 @@
"/properties/PeerRoleArn",
"/properties/VpcId"
],
- "readOnlyProperties": [
- "/properties/Id"
- ],
- "writeOnlyProperties": [
- "/properties/PeerRoleArn"
- ],
"primaryIdentifier": [
"/properties/Id"
],
- "tagging": {
- "taggable": true,
- "tagOnCreate": true,
- "tagUpdatable": true,
- "cloudFormationSystemTags": true,
- "tagProperty": "/properties/Tags"
- },
+ "required": [
+ "VpcId",
+ "PeerVpcId"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-ec2-vpcpeering.git",
"handlers": {
+ "read": {
+ "permissions": [
+ "ec2:DescribeVpcPeeringConnections"
+ ]
+ },
"create": {
"permissions": [
"ec2:CreateVpcPeeringConnection",
@@ -94,11 +41,6 @@
"sts:AssumeRole"
]
},
- "read": {
- "permissions": [
- "ec2:DescribeVpcPeeringConnections"
- ]
- },
"update": {
"permissions": [
"ec2:CreateTags",
@@ -106,16 +48,74 @@
"ec2:DescribeVpcPeeringConnections"
]
},
- "delete": {
+ "list": {
"permissions": [
- "ec2:DeleteVpcPeeringConnection",
"ec2:DescribeVpcPeeringConnections"
]
},
- "list": {
+ "delete": {
"permissions": [
+ "ec2:DeleteVpcPeeringConnection",
"ec2:DescribeVpcPeeringConnections"
]
}
+ },
+ "writeOnlyProperties": [
+ "/properties/PeerRoleArn"
+ ],
+ "additionalProperties": false,
+ "definitions": {
+ "Tag": {
+ "description": "A key-value pair to associate with a resource.",
+ "additionalProperties": false,
+ "type": "object",
+ "properties": {
+ "Value": {
+ "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ "type": "string"
+ },
+ "Key": {
+ "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ]
+ }
+ },
+ "properties": {
+ "PeerRoleArn": {
+ "description": "The Amazon Resource Name (ARN) of the VPC peer role for the peering connection in another AWS account.",
+ "type": "string"
+ },
+ "VpcId": {
+ "description": "The ID of the VPC.",
+ "type": "string"
+ },
+ "PeerVpcId": {
+ "description": "The ID of the VPC with which you are creating the VPC peering connection. You must specify this parameter in the request.",
+ "type": "string"
+ },
+ "Id": {
+ "type": "string"
+ },
+ "PeerRegion": {
+ "description": "The Region code for the accepter VPC, if the accepter VPC is located in a Region other than the Region in which you make the request.",
+ "type": "string"
+ },
+ "PeerOwnerId": {
+ "description": "The AWS account ID of the owner of the accepter VPC.",
+ "type": "string"
+ },
+ "Tags": {
+ "uniqueItems": false,
+ "insertionOrder": false,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/Tag"
+ }
+ }
}
}
diff --git a/internal/service/cloudformation/schemas/AWS_Lambda_EventSourceMapping.json b/internal/service/cloudformation/schemas/AWS_Lambda_EventSourceMapping.json
index 6399a2ded..4c3d6e547 100644
--- a/internal/service/cloudformation/schemas/AWS_Lambda_EventSourceMapping.json
+++ b/internal/service/cloudformation/schemas/AWS_Lambda_EventSourceMapping.json
@@ -1,97 +1,233 @@
{
- "tagging": {
- "taggable": false,
- "tagOnCreate": false,
- "tagUpdatable": false,
- "cloudFormationSystemTags": false
- },
- "propertyTransform": {
- "/properties/StartingPositionTimestamp": "StartingPositionTimestamp * 1000"
- },
- "handlers": {
- "read": {
- "permissions": [
- "lambda:GetEventSourceMapping"
- ]
+ "typeName": "AWS::Lambda::EventSourceMapping",
+ "description": "The ``AWS::Lambda::EventSourceMapping`` resource creates a mapping between an event source and an LAMlong function. LAM reads items from the event source and triggers the function.\n For details about each event source type, see the following topics. In particular, each of the topics describes the required and optional parameters for the specific event source. \n + [Configuring a Dynamo DB stream as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html#services-dynamodb-eventsourcemapping) \n + [Configuring a Kinesis stream as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html#services-kinesis-eventsourcemapping) \n + [Configuring an SQS queue as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-eventsource) \n + [Configuring an MQ broker as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-mq.html#services-mq-eventsourcemapping) \n + [Configuring MSK as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html) \n + [Configuring Self-Managed Apache Kafka as an event source](https://docs.aws.amazon.com/lambda/latest/dg/kafka-smaa.html) \n + [Configuring Amazon DocumentDB as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-documentdb.html)",
+ "additionalProperties": false,
+ "properties": {
+ "Id": {
+ "description": "",
+ "type": "string",
+ "pattern": "[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}",
+ "minLength": 36,
+ "maxLength": 36
},
- "create": {
- "permissions": [
- "lambda:CreateEventSourceMapping",
- "lambda:GetEventSourceMapping"
- ]
+ "BatchSize": {
+ "description": "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n + *Amazon Kinesis* ? Default 100. Max 10,000.\n + *Amazon DynamoDB Streams* ? Default 100. Max 10,000.\n + *Amazon Simple Queue Service* ? Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n + *Amazon Managed Streaming for Apache Kafka* ? Default 100. Max 10,000.\n + *Self-managed Apache Kafka* ? Default 100. Max 10,000.\n + *Amazon MQ (ActiveMQ and RabbitMQ)* ? Default 100. Max 10,000.\n + *DocumentDB* ? Default 100. Max 10,000.",
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 10000
},
- "update": {
- "permissions": [
- "lambda:UpdateEventSourceMapping",
- "lambda:GetEventSourceMapping"
- ]
+ "BisectBatchOnFunctionError": {
+ "description": "(Kinesis and DynamoDB Streams only) If the function returns an error, split the batch in two and retry. The default value is false.",
+ "type": "boolean"
},
- "list": {
- "permissions": [
- "lambda:ListEventSourceMappings"
- ]
+ "DestinationConfig": {
+ "description": "(Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka event sources only) A configuration object that specifies the destination of an event after Lambda processes it.",
+ "$ref": "#/definitions/DestinationConfig"
},
- "delete": {
- "permissions": [
- "lambda:DeleteEventSourceMapping",
- "lambda:GetEventSourceMapping"
- ]
+ "Enabled": {
+ "description": "When true, the event source mapping is active. When false, Lambda pauses polling and invocation.\n Default: True",
+ "type": "boolean"
+ },
+ "EventSourceArn": {
+ "description": "The Amazon Resource Name (ARN) of the event source.\n + *Amazon Kinesis* ? The ARN of the data stream or a stream consumer.\n + *Amazon DynamoDB Streams* ? The ARN of the stream.\n + *Amazon Simple Queue Service* ? The ARN of the queue.\n + *Amazon Managed Streaming for Apache Kafka* ? The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc)).\n + *Amazon MQ* ? The ARN of the broker.\n + *Amazon DocumentDB* ? The ARN of the DocumentDB change stream.",
+ "type": "string",
+ "pattern": "arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-])+:([a-z]{2}(-gov)?(-iso([a-z])?)?-[a-z]+-\\d{1})?:(\\d{12})?:(.*)",
+ "minLength": 12,
+ "maxLength": 1024
+ },
+ "FilterCriteria": {
+ "description": "An object that defines the filter criteria that determine whether Lambda should process an event. For more information, see [Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html).",
+ "$ref": "#/definitions/FilterCriteria"
+ },
+ "KmsKeyArn": {
+ "description": "",
+ "type": "string",
+ "pattern": "(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()",
+ "minLength": 12,
+ "maxLength": 2048
+ },
+ "FunctionName": {
+ "description": "The name or ARN of the Lambda function.\n **Name formats**\n + *Function name* ? ``MyFunction``.\n + *Function ARN* ? ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction``.\n + *Version or Alias ARN* ? ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD``.\n + *Partial ARN* ? ``123456789012:function:MyFunction``.\n \n The length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.",
+ "type": "string",
+ "pattern": "(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?(-iso([a-z])?)?-[a-z]+-\\d{1}:)?(\\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\\$LATEST|[a-zA-Z0-9-_]+))?",
+ "minLength": 1,
+ "maxLength": 140
+ },
+ "MaximumBatchingWindowInSeconds": {
+ "description": "The maximum amount of time, in seconds, that Lambda spends gathering records before invoking the function.\n *Default (, , event sources)*: 0\n *Default (, Kafka, , event sources)*: 500 ms\n *Related setting:* For SQS event sources, when you set ``BatchSize`` to a value greater than 10, you must set ``MaximumBatchingWindowInSeconds`` to at least 1.",
+ "type": "integer",
+ "minimum": 0,
+ "maximum": 300
+ },
+ "MaximumRecordAgeInSeconds": {
+ "description": "(Kinesis and DynamoDB Streams only) Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, Lambda never discards old records.\n The minimum valid value for maximum record age is 60s. Although values less than 60 and greater than -1 fall within the parameter's absolute range, they are not allowed",
+ "type": "integer",
+ "minimum": -1,
+ "maximum": 604800
+ },
+ "MaximumRetryAttempts": {
+ "description": "(Kinesis and DynamoDB Streams only) Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, Lambda retries failed records until the record expires in the event source.",
+ "type": "integer",
+ "minimum": -1,
+ "maximum": 10000
+ },
+ "ParallelizationFactor": {
+ "description": "(Kinesis and DynamoDB Streams only) The number of batches to process concurrently from each shard. The default value is 1.",
+ "type": "integer",
+ "minimum": 1,
+ "maximum": 10
+ },
+ "StartingPosition": {
+ "description": "The position in a stream from which to start reading. Required for Amazon Kinesis and Amazon DynamoDB.\n + *LATEST* - Read only new records.\n + *TRIM_HORIZON* - Process all available records.\n + *AT_TIMESTAMP* - Specify a time from which to start reading records.",
+ "type": "string",
+ "pattern": "(LATEST|TRIM_HORIZON|AT_TIMESTAMP)+",
+ "minLength": 6,
+ "maxLength": 12
+ },
+ "StartingPositionTimestamp": {
+ "description": "With ``StartingPosition`` set to ``AT_TIMESTAMP``, the time from which to start reading, in Unix time seconds. ``StartingPositionTimestamp`` cannot be in the future.",
+ "type": "number"
+ },
+ "Topics": {
+ "description": "The name of the Kafka topic.",
+ "type": "array",
+ "uniqueItems": true,
+ "items": {
+ "type": "string",
+ "pattern": "^[^.]([a-zA-Z0-9\\-_.]+)",
+ "minLength": 1,
+ "maxLength": 249
+ },
+ "minItems": 1,
+ "maxItems": 1
+ },
+ "Queues": {
+ "description": "(Amazon MQ) The name of the Amazon MQ broker destination queue to consume.",
+ "type": "array",
+ "uniqueItems": true,
+ "items": {
+ "type": "string",
+ "pattern": "[\\s\\S]*",
+ "minLength": 1,
+ "maxLength": 1000
+ },
+ "minItems": 1,
+ "maxItems": 1
+ },
+ "SourceAccessConfigurations": {
+ "description": "An array of the authentication protocol, VPC components, or virtual host to secure and define your event source.",
+ "type": "array",
+ "uniqueItems": true,
+ "items": {
+ "$ref": "#/definitions/SourceAccessConfiguration"
+ },
+ "minItems": 1,
+ "maxItems": 22
+ },
+ "TumblingWindowInSeconds": {
+ "description": "(Kinesis and DynamoDB Streams only) The duration in seconds of a processing window for DynamoDB and Kinesis Streams event sources. A value of 0 seconds indicates no tumbling window.",
+ "type": "integer",
+ "minimum": 0,
+ "maximum": 900
+ },
+ "FunctionResponseTypes": {
+ "description": "(Streams and SQS) A list of current response type enums applied to the event source mapping.\n Valid Values: ``ReportBatchItemFailures``",
+ "type": "array",
+ "uniqueItems": true,
+ "items": {
+ "type": "string",
+ "enum": [
+ "ReportBatchItemFailures"
+ ]
+ },
+ "minLength": 0,
+ "maxLength": 1
+ },
+ "SelfManagedEventSource": {
+ "description": "The self-managed Apache Kafka cluster for your event source.",
+ "$ref": "#/definitions/SelfManagedEventSource"
+ },
+ "AmazonManagedKafkaEventSourceConfig": {
+ "description": "Specific configuration settings for an Amazon Managed Streaming for Apache Kafka (Amazon MSK) event source.",
+ "$ref": "#/definitions/AmazonManagedKafkaEventSourceConfig"
+ },
+ "SelfManagedKafkaEventSourceConfig": {
+ "description": "Specific configuration settings for a self-managed Apache Kafka event source.",
+ "$ref": "#/definitions/SelfManagedKafkaEventSourceConfig"
+ },
+ "ScalingConfig": {
+ "description": "(Amazon SQS only) The scaling configuration for the event source. For more information, see [Configuring maximum concurrency for Amazon SQS event sources](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-max-concurrency).",
+ "$ref": "#/definitions/ScalingConfig"
+ },
+ "DocumentDBEventSourceConfig": {
+ "description": "Specific configuration settings for a DocumentDB event source.",
+ "$ref": "#/definitions/DocumentDBEventSourceConfig"
}
},
- "typeName": "AWS::Lambda::EventSourceMapping",
- "readOnlyProperties": [
- "/properties/Id"
- ],
- "description": "The ``AWS::Lambda::EventSourceMapping`` resource creates a mapping between an event source and an LAMlong function. LAM reads items from the event source and triggers the function.\n For details about each event source type, see the following topics. In particular, each of the topics describes the required and optional parameters for the specific event source. \n + [Configuring a Dynamo DB stream as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html#services-dynamodb-eventsourcemapping) \n + [Configuring a Kinesis stream as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html#services-kinesis-eventsourcemapping) \n + [Configuring an SQS queue as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-eventsource) \n + [Configuring an MQ broker as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-mq.html#services-mq-eventsourcemapping) \n + [Configuring MSK as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html) \n + [Configuring Self-Managed Apache Kafka as an event source](https://docs.aws.amazon.com/lambda/latest/dg/kafka-smaa.html) \n + [Configuring Amazon DocumentDB as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-documentdb.html)",
- "createOnlyProperties": [
- "/properties/EventSourceArn",
- "/properties/StartingPosition",
- "/properties/StartingPositionTimestamp",
- "/properties/SelfManagedEventSource",
- "/properties/AmazonManagedKafkaEventSourceConfig",
- "/properties/SelfManagedKafkaEventSourceConfig"
- ],
- "additionalProperties": false,
- "primaryIdentifier": [
- "/properties/Id"
- ],
"definitions": {
- "ScalingConfig": {
- "description": "(Amazon SQS only) The scaling configuration for the event source. To remove the configuration, pass an empty value.",
- "additionalProperties": false,
+ "DestinationConfig": {
"type": "object",
+ "additionalProperties": false,
+ "description": "A configuration object that specifies the destination of an event after Lambda processes it.",
"properties": {
- "MaximumConcurrency": {
- "description": "Limits the number of concurrent instances that the SQS event source can invoke.",
- "$ref": "#/definitions/MaximumConcurrency"
+ "OnFailure": {
+ "description": "The destination configuration for failed invocations.",
+ "$ref": "#/definitions/OnFailure"
}
}
},
- "SelfManagedEventSource": {
- "description": "The self-managed Apache Kafka cluster for your event source.",
+ "FilterCriteria": {
+ "type": "object",
+ "description": "An object that contains the filters for an event source.",
"additionalProperties": false,
+ "properties": {
+ "Filters": {
+ "description": "A list of filters.",
+ "type": "array",
+ "uniqueItems": true,
+ "items": {
+ "$ref": "#/definitions/Filter"
+ },
+ "minItems": 1,
+ "maxItems": 20
+ }
+ }
+ },
+ "Filter": {
"type": "object",
+ "description": "A structure within a ``FilterCriteria`` object that defines an event filtering pattern.",
+ "additionalProperties": false,
"properties": {
- "Endpoints": {
- "description": "The list of bootstrap servers for your Kafka brokers in the following format: ``\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]``.",
- "$ref": "#/definitions/Endpoints"
+ "Pattern": {
+ "type": "string",
+ "description": "A filter pattern. For more information on the syntax of a filter pattern, see [Filter rule syntax](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html#filtering-syntax).",
+ "pattern": ".*",
+ "minLength": 0,
+ "maxLength": 4096
}
}
},
- "MaximumConcurrency": {
- "description": "The maximum number of concurrent functions that an event source can invoke.",
- "maximum": 1000,
- "type": "integer",
- "minimum": 2
+ "OnFailure": {
+ "type": "object",
+ "description": "A destination for events that failed processing.",
+ "additionalProperties": false,
+ "properties": {
+ "Destination": {
+ "description": "The Amazon Resource Name (ARN) of the destination resource.\n To retain records of [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations), you can configure an Amazon SNS topic, Amazon SQS queue, Lambda function, or Amazon EventBridge event bus as the destination.\n To retain records of failed invocations from [Kinesis and DynamoDB event sources](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventsourcemapping.html#event-source-mapping-destinations), you can configure an Amazon SNS topic or Amazon SQS queue as the destination.\n To retain records of failed invocations from [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination), you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.",
+ "type": "string",
+ "pattern": "arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-])+:([a-z]{2}(-gov)?(-iso([a-z])?)?-[a-z]+-\\d{1})?:(\\d{12})?:(.*)",
+ "minLength": 12,
+ "maxLength": 1024
+ }
+ }
},
"SourceAccessConfiguration": {
- "description": "An array of the authentication protocol, VPC components, or virtual host to secure and define your event source.",
- "additionalProperties": false,
"type": "object",
+ "additionalProperties": false,
+ "description": "An array of the authentication protocol, VPC components, or virtual host to secure and define your event source.",
"properties": {
"Type": {
- "description": "The type of authentication protocol, VPC components, or virtual host for your event source. For example: ``\"Type\":\"SASL_SCRAM_512_AUTH\"``.\n + ``BASIC_AUTH`` \u2013 (Amazon MQ) The ASMlong secret that stores your broker credentials.\n + ``BASIC_AUTH`` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.\n + ``VPC_SUBNET`` \u2013 (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.\n + ``VPC_SECURITY_GROUP`` \u2013 (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_256_AUTH`` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_512_AUTH`` \u2013 (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.\n + ``VIRTUAL_HOST`` \u2013- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.\n + ``CLIENT_CERTIFICATE_TLS_AUTH`` \u2013 (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.\n + ``SERVER_ROOT_CA_CERTIFICATE`` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.",
- "type": "string",
+ "description": "The type of authentication protocol, VPC components, or virtual host for your event source. For example: ``\"Type\":\"SASL_SCRAM_512_AUTH\"``.\n + ``BASIC_AUTH`` ? (Amazon MQ) The ASMlong secret that stores your broker credentials.\n + ``BASIC_AUTH`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.\n + ``VPC_SUBNET`` ? (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.\n + ``VPC_SECURITY_GROUP`` ? (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_256_AUTH`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_512_AUTH`` ? (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.\n + ``VIRTUAL_HOST`` ?- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.\n + ``CLIENT_CERTIFICATE_TLS_AUTH`` ? (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.\n + ``SERVER_ROOT_CA_CERTIFICATE`` ? (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.",
"enum": [
"BASIC_AUTH",
"VPC_SUBNET",
@@ -101,129 +237,72 @@
"VIRTUAL_HOST",
"CLIENT_CERTIFICATE_TLS_AUTH",
"SERVER_ROOT_CA_CERTIFICATE"
- ]
+ ],
+ "type": "string"
},
"URI": {
- "minLength": 1,
- "pattern": "[a-zA-Z0-9-\\/*:_+=.@-]*",
"description": "The value for your chosen configuration in ``Type``. For example: ``\"URI\": \"arn:aws:secretsmanager:us-east-1:01234567890:secret:MyBrokerSecretName\"``.",
"type": "string",
+ "pattern": "[a-zA-Z0-9-\\/*:_+=.@-]*",
+ "minLength": 1,
"maxLength": 200
}
}
},
- "FilterCriteria": {
- "description": "An object that contains the filters for an event source.",
- "additionalProperties": false,
+ "SelfManagedEventSource": {
"type": "object",
+ "additionalProperties": false,
+ "description": "The self-managed Apache Kafka cluster for your event source.",
"properties": {
- "Filters": {
- "minItems": 1,
- "maxItems": 20,
- "uniqueItems": true,
- "description": "A list of filters.",
- "type": "array",
- "items": {
- "$ref": "#/definitions/Filter"
- }
+ "Endpoints": {
+ "description": "The list of bootstrap servers for your Kafka brokers in the following format: ``\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]``.",
+ "$ref": "#/definitions/Endpoints"
}
}
},
- "SelfManagedKafkaEventSourceConfig": {
- "description": "Specific configuration settings for a self-managed Apache Kafka event source.",
- "additionalProperties": false,
+ "Endpoints": {
"type": "object",
- "properties": {
- "ConsumerGroupId": {
- "description": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-consumer-group-id).",
- "$ref": "#/definitions/ConsumerGroupId"
- }
- }
- },
- "DocumentDBEventSourceConfig": {
- "description": "Specific configuration settings for a DocumentDB event source.",
"additionalProperties": false,
- "type": "object",
- "properties": {
- "FullDocument": {
- "description": "Determines what DocumentDB sends to your event stream during document update operations. If set to UpdateLookup, DocumentDB sends a delta describing the changes, along with a copy of the entire document. Otherwise, DocumentDB sends only a partial document that contains the changes.",
- "type": "string",
- "enum": [
- "UpdateLookup",
- "Default"
- ]
- },
- "CollectionName": {
- "minLength": 1,
- "description": "The name of the collection to consume within the database. If you do not specify a collection, Lambda consumes all collections.",
- "type": "string",
- "maxLength": 57
- },
- "DatabaseName": {
- "minLength": 1,
- "description": "The name of the database to consume within the DocumentDB cluster.",
- "type": "string",
- "maxLength": 63
- }
- }
- },
- "Endpoints": {
"description": "The list of bootstrap servers for your Kafka brokers in the following format: ``\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]``.",
- "additionalProperties": false,
- "type": "object",
"properties": {
"KafkaBootstrapServers": {
- "minItems": 1,
- "maxItems": 10,
- "uniqueItems": true,
- "description": "The list of bootstrap servers for your Kafka brokers in the following format: ``\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]``.",
"type": "array",
+ "description": "The list of bootstrap servers for your Kafka brokers in the following format: ``\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]``.",
+ "uniqueItems": true,
"items": {
- "minLength": 1,
- "pattern": "^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9]):[0-9]{1,5}",
- "description": "The URL of a Kafka server.",
"type": "string",
+ "description": "The URL of a Kafka server.",
+ "pattern": "^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9]):[0-9]{1,5}",
+ "minLength": 1,
"maxLength": 300
- }
- }
- }
- },
- "DestinationConfig": {
- "description": "A configuration object that specifies the destination of an event after Lambda processes it.",
- "additionalProperties": false,
- "type": "object",
- "properties": {
- "OnFailure": {
- "description": "The destination configuration for failed invocations.",
- "$ref": "#/definitions/OnFailure"
+ },
+ "minItems": 1,
+ "maxItems": 10
}
}
},
"ConsumerGroupId": {
- "minLength": 1,
- "pattern": "[a-zA-Z0-9-\\/*:_+=.@-]*",
"description": "The identifier for the Kafka Consumer Group to join.",
"type": "string",
+ "pattern": "[a-zA-Z0-9-\\/*:_+=.@-]*",
+ "minLength": 1,
"maxLength": 200
},
- "Filter": {
- "description": "A structure within a ``FilterCriteria`` object that defines an event filtering pattern.",
- "additionalProperties": false,
+ "AmazonManagedKafkaEventSourceConfig": {
+ "description": "Specific configuration settings for an Amazon Managed Streaming for Apache Kafka (Amazon MSK) event source.",
"type": "object",
+ "additionalProperties": false,
"properties": {
- "Pattern": {
- "minLength": 0,
- "pattern": ".*",
- "description": "A filter pattern. For more information on the syntax of a filter pattern, see [Filter rule syntax](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html#filtering-syntax).",
- "type": "string",
- "maxLength": 4096
+ "ConsumerGroupId": {
+ "description": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-consumer-group-id).",
+ "$ref": "#/definitions/ConsumerGroupId"
}
}
},
- "AmazonManagedKafkaEventSourceConfig": {
- "description": "Specific configuration settings for an Amazon Managed Streaming for Apache Kafka (Amazon MSK) event source.",
- "additionalProperties": false,
+ "SelfManagedKafkaEventSourceConfig": {
+ "description": "Specific configuration settings for a self-managed Apache Kafka event source.",
"type": "object",
+ "additionalProperties": false,
"properties": {
"ConsumerGroupId": {
"description": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-consumer-group-id).",
@@ -231,17 +310,47 @@
}
}
},
- "OnFailure": {
- "description": "A destination for events that failed processing.",
+ "MaximumConcurrency": {
+ "description": "The maximum number of concurrent functions that an event source can invoke.",
+ "type": "integer",
+ "minimum": 2,
+ "maximum": 1000
+ },
+ "ScalingConfig": {
+ "description": "(Amazon SQS only) The scaling configuration for the event source. To remove the configuration, pass an empty value.",
+ "type": "object",
"additionalProperties": false,
+ "properties": {
+ "MaximumConcurrency": {
+ "description": "Limits the number of concurrent instances that the SQS event source can invoke.",
+ "$ref": "#/definitions/MaximumConcurrency"
+ }
+ }
+ },
+ "DocumentDBEventSourceConfig": {
+ "description": "Specific configuration settings for a DocumentDB event source.",
"type": "object",
+ "additionalProperties": false,
"properties": {
- "Destination": {
- "minLength": 12,
- "pattern": "arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-])+:([a-z]{2}(-gov)?(-iso([a-z])?)?-[a-z]+-\\d{1})?:(\\d{12})?:(.*)",
- "description": "The Amazon Resource Name (ARN) of the destination resource.\n To retain records of [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations), you can configure an Amazon SNS topic, Amazon SQS queue, Lambda function, or Amazon EventBridge event bus as the destination.\n To retain records of failed invocations from [Kinesis and DynamoDB event sources](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventsourcemapping.html#event-source-mapping-destinations), you can configure an Amazon SNS topic or Amazon SQS queue as the destination.\n To retain records of failed invocations from [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination), you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.",
+ "DatabaseName": {
+ "description": "The name of the database to consume within the DocumentDB cluster.",
"type": "string",
- "maxLength": 1024
+ "minLength": 1,
+ "maxLength": 63
+ },
+ "CollectionName": {
+ "description": "The name of the collection to consume within the database. If you do not specify a collection, Lambda consumes all collections.",
+ "type": "string",
+ "minLength": 1,
+ "maxLength": 57
+ },
+ "FullDocument": {
+ "description": "Determines what DocumentDB sends to your event stream during document update operations. If set to UpdateLookup, DocumentDB sends a delta describing the changes, along with a copy of the entire document. Otherwise, DocumentDB sends only a partial document that contains the changes.",
+ "type": "string",
+ "enum": [
+ "UpdateLookup",
+ "Default"
+ ]
}
}
}
@@ -249,159 +358,65 @@
"required": [
"FunctionName"
],
- "properties": {
- "StartingPosition": {
- "minLength": 6,
- "pattern": "(LATEST|TRIM_HORIZON|AT_TIMESTAMP)+",
- "description": "The position in a stream from which to start reading. Required for Amazon Kinesis and Amazon DynamoDB.\n + *LATEST* - Read only new records.\n + *TRIM_HORIZON* - Process all available records.\n + *AT_TIMESTAMP* - Specify a time from which to start reading records.",
- "type": "string",
- "maxLength": 12
- },
- "SelfManagedEventSource": {
- "description": "The self-managed Apache Kafka cluster for your event source.",
- "$ref": "#/definitions/SelfManagedEventSource"
- },
- "ParallelizationFactor": {
- "description": "(Kinesis and DynamoDB Streams only) The number of batches to process concurrently from each shard. The default value is 1.",
- "maximum": 10,
- "type": "integer",
- "minimum": 1
- },
- "FilterCriteria": {
- "description": "An object that defines the filter criteria that determine whether Lambda should process an event. For more information, see [Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html).",
- "$ref": "#/definitions/FilterCriteria"
- },
- "FunctionName": {
- "minLength": 1,
- "pattern": "(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?(-iso([a-z])?)?-[a-z]+-\\d{1}:)?(\\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\\$LATEST|[a-zA-Z0-9-_]+))?",
- "description": "The name or ARN of the Lambda function.\n **Name formats**\n + *Function name* \u2013 ``MyFunction``.\n + *Function ARN* \u2013 ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction``.\n + *Version or Alias ARN* \u2013 ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD``.\n + *Partial ARN* \u2013 ``123456789012:function:MyFunction``.\n \n The length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.",
- "type": "string",
- "maxLength": 140
- },
- "DestinationConfig": {
- "description": "(Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka event sources only) A configuration object that specifies the destination of an event after Lambda processes it.",
- "$ref": "#/definitions/DestinationConfig"
- },
- "AmazonManagedKafkaEventSourceConfig": {
- "description": "Specific configuration settings for an Amazon Managed Streaming for Apache Kafka (Amazon MSK) event source.",
- "$ref": "#/definitions/AmazonManagedKafkaEventSourceConfig"
- },
- "SourceAccessConfigurations": {
- "minItems": 1,
- "maxItems": 22,
- "uniqueItems": true,
- "description": "An array of the authentication protocol, VPC components, or virtual host to secure and define your event source.",
- "type": "array",
- "items": {
- "$ref": "#/definitions/SourceAccessConfiguration"
- }
- },
- "MaximumBatchingWindowInSeconds": {
- "description": "The maximum amount of time, in seconds, that Lambda spends gathering records before invoking the function.\n *Default (, , event sources)*: 0\n *Default (, Kafka, , event sources)*: 500 ms\n *Related setting:* For SQS event sources, when you set ``BatchSize`` to a value greater than 10, you must set ``MaximumBatchingWindowInSeconds`` to at least 1.",
- "maximum": 300,
- "type": "integer",
- "minimum": 0
- },
- "BatchSize": {
- "description": "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n + *Amazon Kinesis* \u2013 Default 100. Max 10,000.\n + *Amazon DynamoDB Streams* \u2013 Default 100. Max 10,000.\n + *Amazon Simple Queue Service* \u2013 Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n + *Amazon Managed Streaming for Apache Kafka* \u2013 Default 100. Max 10,000.\n + *Self-managed Apache Kafka* \u2013 Default 100. Max 10,000.\n + *Amazon MQ (ActiveMQ and RabbitMQ)* \u2013 Default 100. Max 10,000.\n + *DocumentDB* \u2013 Default 100. Max 10,000.",
- "maximum": 10000,
- "type": "integer",
- "minimum": 1
- },
- "MaximumRetryAttempts": {
- "description": "(Kinesis and DynamoDB Streams only) Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, Lambda retries failed records until the record expires in the event source.",
- "maximum": 10000,
- "type": "integer",
- "minimum": -1
- },
- "Topics": {
- "minItems": 1,
- "maxItems": 1,
- "uniqueItems": true,
- "description": "The name of the Kafka topic.",
- "type": "array",
- "items": {
- "minLength": 1,
- "pattern": "^[^.]([a-zA-Z0-9\\-_.]+)",
- "type": "string",
- "maxLength": 249
- }
- },
- "ScalingConfig": {
- "description": "(Amazon SQS only) The scaling configuration for the event source. For more information, see [Configuring maximum concurrency for Amazon SQS event sources](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-max-concurrency).",
- "$ref": "#/definitions/ScalingConfig"
- },
- "Enabled": {
- "description": "When true, the event source mapping is active. When false, Lambda pauses polling and invocation.\n Default: True",
- "type": "boolean"
- },
- "EventSourceArn": {
- "minLength": 12,
- "pattern": "arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-])+:([a-z]{2}(-gov)?(-iso([a-z])?)?-[a-z]+-\\d{1})?:(\\d{12})?:(.*)",
- "description": "The Amazon Resource Name (ARN) of the event source.\n + *Amazon Kinesis* \u2013 The ARN of the data stream or a stream consumer.\n + *Amazon DynamoDB Streams* \u2013 The ARN of the stream.\n + *Amazon Simple Queue Service* \u2013 The ARN of the queue.\n + *Amazon Managed Streaming for Apache Kafka* \u2013 The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc)).\n + *Amazon MQ* \u2013 The ARN of the broker.\n + *Amazon DocumentDB* \u2013 The ARN of the DocumentDB change stream.",
- "type": "string",
- "maxLength": 1024
- },
- "SelfManagedKafkaEventSourceConfig": {
- "description": "Specific configuration settings for a self-managed Apache Kafka event source.",
- "$ref": "#/definitions/SelfManagedKafkaEventSourceConfig"
- },
- "DocumentDBEventSourceConfig": {
- "description": "Specific configuration settings for a DocumentDB event source.",
- "$ref": "#/definitions/DocumentDBEventSourceConfig"
- },
- "TumblingWindowInSeconds": {
- "description": "(Kinesis and DynamoDB Streams only) The duration in seconds of a processing window for DynamoDB and Kinesis Streams event sources. A value of 0 seconds indicates no tumbling window.",
- "maximum": 900,
- "type": "integer",
- "minimum": 0
- },
- "BisectBatchOnFunctionError": {
- "description": "(Kinesis and DynamoDB Streams only) If the function returns an error, split the batch in two and retry. The default value is false.",
- "type": "boolean"
- },
- "MaximumRecordAgeInSeconds": {
- "description": "(Kinesis and DynamoDB Streams only) Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, Lambda never discards old records.\n The minimum valid value for maximum record age is 60s. Although values less than 60 and greater than -1 fall within the parameter's absolute range, they are not allowed",
- "maximum": 604800,
- "type": "integer",
- "minimum": -1
+ "createOnlyProperties": [
+ "/properties/EventSourceArn",
+ "/properties/StartingPosition",
+ "/properties/StartingPositionTimestamp",
+ "/properties/SelfManagedEventSource",
+ "/properties/AmazonManagedKafkaEventSourceConfig",
+ "/properties/SelfManagedKafkaEventSourceConfig"
+ ],
+ "readOnlyProperties": [
+ "/properties/Id"
+ ],
+ "primaryIdentifier": [
+ "/properties/Id"
+ ],
+ "propertyTransform": {
+ "/properties/StartingPositionTimestamp": "StartingPositionTimestamp * 1000"
+ },
+ "handlers": {
+ "create": {
+ "permissions": [
+ "lambda:CreateEventSourceMapping",
+ "lambda:GetEventSourceMapping",
+ "kms:DescribeKey",
+ "kms:GenerateDataKey",
+ "kms:Decrypt"
+ ]
},
- "StartingPositionTimestamp": {
- "description": "With ``StartingPosition`` set to ``AT_TIMESTAMP``, the time from which to start reading, in Unix time seconds. ``StartingPositionTimestamp`` cannot be in the future.",
- "type": "number"
+ "delete": {
+ "permissions": [
+ "lambda:DeleteEventSourceMapping",
+ "lambda:GetEventSourceMapping",
+ "kms:Decrypt"
+ ]
},
- "Queues": {
- "minItems": 1,
- "maxItems": 1,
- "uniqueItems": true,
- "description": "(Amazon MQ) The name of the Amazon MQ broker destination queue to consume.",
- "type": "array",
- "items": {
- "minLength": 1,
- "pattern": "[\\s\\S]*",
- "type": "string",
- "maxLength": 1000
- }
+ "list": {
+ "permissions": [
+ "lambda:ListEventSourceMappings"
+ ]
},
- "Id": {
- "minLength": 36,
- "pattern": "[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}",
- "description": "",
- "type": "string",
- "maxLength": 36
+ "read": {
+ "permissions": [
+ "lambda:GetEventSourceMapping",
+ "kms:Decrypt"
+ ]
},
- "FunctionResponseTypes": {
- "uniqueItems": true,
- "minLength": 0,
- "description": "(Streams and SQS) A list of current response type enums applied to the event source mapping.\n Valid Values: ``ReportBatchItemFailures``",
- "type": "array",
- "items": {
- "type": "string",
- "enum": [
- "ReportBatchItemFailures"
- ]
- },
- "maxLength": 1
+ "update": {
+ "permissions": [
+ "lambda:UpdateEventSourceMapping",
+ "lambda:GetEventSourceMapping",
+ "kms:DescribeKey",
+ "kms:GenerateDataKey",
+ "kms:Decrypt"
+ ]
}
+ },
+ "tagging": {
+ "taggable": false,
+ "tagOnCreate": false,
+ "tagUpdatable": false,
+ "cloudFormationSystemTags": false
}
}
diff --git a/internal/service/cloudformation/schemas/AWS_Route53_HostedZone.json b/internal/service/cloudformation/schemas/AWS_Route53_HostedZone.json
index ad4dc05f6..96190c719 100644
--- a/internal/service/cloudformation/schemas/AWS_Route53_HostedZone.json
+++ b/internal/service/cloudformation/schemas/AWS_Route53_HostedZone.json
@@ -137,6 +137,17 @@
"propertyTransform": {
"/properties/Name": "Name $OR $join([Name, \".\"])"
},
+ "tagging": {
+ "taggable": true,
+ "tagOnCreate": true,
+ "tagUpdatable": true,
+ "cloudFormationSystemTags": false,
+ "tagProperty": "/properties/HostedZoneTags",
+ "permissions": [
+ "route53:ChangeTagsForResource",
+ "route53:ListTagsForResource"
+ ]
+ },
"handlers": {
"create": {
"permissions": [
diff --git a/internal/service/cloudformation/schemas/AWS_S3_Bucket.json b/internal/service/cloudformation/schemas/AWS_S3_Bucket.json
index 105168700..cc352b247 100644
--- a/internal/service/cloudformation/schemas/AWS_S3_Bucket.json
+++ b/internal/service/cloudformation/schemas/AWS_S3_Bucket.json
@@ -1,215 +1,264 @@
{
- "typeName": "AWS::S3::Bucket",
- "description": "The ``AWS::S3::Bucket`` resource creates an Amazon S3 bucket in the same AWS Region where you create the AWS CloudFormation stack.\n To control how AWS CloudFormation handles the bucket when the stack is deleted, you can set a deletion policy for your bucket. You can choose to *retain* the bucket or to *delete* the bucket. For more information, see [DeletionPolicy Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html).\n You can only delete empty buckets. Deletion fails for buckets that have contents.",
- "additionalProperties": false,
- "properties": {
- "AccelerateConfiguration": {
- "$ref": "#/definitions/AccelerateConfiguration",
- "description": "Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see [Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the *Amazon S3 User Guide*."
- },
- "AccessControl": {
- "description": "This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see [Controlling object ownership](https://docs.aws.amazon.com//AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*.\n A canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 User Guide*.\n S3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the [AWS::S3::OwnershipControls](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-ownershipcontrols.html) property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon.\n The majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see [AWS::S3::BucketPolicy](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-policy.html). For examples of common policy configurations, including S3 Server Access Logs buckets and more, see [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) in the *Amazon S3 User Guide*.",
- "enum": [
- "AuthenticatedRead",
- "AwsExecRead",
- "BucketOwnerFullControl",
- "BucketOwnerRead",
- "LogDeliveryWrite",
- "Private",
- "PublicRead",
- "PublicReadWrite"
- ],
- "type": "string"
- },
- "AnalyticsConfigurations": {
- "description": "Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.",
- "items": {
- "$ref": "#/definitions/AnalyticsConfiguration"
- },
- "type": "array",
- "uniqueItems": true,
- "insertionOrder": true
- },
- "BucketEncryption": {
- "$ref": "#/definitions/BucketEncryption",
- "description": "Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide*."
- },
- "BucketName": {
- "description": "A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html). For more information, see [Rules for naming Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html#bucketnamingrules) in the *Amazon S3 User Guide*. \n If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.",
- "type": "string"
- },
- "CorsConfiguration": {
- "$ref": "#/definitions/CorsConfiguration",
- "description": "Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide*."
- },
- "IntelligentTieringConfigurations": {
- "description": "Defines how Amazon S3 handles Intelligent-Tiering storage.",
- "items": {
- "$ref": "#/definitions/IntelligentTieringConfiguration"
- },
- "type": "array",
- "uniqueItems": true,
- "insertionOrder": true
- },
- "InventoryConfigurations": {
- "description": "Specifies the inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference*.",
- "items": {
- "$ref": "#/definitions/InventoryConfiguration"
- },
- "type": "array",
- "uniqueItems": true,
- "insertionOrder": true
- },
- "LifecycleConfiguration": {
- "$ref": "#/definitions/LifecycleConfiguration",
- "description": "Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide*."
- },
- "LoggingConfiguration": {
- "$ref": "#/definitions/LoggingConfiguration",
- "description": "Settings that define where logs are stored."
- },
- "MetricsConfigurations": {
- "description": "Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html).",
- "items": {
- "$ref": "#/definitions/MetricsConfiguration"
- },
- "type": "array",
- "uniqueItems": true,
- "insertionOrder": true
- },
- "NotificationConfiguration": {
- "$ref": "#/definitions/NotificationConfiguration",
- "description": "Configuration that defines how Amazon S3 handles bucket notifications."
- },
- "ObjectLockConfiguration": {
- "$ref": "#/definitions/ObjectLockConfiguration",
- "description": "This operation is not supported by directory buckets.\n Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). \n + The ``DefaultRetention`` settings require both a mode and a period.\n + The ``DefaultRetention`` period can be either ``Days`` or ``Years`` but you must select one. You cannot specify ``Days`` and ``Years`` at the same time.\n + You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html)."
- },
- "ObjectLockEnabled": {
- "description": "Indicates whether this bucket has an Object Lock configuration enabled. Enable ``ObjectLockEnabled`` when you apply ``ObjectLockConfiguration`` to a bucket.",
- "type": "boolean"
- },
- "OwnershipControls": {
- "description": "Configuration that defines how Amazon S3 handles Object Ownership rules.",
- "$ref": "#/definitions/OwnershipControls"
- },
- "PublicAccessBlockConfiguration": {
- "$ref": "#/definitions/PublicAccessBlockConfiguration",
- "description": "Configuration that defines how Amazon S3 handles public access."
- },
- "ReplicationConfiguration": {
- "$ref": "#/definitions/ReplicationConfiguration",
- "description": "Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the ``VersioningConfiguration`` property.\n Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist."
- },
- "Tags": {
- "description": "An arbitrary set of tags (key-value pairs) for this S3 bucket.",
- "insertionOrder": false,
- "items": {
- "$ref": "#/definitions/Tag"
- },
- "type": "array"
- },
- "VersioningConfiguration": {
- "$ref": "#/definitions/VersioningConfiguration",
- "description": "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them."
- },
- "WebsiteConfiguration": {
- "$ref": "#/definitions/WebsiteConfiguration",
- "description": "Information used to configure the bucket as a static website. For more information, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html)."
- },
- "Arn": {
- "$ref": "#/definitions/Arn",
- "description": "",
- "examples": [
- "arn:aws:s3:::mybucket"
+ "tagging": {
+ "taggable": true,
+ "tagOnCreate": true,
+ "tagUpdatable": true,
+ "tagProperty": "/properties/Tags",
+ "cloudFormationSystemTags": true
+ },
+ "propertyTransform": {
+ "/properties/NotificationConfiguration/LambdaConfigurations/*/Filter/S3Key/Rules/*/Name": "$replace(Name, \"prefix\", \"Prefix\") $OR $replace(Name, \"suffix\", \"Suffix\")",
+ "/properties/NotificationConfiguration/QueueConfigurations/*/Filter/S3Key/Rules/*/Name": "$replace(Name, \"prefix\", \"Prefix\") $OR $replace(Name, \"suffix\", \"Suffix\")",
+ "/properties/NotificationConfiguration/TopicConfigurations/*/Filter/S3Key/Rules/*/Name": "$replace(Name, \"prefix\", \"Prefix\") $OR $replace(Name, \"suffix\", \"Suffix\")"
+ },
+ "handlers": {
+ "read": {
+ "permissions": [
+ "s3:GetAccelerateConfiguration",
+ "s3:GetLifecycleConfiguration",
+ "s3:GetBucketPublicAccessBlock",
+ "s3:GetAnalyticsConfiguration",
+ "s3:GetBucketCORS",
+ "s3:GetEncryptionConfiguration",
+ "s3:GetInventoryConfiguration",
+ "s3:GetBucketLogging",
+ "s3:GetMetricsConfiguration",
+ "s3:GetBucketNotification",
+ "s3:GetBucketVersioning",
+ "s3:GetReplicationConfiguration",
+ "S3:GetBucketWebsite",
+ "s3:GetBucketPublicAccessBlock",
+ "s3:GetBucketObjectLockConfiguration",
+ "s3:GetBucketTagging",
+ "s3:GetBucketOwnershipControls",
+ "s3:GetIntelligentTieringConfiguration",
+ "s3:ListBucket"
]
},
- "DomainName": {
- "description": "",
- "examples": [
- "mystack-mybucket-kdwwxmddtr2g.s3.amazonaws.com"
- ],
- "type": "string"
+ "create": {
+ "permissions": [
+ "s3:CreateBucket",
+ "s3:PutBucketTagging",
+ "s3:PutAnalyticsConfiguration",
+ "s3:PutEncryptionConfiguration",
+ "s3:PutBucketCORS",
+ "s3:PutInventoryConfiguration",
+ "s3:PutLifecycleConfiguration",
+ "s3:PutMetricsConfiguration",
+ "s3:PutBucketNotification",
+ "s3:PutBucketReplication",
+ "s3:PutBucketWebsite",
+ "s3:PutAccelerateConfiguration",
+ "s3:PutBucketPublicAccessBlock",
+ "s3:PutReplicationConfiguration",
+ "s3:PutObjectAcl",
+ "s3:PutBucketObjectLockConfiguration",
+ "s3:GetBucketAcl",
+ "s3:ListBucket",
+ "iam:PassRole",
+ "s3:DeleteObject",
+ "s3:PutBucketLogging",
+ "s3:PutBucketVersioning",
+ "s3:PutObjectLockConfiguration",
+ "s3:PutBucketOwnershipControls",
+ "s3:PutIntelligentTieringConfiguration"
+ ]
},
- "DualStackDomainName": {
- "description": "",
- "examples": [
- "mystack-mybucket-kdwwxmddtr2g.s3.dualstack.us-east-2.amazonaws.com"
- ],
- "type": "string"
+ "update": {
+ "permissions": [
+ "s3:PutBucketAcl",
+ "s3:PutBucketTagging",
+ "s3:PutAnalyticsConfiguration",
+ "s3:PutEncryptionConfiguration",
+ "s3:PutBucketCORS",
+ "s3:PutInventoryConfiguration",
+ "s3:PutLifecycleConfiguration",
+ "s3:PutMetricsConfiguration",
+ "s3:PutBucketNotification",
+ "s3:PutBucketReplication",
+ "s3:PutBucketWebsite",
+ "s3:PutAccelerateConfiguration",
+ "s3:PutBucketPublicAccessBlock",
+ "s3:PutReplicationConfiguration",
+ "s3:PutBucketOwnershipControls",
+ "s3:PutIntelligentTieringConfiguration",
+ "s3:DeleteBucketWebsite",
+ "s3:PutBucketLogging",
+ "s3:PutBucketVersioning",
+ "s3:PutObjectLockConfiguration",
+ "s3:PutBucketObjectLockConfiguration",
+ "s3:DeleteBucketAnalyticsConfiguration",
+ "s3:DeleteBucketCors",
+ "s3:DeleteBucketMetricsConfiguration",
+ "s3:DeleteBucketEncryption",
+ "s3:DeleteBucketLifecycle",
+ "s3:DeleteBucketReplication",
+ "iam:PassRole",
+ "s3:ListBucket"
+ ]
},
- "RegionalDomainName": {
- "description": "",
- "examples": [
- "mystack-mybucket-kdwwxmddtr2g.s3.us-east-2.amazonaws.com"
- ],
- "type": "string"
+ "list": {
+ "permissions": [
+ "s3:ListAllMyBuckets"
+ ]
},
- "WebsiteURL": {
- "description": "",
- "examples": [
- "Example (IPv4): http://mystack-mybucket-kdwwxmddtr2g.s3-website-us-east-2.amazonaws.com/",
- "Example (IPv6): http://mystack-mybucket-kdwwxmddtr2g.s3.dualstack.us-east-2.amazonaws.com/"
- ],
- "format": "uri",
- "type": "string"
+ "delete": {
+ "permissions": [
+ "s3:DeleteBucket",
+ "s3:ListBucket"
+ ]
}
},
+ "typeName": "AWS::S3::Bucket",
+ "readOnlyProperties": [
+ "/properties/Arn",
+ "/properties/DomainName",
+ "/properties/DualStackDomainName",
+ "/properties/RegionalDomainName",
+ "/properties/WebsiteURL"
+ ],
+ "description": "The ``AWS::S3::Bucket`` resource creates an Amazon S3 bucket in the same AWS Region where you create the AWS CloudFormation stack.\n To control how AWS CloudFormation handles the bucket when the stack is deleted, you can set a deletion policy for your bucket. You can choose to *retain* the bucket or to *delete* the bucket. For more information, see [DeletionPolicy Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html).\n You can only delete empty buckets. Deletion fails for buckets that have contents.",
+ "writeOnlyProperties": [
+ "/properties/AccessControl",
+ "/properties/LifecycleConfiguration/Rules/*/NoncurrentVersionExpirationInDays",
+ "/properties/LifecycleConfiguration/Rules/*/NoncurrentVersionTransition",
+ "/properties/LifecycleConfiguration/Rules/*/Transition",
+ "/properties/ReplicationConfiguration/Rules/*/Prefix",
+ "/properties/LifecycleConfiguration/Rules/*/ExpiredObjectDeleteMarker"
+ ],
+ "createOnlyProperties": [
+ "/properties/BucketName"
+ ],
+ "additionalProperties": false,
+ "primaryIdentifier": [
+ "/properties/BucketName"
+ ],
"definitions": {
- "TagFilter": {
- "description": "Specifies tags to use to identify a subset of objects for an Amazon S3 bucket.",
+ "DefaultRetention": {
+ "description": "The container element for optionally specifying the default Object Lock retention settings for new objects placed in the specified bucket.\n + The ``DefaultRetention`` settings require both a mode and a period.\n + The ``DefaultRetention`` period can be either ``Days`` or ``Years`` but you must select one. You cannot specify ``Days`` and ``Years`` at the same time.",
+ "additionalProperties": false,
+ "type": "object",
+ "properties": {
+ "Years": {
+ "description": "The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify ``Mode`` and specify either ``Days`` or ``Years``.",
+ "type": "integer"
+ },
+ "Days": {
+ "description": "The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify ``Mode`` and specify either ``Days`` or ``Years``.",
+ "type": "integer"
+ },
+ "Mode": {
+ "description": "The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify ``Mode`` and specify either ``Days`` or ``Years``.",
+ "type": "string",
+ "enum": [
+ "COMPLIANCE",
+ "GOVERNANCE"
+ ]
+ }
+ }
+ },
+ "SourceSelectionCriteria": {
+ "description": "A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.",
+ "additionalProperties": false,
+ "type": "object",
+ "properties": {
+ "ReplicaModifications": {
+ "description": "A filter that you can specify for selection for modifications on replicas.",
+ "$ref": "#/definitions/ReplicaModifications"
+ },
+ "SseKmsEncryptedObjects": {
+ "description": "A container for filter information for the selection of Amazon S3 objects encrypted with AWS KMS.",
+ "$ref": "#/definitions/SseKmsEncryptedObjects"
+ }
+ }
+ },
+ "ReplicationTimeValue": {
+ "description": "A container specifying the time value for S3 Replication Time Control (S3 RTC) and replication metrics ``EventThreshold``.",
+ "additionalProperties": false,
"type": "object",
+ "properties": {
+ "Minutes": {
+ "description": "Contains an integer specifying time in minutes. \n Valid value: 15",
+ "type": "integer"
+ }
+ },
+ "required": [
+ "Minutes"
+ ]
+ },
+ "FilterRule": {
+ "description": "Specifies the Amazon S3 object key name to filter on. An object key name is the name assigned to an object in your Amazon S3 bucket. You specify whether to filter on the suffix or prefix of the object key name. A prefix is a specific string of characters at the beginning of an object key name, which you can use to organize objects. For example, you can start the key names of related objects with a prefix, such as ``2023-`` or ``engineering/``. Then, you can use ``FilterRule`` to find objects in a bucket with key names that have the same prefix. A suffix is similar to a prefix, but it is at the end of the object key name instead of at the beginning.",
"additionalProperties": false,
+ "type": "object",
"properties": {
"Value": {
- "type": "string",
- "description": "The tag value."
+ "description": "The value that the filter searches for in object key names.",
+ "type": "string"
},
- "Key": {
+ "Name": {
+ "description": "The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see [Configuring Event Notifications](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*.",
"type": "string",
- "description": "The tag key."
+ "maxLength": 1024
}
},
"required": [
"Value",
- "Key"
+ "Name"
]
},
- "Destination": {
- "description": "Specifies information about where to publish analysis or configuration results for an Amazon S3 bucket.",
- "type": "object",
+ "ReplicationRule": {
+ "description": "Specifies which Amazon S3 objects to replicate and where to store the replicas.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "BucketArn": {
- "description": "The Amazon Resource Name (ARN) of the bucket to which data is exported.",
- "type": "string"
- },
- "BucketAccountId": {
- "description": "The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data.\n Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.",
- "type": "string"
- },
- "Format": {
- "description": "Specifies the file format used when exporting data to Amazon S3.\n *Allowed values*: ``CSV`` | ``ORC`` | ``Parquet``",
+ "Status": {
+ "description": "Specifies whether the rule is enabled.",
"type": "string",
"enum": [
- "CSV",
- "ORC",
- "Parquet"
+ "Disabled",
+ "Enabled"
]
},
+ "Destination": {
+ "description": "A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).",
+ "$ref": "#/definitions/ReplicationDestination"
+ },
+ "Filter": {
+ "description": "A filter that identifies the subset of objects to which the replication rule applies. A ``Filter`` must specify exactly one ``Prefix``, ``TagFilter``, or an ``And`` child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration.\n V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the ``Prefix`` directly as a child element of the ``Rule`` element.",
+ "$ref": "#/definitions/ReplicationRuleFilter"
+ },
+ "Priority": {
+ "description": "The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority. \n For more information, see [Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) in the *Amazon S3 User Guide*.",
+ "type": "integer"
+ },
+ "SourceSelectionCriteria": {
+ "description": "A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.",
+ "$ref": "#/definitions/SourceSelectionCriteria"
+ },
+ "Id": {
+ "description": "A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as \"ID\".",
+ "type": "string",
+ "maxLength": 255
+ },
"Prefix": {
- "description": "The prefix to use when exporting data. The prefix is prepended to all results.",
- "type": "string"
+ "description": "An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the ``Prefix`` directly as a child element of the ``Rule`` element.\n Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints).",
+ "type": "string",
+ "maxLength": 1024
+ },
+ "DeleteMarkerReplication": {
+ "description": "Specifies whether Amazon S3 replicates delete markers. If you specify a ``Filter`` in your replication configuration, you must also include a ``DeleteMarkerReplication`` element. If your ``Filter`` includes a ``Tag`` element, the ``DeleteMarkerReplication`` ``Status`` must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config). \n For more information about delete marker replication, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html). \n If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations).",
+ "$ref": "#/definitions/DeleteMarkerReplication"
}
},
"required": [
- "BucketArn",
- "Format"
+ "Destination",
+ "Status"
]
},
"AccelerateConfiguration": {
- "type": "object",
+ "description": "Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see [Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the *Amazon S3 User Guide*.",
"additionalProperties": false,
+ "type": "object",
"properties": {
"AccelerationStatus": {
"description": "Specifies the transfer acceleration status of the bucket.",
@@ -222,799 +271,637 @@
},
"required": [
"AccelerationStatus"
+ ]
+ },
+ "TargetObjectKeyFormat": {
+ "oneOf": [
+ {
+ "additionalProperties": false,
+ "properties": {
+ "SimplePrefix": {
+ "description": "This format defaults the prefix to the given log file prefix for delivering server access log file.",
+ "additionalProperties": false,
+ "type": "object"
+ }
+ },
+ "required": [
+ "SimplePrefix"
+ ]
+ },
+ {
+ "additionalProperties": false,
+ "properties": {
+ "PartitionedPrefix": {
+ "$ref": "#/definitions/PartitionedPrefix"
+ }
+ },
+ "required": [
+ "PartitionedPrefix"
+ ]
+ }
],
- "description": "Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see [Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the *Amazon S3 User Guide*."
+ "description": "Describes the key format for server access log file in the target bucket. You can choose between SimplePrefix and PartitionedPrefix.",
+ "type": "object"
},
- "AnalyticsConfiguration": {
- "description": "Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.",
- "type": "object",
+ "Metrics": {
+ "description": "A container specifying replication metrics-related settings enabling replication metrics and events.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "TagFilters": {
- "type": "array",
- "uniqueItems": true,
- "insertionOrder": true,
- "items": {
- "$ref": "#/definitions/TagFilter"
- },
- "description": "The tags to use when evaluating an analytics filter.\n The analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis."
- },
- "StorageClassAnalysis": {
- "$ref": "#/definitions/StorageClassAnalysis",
- "description": "Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes."
- },
- "Id": {
- "description": "The ID that identifies the analytics configuration.",
- "type": "string"
+ "Status": {
+ "description": "Specifies whether the replication metrics are enabled.",
+ "type": "string",
+ "enum": [
+ "Disabled",
+ "Enabled"
+ ]
},
- "Prefix": {
- "description": "The prefix that an object must have to be included in the analytics results.",
- "type": "string"
+ "EventThreshold": {
+ "description": "A container specifying the time threshold for emitting the ``s3:Replication:OperationMissedThreshold`` event.",
+ "$ref": "#/definitions/ReplicationTimeValue"
}
},
"required": [
- "StorageClassAnalysis",
- "Id"
+ "Status"
]
},
- "StorageClassAnalysis": {
- "description": "Specifies data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes for an Amazon S3 bucket.",
- "type": "object",
+ "RoutingRuleCondition": {
+ "description": "A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the ``/docs`` folder, redirect to the ``/documents`` folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.",
"additionalProperties": false,
- "properties": {
- "DataExport": {
- "$ref": "#/definitions/DataExport",
- "description": "Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported."
- }
- }
- },
- "DataExport": {
- "description": "Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported.",
"type": "object",
- "additionalProperties": false,
"properties": {
- "Destination": {
- "$ref": "#/definitions/Destination",
- "description": "The place to store the data for an analysis."
+ "KeyPrefixEquals": {
+ "description": "The object key name prefix when the redirect is applied. For example, to redirect requests for ``ExamplePage.html``, the key prefix will be ``ExamplePage.html``. To redirect request for all pages with the prefix ``docs/``, the key prefix will be ``/docs``, which identifies all objects in the docs/ folder.\n Required when the parent element ``Condition`` is specified and sibling ``HttpErrorCodeReturnedEquals`` is not specified. If both conditions are specified, both must be true for the redirect to be applied.",
+ "type": "string"
},
- "OutputSchemaVersion": {
- "description": "The version of the output schema to use when exporting data. Must be ``V_1``.",
- "type": "string",
- "const": "V_1"
+ "HttpErrorCodeReturnedEquals": {
+ "description": "The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied.\n Required when parent element ``Condition`` is specified and sibling ``KeyPrefixEquals`` is not specified. If both are specified, then both must be true for the redirect to be applied.",
+ "type": "string"
}
- },
- "required": [
- "Destination",
- "OutputSchemaVersion"
- ]
+ }
},
- "BucketEncryption": {
- "description": "Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide*.",
- "type": "object",
+ "OwnershipControls": {
+ "description": "Specifies the container element for Object Ownership rules.\n S3 Object Ownership is an Amazon S3 bucket-level setting that you can use to disable access control lists (ACLs) and take ownership of every object in your bucket, simplifying access management for data stored in Amazon S3. For more information, see [Controlling ownership of objects and disabling ACLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*.",
"additionalProperties": false,
- "properties": {
- "ServerSideEncryptionConfiguration": {
- "description": "Specifies the default server-side-encryption configuration.",
- "type": "array",
+ "type": "object",
+ "properties": {
+ "Rules": {
"uniqueItems": true,
+ "description": "Specifies the container element for Object Ownership rules.",
"insertionOrder": true,
+ "type": "array",
"items": {
- "$ref": "#/definitions/ServerSideEncryptionRule"
+ "$ref": "#/definitions/OwnershipControlsRule"
}
}
},
"required": [
- "ServerSideEncryptionConfiguration"
+ "Rules"
]
},
- "ServerSideEncryptionRule": {
- "description": "Specifies the default server-side encryption configuration.",
- "type": "object",
+ "DeleteMarkerReplication": {
+ "description": "Specifies whether Amazon S3 replicates delete markers. If you specify a ``Filter`` in your replication configuration, you must also include a ``DeleteMarkerReplication`` element. If your ``Filter`` includes a ``Tag`` element, the ``DeleteMarkerReplication`` ``Status`` must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config). \n For more information about delete marker replication, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html). \n If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations).",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "BucketKeyEnabled": {
- "description": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the ``BucketKeyEnabled`` element to ``true`` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.\n For more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) in the *Amazon S3 User Guide*.",
- "type": "boolean"
- },
- "ServerSideEncryptionByDefault": {
- "$ref": "#/definitions/ServerSideEncryptionByDefault",
- "description": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied."
+ "Status": {
+ "description": "Indicates whether to replicate delete markers. Disabled by default.",
+ "type": "string",
+ "enum": [
+ "Disabled",
+ "Enabled"
+ ]
}
}
},
- "ServerSideEncryptionByDefault": {
- "description": "Describes the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. If you don't specify a customer managed key at configuration, Amazon S3 automatically creates an AWS KMS key in your AWS account the first time that you add an object encrypted with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for SSE-KMS. For more information, see [PUT Bucket encryption](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html) in the *Amazon S3 API Reference*.",
+ "RoutingRule": {
+ "description": "Specifies the redirect behavior and when a redirect is applied. For more information about routing rules, see [Configuring advanced conditional redirects](https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html#advanced-conditional-redirects) in the *Amazon S3 User Guide*.",
+ "additionalProperties": false,
"type": "object",
"properties": {
- "KMSMasterKeyID": {
- "description": "AWS Key Management Service (KMS) customer AWS KMS key ID to use for the default encryption. This parameter is allowed if and only if ``SSEAlgorithm`` is set to ``aws:kms`` or ``aws:kms:dsse``.\n You can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key.\n + Key ID: ``1234abcd-12ab-34cd-56ef-1234567890ab`` \n + Key ARN: ``arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`` \n + Key Alias: ``alias/alias-name`` \n \n If you use a key ID, you can run into a LogDestination undeliverable error when creating a VPC flow log. \n If you are using encryption with cross-account or AWS service operations you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy).\n Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *Key Management Service Developer Guide*.",
- "type": "string",
- "anyOf": [
- {
- "relationshipRef": {
- "typeName": "AWS::KMS::Key",
- "propertyPath": "/properties/KeyId"
- }
- },
- {
- "relationshipRef": {
- "typeName": "AWS::KMS::Key",
- "propertyPath": "/properties/Arn"
- }
- },
- {
- "relationshipRef": {
- "typeName": "AWS::KMS::Alias",
- "propertyPath": "/properties/AliasName"
- }
- }
- ]
+ "RedirectRule": {
+ "description": "Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.",
+ "$ref": "#/definitions/RedirectRule"
},
- "SSEAlgorithm": {
- "type": "string",
- "enum": [
- "aws:kms",
- "AES256",
- "aws:kms:dsse"
- ],
- "description": "Server-side encryption algorithm to use for the default encryption."
+ "RoutingRuleCondition": {
+ "description": "A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the ``/docs`` folder, redirect to the ``/documents`` folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.",
+ "$ref": "#/definitions/RoutingRuleCondition"
}
},
- "additionalProperties": false,
"required": [
- "SSEAlgorithm"
+ "RedirectRule"
]
},
- "CorsConfiguration": {
- "type": "object",
+ "NotificationFilter": {
+ "description": "Specifies object key name filtering rules. For information about key name filtering, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) in the *Amazon S3 User Guide*.",
"additionalProperties": false,
- "properties": {
- "CorsRules": {
- "type": "array",
- "uniqueItems": true,
- "insertionOrder": true,
- "items": {
- "$ref": "#/definitions/CorsRule",
- "maxLength": 100
- },
- "description": "A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration."
- }
- },
- "required": [
- "CorsRules"
- ],
- "description": "Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide*."
- },
- "CorsRule": {
"type": "object",
- "description": "Specifies a cross-origin access rule for an Amazon S3 bucket.",
- "additionalProperties": false,
"properties": {
- "AllowedHeaders": {
- "description": "Headers that are specified in the ``Access-Control-Request-Headers`` header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.",
- "type": "array",
- "uniqueItems": true,
- "insertionOrder": true,
- "items": {
- "type": "string"
- }
- },
- "AllowedMethods": {
- "description": "An HTTP method that you allow the origin to run.\n *Allowed values*: ``GET`` | ``PUT`` | ``HEAD`` | ``POST`` | ``DELETE``",
- "type": "array",
- "uniqueItems": true,
- "insertionOrder": true,
- "items": {
- "type": "string",
- "enum": [
- "GET",
- "PUT",
- "HEAD",
- "POST",
- "DELETE"
- ]
- }
- },
- "AllowedOrigins": {
- "description": "One or more origins you want customers to be able to access the bucket from.",
- "type": "array",
- "uniqueItems": true,
- "insertionOrder": true,
- "items": {
- "type": "string"
- }
- },
- "ExposedHeaders": {
- "description": "One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript ``XMLHttpRequest`` object).",
- "type": "array",
- "uniqueItems": true,
- "insertionOrder": true,
- "items": {
- "type": "string"
- }
- },
- "Id": {
- "description": "A unique identifier for this rule. The value must be no more than 255 characters.",
- "type": "string",
- "maxLength": 255
- },
- "MaxAge": {
- "description": "The time in seconds that your browser is to cache the preflight response for the specified resource.",
- "type": "integer",
- "minimum": 0
+ "S3Key": {
+ "description": "A container for object key name prefix and suffix filtering rules.",
+ "$ref": "#/definitions/S3KeyFilter"
}
},
"required": [
- "AllowedMethods",
- "AllowedOrigins"
+ "S3Key"
]
},
- "IntelligentTieringConfiguration": {
- "type": "object",
+ "ReplicationConfiguration": {
+ "description": "A container for replication rules. You can add up to 1,000 rules. The maximum size of a replication configuration is 2 MB. The latest version of the replication configuration XML is V2. For more information about XML V2 replication configurations, see [Replication configuration](https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication-add-config.html) in the *Amazon S3 User Guide*.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "Id": {
- "description": "The ID used to identify the S3 Intelligent-Tiering configuration.",
- "type": "string"
- },
- "Prefix": {
- "description": "An object key name prefix that identifies the subset of objects to which the rule applies.",
+ "Role": {
+ "description": "The Amazon Resource Name (ARN) of the IAMlong (IAM) role that Amazon S3 assumes when replicating objects. For more information, see [How to Set Up Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-how-setup.html) in the *Amazon S3 User Guide*.",
"type": "string"
},
- "Status": {
- "description": "Specifies the status of the configuration.",
- "type": "string",
- "enum": [
- "Disabled",
- "Enabled"
- ]
- },
- "TagFilters": {
- "description": "A container for a key-value pair.",
- "type": "array",
+ "Rules": {
"uniqueItems": true,
+ "description": "A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.",
"insertionOrder": true,
- "items": {
- "$ref": "#/definitions/TagFilter"
- }
- },
- "Tierings": {
- "description": "Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: ``ARCHIVE_ACCESS`` and ``DEEP_ARCHIVE_ACCESS``.\n You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers.",
"type": "array",
- "uniqueItems": true,
- "insertionOrder": true,
"items": {
- "$ref": "#/definitions/Tiering"
+ "minLength": 1,
+ "$ref": "#/definitions/ReplicationRule",
+ "maxLength": 1000
}
}
},
"required": [
- "Id",
- "Status",
- "Tierings"
- ],
- "description": "Specifies the S3 Intelligent-Tiering configuration for an Amazon S3 bucket.\n For information about the S3 Intelligent-Tiering storage class, see [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access)."
+ "Role",
+ "Rules"
+ ]
},
- "Tiering": {
- "type": "object",
+ "ServerSideEncryptionRule": {
+ "description": "Specifies the default server-side encryption configuration.\n If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the requester\u2019s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "AccessTier": {
- "description": "S3 Intelligent-Tiering access tier. See [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access) for a list of access tiers in the S3 Intelligent-Tiering storage class.",
- "type": "string",
- "enum": [
- "ARCHIVE_ACCESS",
- "DEEP_ARCHIVE_ACCESS"
- ]
+ "BucketKeyEnabled": {
+ "description": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the ``BucketKeyEnabled`` element to ``true`` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.\n For more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) in the *Amazon S3 User Guide*.",
+ "type": "boolean"
},
- "Days": {
- "description": "The number of consecutive days of no access after which an object will be eligible to be transitioned to the corresponding tier. The minimum number of days specified for Archive Access tier must be at least 90 days and Deep Archive Access tier must be at least 180 days. The maximum can be up to 2 years (730 days).",
- "type": "integer"
+ "ServerSideEncryptionByDefault": {
+ "description": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.",
+ "$ref": "#/definitions/ServerSideEncryptionByDefault"
}
- },
- "required": [
- "AccessTier",
- "Days"
- ],
- "description": "The S3 Intelligent-Tiering storage class is designed to optimize storage costs by automatically moving data to the most cost-effective storage access tier, without additional operational overhead."
+ }
},
- "InventoryConfiguration": {
- "type": "object",
+ "ReplicationDestination": {
+ "description": "A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "Destination": {
- "$ref": "#/definitions/Destination",
- "description": "Contains information about where to publish the inventory results."
- },
- "Enabled": {
- "description": "Specifies whether the inventory is enabled or disabled. If set to ``True``, an inventory list is generated. If set to ``False``, no inventory list is generated.",
- "type": "boolean"
+ "AccessControlTranslation": {
+ "description": "Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object.",
+ "$ref": "#/definitions/AccessControlTranslation"
},
- "Id": {
- "description": "The ID used to identify the inventory configuration.",
+ "Account": {
+ "description": "Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS-account that owns the destination bucket by specifying the ``AccessControlTranslation`` property, this is the account ID of the destination bucket owner. For more information, see [Cross-Region Replication Additional Configuration: Change Replica Owner](https://docs.aws.amazon.com/AmazonS3/latest/dev/crr-change-owner.html) in the *Amazon S3 User Guide*.\n If you specify the ``AccessControlTranslation`` property, the ``Account`` property is required.",
"type": "string"
},
- "IncludedObjectVersions": {
- "description": "Object versions to include in the inventory list. If set to ``All``, the list includes all the object versions, which adds the version-related fields ``VersionId``, ``IsLatest``, and ``DeleteMarker`` to the list. If set to ``Current``, the list does not contain these version-related fields.",
- "type": "string",
- "enum": [
- "All",
- "Current"
- ]
- },
- "OptionalFields": {
- "description": "Contains the optional fields that are included in the inventory results.",
- "type": "array",
- "uniqueItems": true,
- "insertionOrder": true,
- "items": {
- "type": "string",
- "enum": [
- "Size",
- "LastModifiedDate",
- "StorageClass",
- "ETag",
- "IsMultipartUploaded",
- "ReplicationStatus",
- "EncryptionStatus",
- "ObjectLockRetainUntilDate",
- "ObjectLockMode",
- "ObjectLockLegalHoldStatus",
- "IntelligentTieringAccessTier",
- "BucketKeyStatus",
- "ChecksumAlgorithm",
- "ObjectAccessControlList",
- "ObjectOwner"
- ]
- }
+ "Metrics": {
+ "description": "A container specifying replication metrics-related settings enabling replication metrics and events.",
+ "$ref": "#/definitions/Metrics"
},
- "Prefix": {
- "description": "Specifies the inventory filter prefix.",
+ "Bucket": {
+ "description": "The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.",
"type": "string"
},
- "ScheduleFrequency": {
- "description": "Specifies the schedule for generating inventory results.",
+ "EncryptionConfiguration": {
+ "description": "Specifies encryption-related information.",
+ "$ref": "#/definitions/EncryptionConfiguration"
+ },
+ "StorageClass": {
+ "description": "The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica. \n For valid values, see the ``StorageClass`` element of the [PUT Bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) action in the *Amazon S3 API Reference*.",
"type": "string",
"enum": [
- "Daily",
- "Weekly"
+ "DEEP_ARCHIVE",
+ "GLACIER",
+ "GLACIER_IR",
+ "INTELLIGENT_TIERING",
+ "ONEZONE_IA",
+ "REDUCED_REDUNDANCY",
+ "STANDARD",
+ "STANDARD_IA"
]
+ },
+ "ReplicationTime": {
+ "description": "A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a ``Metrics`` block.",
+ "$ref": "#/definitions/ReplicationTime"
}
},
"required": [
- "Destination",
- "Enabled",
- "Id",
- "IncludedObjectVersions",
- "ScheduleFrequency"
- ],
- "description": "Specifies the inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference*."
+ "Bucket"
+ ]
},
- "LifecycleConfiguration": {
+ "OwnershipControlsRule": {
+ "description": "Specifies an Object Ownership rule.\n S3 Object Ownership is an Amazon S3 bucket-level setting that you can use to disable access control lists (ACLs) and take ownership of every object in your bucket, simplifying access management for data stored in Amazon S3. For more information, see [Controlling ownership of objects and disabling ACLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*.",
+ "additionalProperties": false,
"type": "object",
+ "properties": {
+ "ObjectOwnership": {
+ "description": "Specifies an object ownership rule.",
+ "type": "string",
+ "enum": [
+ "ObjectWriter",
+ "BucketOwnerPreferred",
+ "BucketOwnerEnforced"
+ ]
+ }
+ }
+ },
+ "EventBridgeConfiguration": {
+ "description": "Amazon S3 can send events to Amazon EventBridge whenever certain events happen in your bucket, see [Using EventBridge](https://docs.aws.amazon.com/AmazonS3/latest/userguide/EventBridge.html) in the *Amazon S3 User Guide*.\n Unlike other destinations, delivery of events to EventBridge can be either enabled or disabled for a bucket. If enabled, all events will be sent to EventBridge and you can use EventBridge rules to route events to additional targets. For more information, see [What Is Amazon EventBridge](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is.html) in the *Amazon EventBridge User Guide*",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "Rules": {
- "description": "A lifecycle rule for individual objects in an Amazon S3 bucket.",
- "type": "array",
- "uniqueItems": true,
- "insertionOrder": true,
- "items": {
- "$ref": "#/definitions/Rule"
- }
+ "EventBridgeEnabled": {
+ "default": "true",
+ "description": "Enables delivery of events to Amazon EventBridge.",
+ "type": "boolean"
}
},
"required": [
- "Rules"
- ],
- "description": "Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide*."
+ "EventBridgeEnabled"
+ ]
},
- "Rule": {
- "type": "object",
- "description": "Specifies lifecycle rules for an Amazon S3 bucket. For more information, see [Put Bucket Lifecycle Configuration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlifecycle.html) in the *Amazon S3 API Reference*.\n You must specify at least one of the following properties: ``AbortIncompleteMultipartUpload``, ``ExpirationDate``, ``ExpirationInDays``, ``NoncurrentVersionExpirationInDays``, ``NoncurrentVersionTransition``, ``NoncurrentVersionTransitions``, ``Transition``, or ``Transitions``.",
+ "CorsRule": {
+ "description": "Specifies a cross-origin access rule for an Amazon S3 bucket.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "AbortIncompleteMultipartUpload": {
- "$ref": "#/definitions/AbortIncompleteMultipartUpload",
- "description": "Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket."
- },
- "ExpirationDate": {
- "$ref": "#/definitions/iso8601UTC",
- "description": "Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time."
- },
- "ExpirationInDays": {
- "type": "integer",
- "description": "Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time."
- },
- "ExpiredObjectDeleteMarker": {
- "type": "boolean",
- "description": "Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with ``ExpirationInDays``, ``ExpirationDate``, or ``TagFilters``."
- },
- "Id": {
- "type": "string",
- "maxLength": 255,
- "description": "Unique identifier for the rule. The value can't be longer than 255 characters."
- },
- "NoncurrentVersionExpirationInDays": {
- "type": "integer",
- "description": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time."
- },
- "NoncurrentVersionExpiration": {
- "$ref": "#/definitions/NoncurrentVersionExpiration",
- "description": "Specifies when noncurrent object versions expire. Upon expiration, S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that S3 delete noncurrent object versions at a specific period in the object's lifetime."
- },
- "NoncurrentVersionTransition": {
- "$ref": "#/definitions/NoncurrentVersionTransition",
- "description": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the ``NoncurrentVersionTransitions`` property."
- },
- "NoncurrentVersionTransitions": {
- "type": "array",
+ "ExposedHeaders": {
"uniqueItems": true,
+ "description": "One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript ``XMLHttpRequest`` object).",
"insertionOrder": true,
+ "type": "array",
"items": {
- "$ref": "#/definitions/NoncurrentVersionTransition"
- },
- "description": "For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the ``NoncurrentVersionTransition`` property."
- },
- "Prefix": {
- "type": "string",
- "description": "Object key prefix that identifies one or more objects to which this rule applies.\n Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints)."
- },
- "Status": {
- "type": "string",
- "enum": [
- "Enabled",
- "Disabled"
- ],
- "description": "If ``Enabled``, the rule is currently being applied. If ``Disabled``, the rule is not currently being applied."
+ "type": "string"
+ }
},
- "TagFilters": {
- "type": "array",
+ "AllowedMethods": {
"uniqueItems": true,
+ "description": "An HTTP method that you allow the origin to run.\n *Allowed values*: ``GET`` | ``PUT`` | ``HEAD`` | ``POST`` | ``DELETE``",
"insertionOrder": true,
+ "type": "array",
"items": {
- "$ref": "#/definitions/TagFilter"
- },
- "description": "Tags to use to identify a subset of objects to which the lifecycle rule applies."
- },
- "ObjectSizeGreaterThan": {
- "type": "string",
- "maxLength": 20,
- "pattern": "[0-9]+",
- "description": "Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide*."
- },
- "ObjectSizeLessThan": {
- "type": "string",
- "maxLength": 20,
- "pattern": "[0-9]+",
- "description": "Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide*."
- },
- "Transition": {
- "$ref": "#/definitions/Transition",
- "description": "(Deprecated.) Specifies when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the ``Transitions`` property."
+ "type": "string",
+ "enum": [
+ "GET",
+ "PUT",
+ "HEAD",
+ "POST",
+ "DELETE"
+ ]
+ }
},
- "Transitions": {
+ "AllowedOrigins": {
+ "uniqueItems": true,
+ "description": "One or more origins you want customers to be able to access the bucket from.",
+ "insertionOrder": true,
"type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "AllowedHeaders": {
"uniqueItems": true,
+ "description": "Headers that are specified in the ``Access-Control-Request-Headers`` header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.",
"insertionOrder": true,
+ "type": "array",
"items": {
- "$ref": "#/definitions/Transition"
- },
- "description": "One or more transition rules that specify when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the ``Transition`` property."
+ "type": "string"
+ }
+ },
+ "MaxAge": {
+ "description": "The time in seconds that your browser is to cache the preflight response for the specified resource.",
+ "type": "integer",
+ "minimum": 0
+ },
+ "Id": {
+ "description": "A unique identifier for this rule. The value must be no more than 255 characters.",
+ "type": "string",
+ "maxLength": 255
}
},
"required": [
- "Status"
+ "AllowedMethods",
+ "AllowedOrigins"
]
},
- "AbortIncompleteMultipartUpload": {
- "description": "Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload. For more information, see [Stopping Incomplete Multipart Uploads Using a Bucket Lifecycle Policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) in the *Amazon S3 User Guide*.",
- "type": "object",
+ "AccessControlTranslation": {
+ "description": "Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "DaysAfterInitiation": {
- "description": "Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.",
- "type": "integer",
- "minimum": 0
+ "Owner": {
+ "const": "Destination",
+ "description": "Specifies the replica ownership. For default and valid values, see [PUT bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) in the *Amazon S3 API Reference*.",
+ "type": "string"
}
},
"required": [
- "DaysAfterInitiation"
+ "Owner"
]
},
- "iso8601UTC": {
- "description": "The date value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ssZ)",
- "type": "string",
- "pattern": "^([0-2]\\d{3})-(0[0-9]|1[0-2])-([0-2]\\d|3[01])T([01]\\d|2[0-4]):([0-5]\\d):([0-6]\\d)((\\.\\d{3})?)Z$"
- },
- "NoncurrentVersionExpiration": {
- "type": "object",
- "description": "Specifies when noncurrent object versions expire. Upon expiration, S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that S3 delete noncurrent object versions at a specific period in the object's lifetime. For more information about setting a lifecycle rule configuration, see [AWS::S3::Bucket Rule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-lifecycleconfig-rule.html).",
+ "ObjectLockRule": {
+ "description": "Specifies the Object Lock rule for the specified object. Enable the this rule when you apply ``ObjectLockConfiguration`` to a bucket.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "NoncurrentDays": {
- "description": "Specifies the number of days an object is noncurrent before S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates When an Object Became Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide*.",
- "type": "integer"
- },
- "NewerNoncurrentVersions": {
- "description": "Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide*.",
- "type": "integer"
+ "DefaultRetention": {
+ "description": "The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both ``Mode`` and a period of either ``Days`` or ``Years``. You cannot specify ``Days`` and ``Years`` at the same time. For more information about allowable values for mode and period, see [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html).",
+ "$ref": "#/definitions/DefaultRetention"
}
- },
- "required": [
- "NoncurrentDays"
- ]
+ }
},
- "NoncurrentVersionTransition": {
- "type": "object",
- "description": "Container for the transition rule that describes when noncurrent objects transition to the ``STANDARD_IA``, ``ONEZONE_IA``, ``INTELLIGENT_TIERING``, ``GLACIER_IR``, ``GLACIER``, or ``DEEP_ARCHIVE`` storage class. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 transition noncurrent object versions to the ``STANDARD_IA``, ``ONEZONE_IA``, ``INTELLIGENT_TIERING``, ``GLACIER_IR``, ``GLACIER``, or ``DEEP_ARCHIVE`` storage class at a specific period in the object's lifetime. If you specify this property, don't specify the ``NoncurrentVersionTransitions`` property.",
+ "Rule": {
+ "description": "Specifies lifecycle rules for an Amazon S3 bucket. For more information, see [Put Bucket Lifecycle Configuration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlifecycle.html) in the *Amazon S3 API Reference*.\n You must specify at least one of the following properties: ``AbortIncompleteMultipartUpload``, ``ExpirationDate``, ``ExpirationInDays``, ``NoncurrentVersionExpirationInDays``, ``NoncurrentVersionTransition``, ``NoncurrentVersionTransitions``, ``Transition``, or ``Transitions``.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "StorageClass": {
- "description": "The class of storage used to store the object.",
+ "Status": {
+ "description": "If ``Enabled``, the rule is currently being applied. If ``Disabled``, the rule is not currently being applied.",
"type": "string",
"enum": [
- "DEEP_ARCHIVE",
- "GLACIER",
- "Glacier",
- "GLACIER_IR",
- "INTELLIGENT_TIERING",
- "ONEZONE_IA",
- "STANDARD_IA"
+ "Enabled",
+ "Disabled"
]
},
- "TransitionInDays": {
- "description": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates How Long an Object Has Been Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide*.",
+ "ExpiredObjectDeleteMarker": {
+ "description": "Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with ``ExpirationInDays``, ``ExpirationDate``, or ``TagFilters``.",
+ "type": "boolean"
+ },
+ "NoncurrentVersionExpirationInDays": {
+ "description": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time.",
"type": "integer"
},
- "NewerNoncurrentVersions": {
- "description": "Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide*.",
+ "Transitions": {
+ "uniqueItems": true,
+ "description": "One or more transition rules that specify when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the ``Transition`` property.",
+ "insertionOrder": true,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/Transition"
+ }
+ },
+ "ObjectSizeGreaterThan": {
+ "pattern": "[0-9]+",
+ "description": "Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide*.",
+ "type": "string",
+ "maxLength": 20
+ },
+ "TagFilters": {
+ "uniqueItems": true,
+ "description": "Tags to use to identify a subset of objects to which the lifecycle rule applies.",
+ "insertionOrder": true,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/TagFilter"
+ }
+ },
+ "NoncurrentVersionTransitions": {
+ "uniqueItems": true,
+ "description": "For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the ``NoncurrentVersionTransition`` property.",
+ "insertionOrder": true,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/NoncurrentVersionTransition"
+ }
+ },
+ "Prefix": {
+ "description": "Object key prefix that identifies one or more objects to which this rule applies.\n Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints).",
+ "type": "string"
+ },
+ "ObjectSizeLessThan": {
+ "pattern": "[0-9]+",
+ "description": "Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide*.",
+ "type": "string",
+ "maxLength": 20
+ },
+ "NoncurrentVersionTransition": {
+ "description": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the ``NoncurrentVersionTransitions`` property.",
+ "$ref": "#/definitions/NoncurrentVersionTransition"
+ },
+ "ExpirationDate": {
+ "description": "Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.",
+ "$ref": "#/definitions/iso8601UTC"
+ },
+ "NoncurrentVersionExpiration": {
+ "description": "Specifies when noncurrent object versions expire. Upon expiration, S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that S3 delete noncurrent object versions at a specific period in the object's lifetime.",
+ "$ref": "#/definitions/NoncurrentVersionExpiration"
+ },
+ "ExpirationInDays": {
+ "description": "Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.",
"type": "integer"
+ },
+ "Transition": {
+ "description": "(Deprecated.) Specifies when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the ``Transitions`` property.",
+ "$ref": "#/definitions/Transition"
+ },
+ "Id": {
+ "description": "Unique identifier for the rule. The value can't be longer than 255 characters.",
+ "type": "string",
+ "maxLength": 255
+ },
+ "AbortIncompleteMultipartUpload": {
+ "description": "Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket.",
+ "$ref": "#/definitions/AbortIncompleteMultipartUpload"
}
},
"required": [
- "StorageClass",
- "TransitionInDays"
+ "Status"
]
},
- "Transition": {
+ "Arn": {
+ "description": "the Amazon Resource Name (ARN) of the specified bucket.",
+ "type": "string"
+ },
+ "S3KeyFilter": {
+ "description": "A container for object key name prefix and suffix filtering rules. For more information about object key name filtering, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) in the *Amazon S3 User Guide*.\n The same type of filter rule cannot be used more than once. For example, you cannot specify two prefix rules.",
+ "additionalProperties": false,
"type": "object",
"properties": {
- "StorageClass": {
- "type": "string",
- "enum": [
- "DEEP_ARCHIVE",
- "GLACIER",
- "Glacier",
- "GLACIER_IR",
- "INTELLIGENT_TIERING",
- "ONEZONE_IA",
- "STANDARD_IA"
- ],
- "description": "The storage class to which you want the object to transition."
- },
- "TransitionDate": {
- "$ref": "#/definitions/iso8601UTC",
- "description": "Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC."
- },
- "TransitionInDays": {
- "type": "integer",
- "description": "Indicates the number of days after creation when objects are transitioned to the specified storage class. The value must be a positive integer."
+ "Rules": {
+ "uniqueItems": true,
+ "description": "A list of containers for the key-value pair that defines the criteria for the filter rule.",
+ "insertionOrder": false,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/FilterRule"
+ }
}
},
- "additionalProperties": false,
- "description": "Specifies when an object transitions to a specified storage class. For more information about Amazon S3 lifecycle configuration rules, see [Transitioning Objects Using Amazon S3 Lifecycle](https://docs.aws.amazon.com/AmazonS3/latest/dev/lifecycle-transition-general-considerations.html) in the *Amazon S3 User Guide*.",
"required": [
- "StorageClass"
+ "Rules"
]
},
- "LoggingConfiguration": {
+ "iso8601UTC": {
+ "pattern": "^([0-2]\\d{3})-(0[0-9]|1[0-2])-([0-2]\\d|3[01])T([01]\\d|2[0-4]):([0-5]\\d):([0-6]\\d)((\\.\\d{3})?)Z$",
+ "description": "The date value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ssZ)",
+ "type": "string"
+ },
+ "AnalyticsConfiguration": {
+ "description": "Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.",
+ "additionalProperties": false,
"type": "object",
"properties": {
- "DestinationBucketName": {
- "type": "string",
- "description": "The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the ``LoggingConfiguration`` property is defined."
+ "StorageClassAnalysis": {
+ "description": "Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.",
+ "$ref": "#/definitions/StorageClassAnalysis"
},
- "LogFilePrefix": {
- "type": "string",
- "description": "A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket."
+ "TagFilters": {
+ "uniqueItems": true,
+ "description": "The tags to use when evaluating an analytics filter.\n The analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.",
+ "insertionOrder": true,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/TagFilter"
+ }
},
- "TargetObjectKeyFormat": {
- "$ref": "#/definitions/TargetObjectKeyFormat",
- "description": "Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed."
+ "Id": {
+ "description": "The ID that identifies the analytics configuration.",
+ "type": "string"
+ },
+ "Prefix": {
+ "description": "The prefix that an object must have to be included in the analytics results.",
+ "type": "string"
}
},
- "additionalProperties": false,
- "description": "Describes where logs are stored and the prefix that Amazon S3 assigns to all log object keys for a bucket. For examples and more information, see [PUT Bucket logging](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlogging.html) in the *Amazon S3 API Reference*.\n To successfully complete the ``AWS::S3::Bucket LoggingConfiguration`` request, you must have ``s3:PutObject`` and ``s3:PutObjectAcl`` in your IAM permissions."
+ "required": [
+ "StorageClassAnalysis",
+ "Id"
+ ]
},
- "TargetObjectKeyFormat": {
+ "Destination": {
+ "description": "Specifies information about where to publish analysis or configuration results for an Amazon S3 bucket.",
+ "additionalProperties": false,
"type": "object",
- "description": "Describes the key format for server access log file in the target bucket. You can choose between SimplePrefix and PartitionedPrefix.",
- "oneOf": [
- {
- "additionalProperties": false,
- "properties": {
- "SimplePrefix": {
- "description": "This format defaults the prefix to the given log file prefix for delivering server access log file.",
- "type": "object",
- "additionalProperties": false
- }
- },
- "required": [
- "SimplePrefix"
- ]
+ "properties": {
+ "BucketArn": {
+ "description": "The Amazon Resource Name (ARN) of the bucket to which data is exported.",
+ "type": "string"
},
- {
- "additionalProperties": false,
- "properties": {
- "PartitionedPrefix": {
- "$ref": "#/definitions/PartitionedPrefix"
- }
- },
- "required": [
- "PartitionedPrefix"
+ "Format": {
+ "description": "Specifies the file format used when exporting data to Amazon S3.\n *Allowed values*: ``CSV`` | ``ORC`` | ``Parquet``",
+ "type": "string",
+ "enum": [
+ "CSV",
+ "ORC",
+ "Parquet"
]
+ },
+ "BucketAccountId": {
+ "description": "The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data.\n Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.",
+ "type": "string"
+ },
+ "Prefix": {
+ "description": "The prefix to use when exporting data. The prefix is prepended to all results.",
+ "type": "string"
}
+ },
+ "required": [
+ "BucketArn",
+ "Format"
]
},
"PartitionedPrefix": {
- "type": "object",
"description": "Amazon S3 keys for log objects are partitioned in the following format:\n ``[DestinationPrefix][SourceAccountId]/[SourceRegion]/[SourceBucket]/[YYYY]/[MM]/[DD]/[YYYY]-[MM]-[DD]-[hh]-[mm]-[ss]-[UniqueString]`` \n PartitionedPrefix defaults to EventTime delivery when server access logs are delivered.",
+ "additionalProperties": false,
+ "type": "object",
"properties": {
"PartitionDateSource": {
+ "description": "Specifies the partition date source for the partitioned prefix. ``PartitionDateSource`` can be ``EventTime`` or ``DeliveryTime``.\n For ``DeliveryTime``, the time in the log file names corresponds to the delivery time for the log files. \n For ``EventTime``, The logs delivered are for a specific day only. The year, month, and day correspond to the day on which the event occurred, and the hour, minutes and seconds are set to 00 in the key.",
"type": "string",
- "description": "Specifies the partition date source for the partitioned prefix. PartitionDateSource can be EventTime or DeliveryTime.",
"enum": [
"EventTime",
"DeliveryTime"
]
}
- },
- "additionalProperties": false
+ }
},
- "MetricsConfiguration": {
- "type": "object",
+ "RedirectAllRequestsTo": {
+ "description": "Specifies the redirect behavior of all requests to a website endpoint of an Amazon S3 bucket.",
"additionalProperties": false,
- "properties": {
- "AccessPointArn": {
- "type": "string",
- "description": "The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria."
- },
- "Id": {
- "type": "string",
- "description": "The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration."
- },
- "Prefix": {
- "type": "string",
- "description": "The prefix that an object must have to be included in the metrics results."
- },
- "TagFilters": {
- "type": "array",
- "uniqueItems": true,
- "insertionOrder": true,
- "items": {
- "$ref": "#/definitions/TagFilter"
- },
- "description": "Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria."
- }
- },
- "required": [
- "Id"
- ],
- "description": "Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For examples, see [AWS::S3::Bucket](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#aws-properties-s3-bucket--examples). For more information, see [PUT Bucket metrics](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html) in the *Amazon S3 API Reference*."
- },
- "NotificationConfiguration": {
- "description": "Describes the notification configuration for an Amazon S3 bucket.\n If you create the target resource and related permissions in the same template, you might have a circular dependency.\n For example, you might use the ``AWS::Lambda::Permission`` resource to grant the bucket permission to invoke an AWS Lambda function. However, AWS CloudFormation can't create the bucket until the bucket has permission to invoke the function (AWS CloudFormation checks whether the bucket can invoke the function). If you're using Refs to pass the bucket name, this leads to a circular dependency.\n To avoid this dependency, you can create all resources without specifying the notification configuration. Then, update the stack with a notification configuration.\n For more information on permissions, see [AWS::Lambda::Permission](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html) and [Granting Permissions to Publish Event Notification Messages to a Destination](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html#grant-destinations-permissions-to-s3).",
"type": "object",
- "additionalProperties": false,
"properties": {
- "EventBridgeConfiguration": {
- "$ref": "#/definitions/EventBridgeConfiguration",
- "description": "Enables delivery of events to Amazon EventBridge."
- },
- "LambdaConfigurations": {
- "type": "array",
- "uniqueItems": true,
- "insertionOrder": true,
- "items": {
- "$ref": "#/definitions/LambdaConfiguration"
- },
- "description": "Describes the LAMlong functions to invoke and the events for which to invoke them."
- },
- "QueueConfigurations": {
- "type": "array",
- "uniqueItems": true,
- "insertionOrder": true,
- "items": {
- "$ref": "#/definitions/QueueConfiguration"
- },
- "description": "The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages."
+ "Protocol": {
+ "description": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.",
+ "type": "string",
+ "enum": [
+ "http",
+ "https"
+ ]
},
- "TopicConfigurations": {
- "type": "array",
- "uniqueItems": true,
- "insertionOrder": true,
- "items": {
- "$ref": "#/definitions/TopicConfiguration"
- },
- "description": "The topic to which notifications are sent and the events for which notifications are generated."
- }
- }
- },
- "EventBridgeConfiguration": {
- "type": "object",
- "description": "Amazon S3 can send events to Amazon EventBridge whenever certain events happen in your bucket, see [Using EventBridge](https://docs.aws.amazon.com/AmazonS3/latest/userguide/EventBridge.html) in the *Amazon S3 User Guide*.\n Unlike other destinations, delivery of events to EventBridge can be either enabled or disabled for a bucket. If enabled, all events will be sent to EventBridge and you can use EventBridge rules to route events to additional targets. For more information, see [What Is Amazon EventBridge](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is.html) in the *Amazon EventBridge User Guide*",
- "additionalProperties": false,
- "properties": {
- "EventBridgeEnabled": {
- "description": "Enables delivery of events to Amazon EventBridge.",
- "type": "boolean",
- "default": "true"
+ "HostName": {
+ "description": "Name of the host where requests are redirected.",
+ "type": "string"
}
},
"required": [
- "EventBridgeEnabled"
+ "HostName"
]
},
- "LambdaConfiguration": {
- "type": "object",
- "description": "Describes the LAMlong functions to invoke and the events for which to invoke them.",
+ "TagFilter": {
+ "description": "Specifies tags to use to identify a subset of objects for an Amazon S3 bucket.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "Event": {
- "description": "The Amazon S3 bucket event for which to invoke the LAMlong function. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*.",
+ "Value": {
+ "description": "The tag value.",
"type": "string"
},
- "Filter": {
- "description": "The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a ``.jpg`` extension invoke the function when they are added to the Amazon S3 bucket.",
- "$ref": "#/definitions/NotificationFilter"
- },
- "Function": {
- "description": "The Amazon Resource Name (ARN) of the LAMlong function that Amazon S3 invokes when the specified event type occurs.",
+ "Key": {
+ "description": "The tag key.",
"type": "string"
}
},
"required": [
- "Function",
- "Event"
+ "Value",
+ "Key"
]
},
- "QueueConfiguration": {
- "type": "object",
- "description": "Specifies the configuration for publishing messages to an Amazon Simple Queue Service (Amazon SQS) queue when Amazon S3 detects specified events.",
+ "WebsiteConfiguration": {
+ "description": "Specifies website configuration parameters for an Amazon S3 bucket.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "Event": {
- "description": "The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*.",
+ "IndexDocument": {
+ "description": "The name of the index document for the website.",
"type": "string"
},
- "Filter": {
- "description": "The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a ``.jpg`` extension are added to the bucket. For more information, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/notification-how-to-filtering.html) in the *Amazon S3 User Guide*.",
- "$ref": "#/definitions/NotificationFilter"
+ "RedirectAllRequestsTo": {
+ "description": "The redirect behavior for every request to this bucket's website endpoint.\n If you specify this property, you can't specify any other property.",
+ "$ref": "#/definitions/RedirectAllRequestsTo"
},
- "Queue": {
- "description": "The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.",
+ "RoutingRules": {
+ "description": "Rules that define when a redirect is applied and the redirect behavior.",
+ "insertionOrder": true,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/RoutingRule"
+ }
+ },
+ "ErrorDocument": {
+ "description": "The name of the error document for the website.",
"type": "string"
}
- },
- "required": [
- "Event",
- "Queue"
- ]
+ }
},
"TopicConfiguration": {
- "type": "object",
"description": "A container for specifying the configuration for publication of messages to an Amazon Simple Notification Service (Amazon SNS) topic when Amazon S3 detects specified events.",
"additionalProperties": false,
- "properties": {
- "Event": {
- "description": "The Amazon S3 bucket event about which to send notifications. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*.",
- "type": "string"
- },
+ "type": "object",
+ "properties": {
"Filter": {
"description": "The filtering rules that determine for which objects to send notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a ``.jpg`` extension are added to the bucket.",
"$ref": "#/definitions/NotificationFilter"
},
+ "Event": {
+ "description": "The Amazon S3 bucket event about which to send notifications. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*.",
+ "type": "string"
+ },
"Topic": {
"description": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which Amazon S3 publishes a message when it detects events of the specified type.",
"type": "string"
@@ -1025,324 +912,350 @@
"Topic"
]
},
- "NotificationFilter": {
- "type": "object",
- "description": "Specifies object key name filtering rules. For information about key name filtering, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) in the *Amazon S3 User Guide*.",
+ "IntelligentTieringConfiguration": {
+ "description": "Specifies the S3 Intelligent-Tiering configuration for an Amazon S3 bucket.\n For information about the S3 Intelligent-Tiering storage class, see [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access).",
"additionalProperties": false,
- "properties": {
- "S3Key": {
- "$ref": "#/definitions/S3KeyFilter",
- "description": "A container for object key name prefix and suffix filtering rules."
- }
- },
- "required": [
- "S3Key"
- ]
- },
- "S3KeyFilter": {
"type": "object",
- "description": "A container for object key name prefix and suffix filtering rules. For more information about object key name filtering, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) in the *Amazon S3 User Guide*.\n The same type of filter rule cannot be used more than once. For example, you cannot specify two prefix rules.",
- "additionalProperties": false,
"properties": {
- "Rules": {
+ "Status": {
+ "description": "Specifies the status of the configuration.",
+ "type": "string",
+ "enum": [
+ "Disabled",
+ "Enabled"
+ ]
+ },
+ "Tierings": {
+ "uniqueItems": true,
+ "description": "Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: ``ARCHIVE_ACCESS`` and ``DEEP_ARCHIVE_ACCESS``.\n You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers.",
+ "insertionOrder": true,
"type": "array",
+ "items": {
+ "$ref": "#/definitions/Tiering"
+ }
+ },
+ "TagFilters": {
"uniqueItems": true,
- "insertionOrder": false,
+ "description": "A container for a key-value pair.",
+ "insertionOrder": true,
+ "type": "array",
"items": {
- "$ref": "#/definitions/FilterRule"
- },
- "description": "A list of containers for the key-value pair that defines the criteria for the filter rule."
+ "$ref": "#/definitions/TagFilter"
+ }
+ },
+ "Id": {
+ "description": "The ID used to identify the S3 Intelligent-Tiering configuration.",
+ "type": "string"
+ },
+ "Prefix": {
+ "description": "An object key name prefix that identifies the subset of objects to which the rule applies.",
+ "type": "string"
}
},
"required": [
- "Rules"
+ "Id",
+ "Status",
+ "Tierings"
]
},
- "FilterRule": {
- "type": "object",
- "description": "Specifies the Amazon S3 object key name to filter on. An object key name is the name assigned to an object in your Amazon S3 bucket. You specify whether to filter on the suffix or prefix of the object key name. A prefix is a specific string of characters at the beginning of an object key name, which you can use to organize objects. For example, you can start the key names of related objects with a prefix, such as ``2023-`` or ``engineering/``. Then, you can use ``FilterRule`` to find objects in a bucket with key names that have the same prefix. A suffix is similar to a prefix, but it is at the end of the object key name instead of at the beginning.",
+ "PublicAccessBlockConfiguration": {
+ "description": "The PublicAccessBlock configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see [The Meaning of \"Public\"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide*.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "Name": {
- "type": "string",
- "maxLength": 1024,
- "description": "The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see [Configuring Event Notifications](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*."
+ "RestrictPublicBuckets": {
+ "description": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to ``TRUE`` restricts access to this bucket to only AWS-service principals and authorized users within this account if the bucket has a public policy.\n Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.",
+ "type": "boolean"
},
- "Value": {
- "type": "string",
- "description": "The value that the filter searches for in object key names."
+ "BlockPublicPolicy": {
+ "description": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to ``TRUE`` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. \n Enabling this setting doesn't affect existing bucket policies.",
+ "type": "boolean"
+ },
+ "BlockPublicAcls": {
+ "description": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to ``TRUE`` causes the following behavior:\n + PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n + PUT Object calls fail if the request includes a public ACL.\n + PUT Bucket calls fail if the request includes a public ACL.\n \n Enabling this setting doesn't affect existing policies or ACLs.",
+ "type": "boolean"
+ },
+ "IgnorePublicAcls": {
+ "description": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to ``TRUE`` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.",
+ "type": "boolean"
}
- },
- "required": [
- "Value",
- "Name"
- ]
+ }
},
- "ObjectLockConfiguration": {
- "type": "object",
+ "NoncurrentVersionTransition": {
+ "description": "Container for the transition rule that describes when noncurrent objects transition to the ``STANDARD_IA``, ``ONEZONE_IA``, ``INTELLIGENT_TIERING``, ``GLACIER_IR``, ``GLACIER``, or ``DEEP_ARCHIVE`` storage class. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 transition noncurrent object versions to the ``STANDARD_IA``, ``ONEZONE_IA``, ``INTELLIGENT_TIERING``, ``GLACIER_IR``, ``GLACIER``, or ``DEEP_ARCHIVE`` storage class at a specific period in the object's lifetime. If you specify this property, don't specify the ``NoncurrentVersionTransitions`` property.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "ObjectLockEnabled": {
+ "StorageClass": {
+ "description": "The class of storage used to store the object.",
"type": "string",
- "const": "Enabled",
- "description": "Indicates whether this bucket has an Object Lock configuration enabled. Enable ``ObjectLockEnabled`` when you apply ``ObjectLockConfiguration`` to a bucket."
+ "enum": [
+ "DEEP_ARCHIVE",
+ "GLACIER",
+ "Glacier",
+ "GLACIER_IR",
+ "INTELLIGENT_TIERING",
+ "ONEZONE_IA",
+ "STANDARD_IA"
+ ]
},
- "Rule": {
- "$ref": "#/definitions/ObjectLockRule",
- "description": "Specifies the Object Lock rule for the specified object. Enable this rule when you apply ``ObjectLockConfiguration`` to a bucket. If Object Lock is turned on, bucket settings require both ``Mode`` and a period of either ``Days`` or ``Years``. You cannot specify ``Days`` and ``Years`` at the same time. For more information, see [ObjectLockRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-objectlockrule.html) and [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html)."
+ "TransitionInDays": {
+ "description": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates How Long an Object Has Been Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide*.",
+ "type": "integer"
+ },
+ "NewerNoncurrentVersions": {
+ "description": "Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide*.",
+ "type": "integer"
}
},
- "description": "Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html)."
+ "required": [
+ "StorageClass",
+ "TransitionInDays"
+ ]
},
- "ObjectLockRule": {
- "type": "object",
- "description": "Specifies the Object Lock rule for the specified object. Enable the this rule when you apply ``ObjectLockConfiguration`` to a bucket.",
+ "StorageClassAnalysis": {
+ "description": "Specifies data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes for an Amazon S3 bucket.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "DefaultRetention": {
- "$ref": "#/definitions/DefaultRetention",
- "description": "The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both ``Mode`` and a period of either ``Days`` or ``Years``. You cannot specify ``Days`` and ``Years`` at the same time. For more information about allowable values for mode and period, see [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html)."
+ "DataExport": {
+ "description": "Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported.",
+ "$ref": "#/definitions/DataExport"
}
}
},
- "DefaultRetention": {
- "type": "object",
- "description": "The container element for optionally specifying the default Object Lock retention settings for new objects placed in the specified bucket.\n + The ``DefaultRetention`` settings require both a mode and a period.\n + The ``DefaultRetention`` period can be either ``Days`` or ``Years`` but you must select one. You cannot specify ``Days`` and ``Years`` at the same time.",
+ "ServerSideEncryptionByDefault": {
+ "description": "Describes the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. If you don't specify a customer managed key at configuration, Amazon S3 automatically creates an AWS KMS key in your AWS account the first time that you add an object encrypted with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for SSE-KMS. For more information, see [PUT Bucket encryption](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html) in the *Amazon S3 API Reference*.\n If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the requester\u2019s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "Years": {
- "type": "integer",
- "description": "The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify ``Mode`` and specify either ``Days`` or ``Years``."
- },
- "Days": {
- "type": "integer",
- "description": "The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify ``Mode`` and specify either ``Days`` or ``Years``."
- },
- "Mode": {
+ "SSEAlgorithm": {
+ "description": "Server-side encryption algorithm to use for the default encryption.",
"type": "string",
"enum": [
- "COMPLIANCE",
- "GOVERNANCE"
- ],
- "description": "The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify ``Mode`` and specify either ``Days`` or ``Years``."
+ "aws:kms",
+ "AES256",
+ "aws:kms:dsse"
+ ]
+ },
+ "KMSMasterKeyID": {
+ "description": "AWS Key Management Service (KMS) customer AWS KMS key ID to use for the default encryption. This parameter is allowed if and only if ``SSEAlgorithm`` is set to ``aws:kms`` or ``aws:kms:dsse``.\n You can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key.\n + Key ID: ``1234abcd-12ab-34cd-56ef-1234567890ab`` \n + Key ARN: ``arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`` \n + Key Alias: ``alias/alias-name`` \n \n If you use a key ID, you can run into a LogDestination undeliverable error when creating a VPC flow log. \n If you are using encryption with cross-account or AWS service operations you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy).\n Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *Key Management Service Developer Guide*.",
+ "type": "string"
}
- }
+ },
+ "required": [
+ "SSEAlgorithm"
+ ]
},
- "OwnershipControls": {
- "type": "object",
+ "MetricsConfiguration": {
+ "description": "Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For examples, see [AWS::S3::Bucket](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#aws-properties-s3-bucket--examples). For more information, see [PUT Bucket metrics](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html) in the *Amazon S3 API Reference*.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "Rules": {
- "type": "array",
+ "AccessPointArn": {
+ "description": "The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.",
+ "type": "string"
+ },
+ "TagFilters": {
"uniqueItems": true,
+ "description": "Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.",
"insertionOrder": true,
+ "type": "array",
"items": {
- "$ref": "#/definitions/OwnershipControlsRule"
- },
- "description": "Specifies the container element for Object Ownership rules."
+ "$ref": "#/definitions/TagFilter"
+ }
+ },
+ "Id": {
+ "description": "The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.",
+ "type": "string"
+ },
+ "Prefix": {
+ "description": "The prefix that an object must have to be included in the metrics results.",
+ "type": "string"
}
},
"required": [
- "Rules"
- ],
- "description": "Specifies the container element for Object Ownership rules.\n S3 Object Ownership is an Amazon S3 bucket-level setting that you can use to disable access control lists (ACLs) and take ownership of every object in your bucket, simplifying access management for data stored in Amazon S3. For more information, see [Controlling ownership of objects and disabling ACLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*."
+ "Id"
+ ]
},
- "OwnershipControlsRule": {
- "type": "object",
+ "ObjectLockConfiguration": {
+ "description": "Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html).",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "ObjectOwnership": {
- "description": "Specifies an object ownership rule.",
- "type": "string",
- "enum": [
- "ObjectWriter",
- "BucketOwnerPreferred",
- "BucketOwnerEnforced"
- ]
+ "ObjectLockEnabled": {
+ "const": "Enabled",
+ "description": "Indicates whether this bucket has an Object Lock configuration enabled. Enable ``ObjectLockEnabled`` when you apply ``ObjectLockConfiguration`` to a bucket.",
+ "type": "string"
+ },
+ "Rule": {
+ "description": "Specifies the Object Lock rule for the specified object. Enable this rule when you apply ``ObjectLockConfiguration`` to a bucket. If Object Lock is turned on, bucket settings require both ``Mode`` and a period of either ``Days`` or ``Years``. You cannot specify ``Days`` and ``Years`` at the same time. For more information, see [ObjectLockRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-objectlockrule.html) and [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html).",
+ "$ref": "#/definitions/ObjectLockRule"
}
- },
- "description": "Specifies an Object Ownership rule.\n S3 Object Ownership is an Amazon S3 bucket-level setting that you can use to disable access control lists (ACLs) and take ownership of every object in your bucket, simplifying access management for data stored in Amazon S3. For more information, see [Controlling ownership of objects and disabling ACLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*."
+ }
},
- "PublicAccessBlockConfiguration": {
- "description": "The PublicAccessBlock configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see [The Meaning of \"Public\"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide*.",
- "type": "object",
+ "LoggingConfiguration": {
+ "description": "Describes where logs are stored and the prefix that Amazon S3 assigns to all log object keys for a bucket. For examples and more information, see [PUT Bucket logging](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlogging.html) in the *Amazon S3 API Reference*.\n To successfully complete the ``AWS::S3::Bucket LoggingConfiguration`` request, you must have ``s3:PutObject`` and ``s3:PutObjectAcl`` in your IAM permissions.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "BlockPublicAcls": {
- "type": "boolean",
- "description": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to ``TRUE`` causes the following behavior:\n + PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n + PUT Object calls fail if the request includes a public ACL.\n + PUT Bucket calls fail if the request includes a public ACL.\n \n Enabling this setting doesn't affect existing policies or ACLs."
- },
- "BlockPublicPolicy": {
- "type": "boolean",
- "description": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to ``TRUE`` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. \n Enabling this setting doesn't affect existing bucket policies."
+ "TargetObjectKeyFormat": {
+ "description": "Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.",
+ "$ref": "#/definitions/TargetObjectKeyFormat"
},
- "IgnorePublicAcls": {
- "type": "boolean",
- "description": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to ``TRUE`` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set."
+ "LogFilePrefix": {
+ "description": "A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.",
+ "type": "string"
},
- "RestrictPublicBuckets": {
- "type": "boolean",
- "description": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to ``TRUE`` restricts access to this bucket to only AWS-service principals and authorized users within this account if the bucket has a public policy.\n Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked."
+ "DestinationBucketName": {
+ "description": "The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the ``LoggingConfiguration`` property is defined.",
+ "type": "string"
}
}
},
- "ReplicationConfiguration": {
- "type": "object",
- "description": "A container for replication rules. You can add up to 1,000 rules. The maximum size of a replication configuration is 2 MB. The latest version of the replication configuration XML is V2. For more information about XML V2 replication configurations, see [Replication configuration](https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication-add-config.html) in the *Amazon S3 User Guide*.",
+ "LambdaConfiguration": {
+ "description": "Describes the LAMlong functions to invoke and the events for which to invoke them.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "Role": {
- "description": "The Amazon Resource Name (ARN) of the IAMlong (IAM) role that Amazon S3 assumes when replicating objects. For more information, see [How to Set Up Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-how-setup.html) in the *Amazon S3 User Guide*.",
+ "Function": {
+ "description": "The Amazon Resource Name (ARN) of the LAMlong function that Amazon S3 invokes when the specified event type occurs.",
"type": "string"
},
- "Rules": {
- "description": "A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.",
- "type": "array",
- "uniqueItems": true,
- "insertionOrder": true,
- "items": {
- "$ref": "#/definitions/ReplicationRule",
- "maxLength": 1000,
- "minLength": 1
- }
+ "Filter": {
+ "description": "The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a ``.jpg`` extension invoke the function when they are added to the Amazon S3 bucket.",
+ "$ref": "#/definitions/NotificationFilter"
+ },
+ "Event": {
+ "description": "The Amazon S3 bucket event for which to invoke the LAMlong function. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*.",
+ "type": "string"
}
},
"required": [
- "Role",
- "Rules"
+ "Function",
+ "Event"
]
},
- "ReplicationRule": {
+ "DataExport": {
+ "description": "Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported.",
+ "additionalProperties": false,
"type": "object",
- "description": "Specifies which Amazon S3 objects to replicate and where to store the replicas.",
+ "properties": {
+ "Destination": {
+ "description": "The place to store the data for an analysis.",
+ "$ref": "#/definitions/Destination"
+ },
+ "OutputSchemaVersion": {
+ "const": "V_1",
+ "description": "The version of the output schema to use when exporting data. Must be ``V_1``.",
+ "type": "string"
+ }
+ },
+ "required": [
+ "Destination",
+ "OutputSchemaVersion"
+ ]
+ },
+ "Tiering": {
+ "description": "The S3 Intelligent-Tiering storage class is designed to optimize storage costs by automatically moving data to the most cost-effective storage access tier, without additional operational overhead.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "DeleteMarkerReplication": {
- "$ref": "#/definitions/DeleteMarkerReplication",
- "description": "Specifies whether Amazon S3 replicates delete markers. If you specify a ``Filter`` in your replication configuration, you must also include a ``DeleteMarkerReplication`` element. If your ``Filter`` includes a ``Tag`` element, the ``DeleteMarkerReplication`` ``Status`` must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config). \n For more information about delete marker replication, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html). \n If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations)."
- },
- "Destination": {
- "$ref": "#/definitions/ReplicationDestination",
- "description": "A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC)."
- },
- "Filter": {
- "$ref": "#/definitions/ReplicationRuleFilter",
- "description": "A filter that identifies the subset of objects to which the replication rule applies. A ``Filter`` must specify exactly one ``Prefix``, ``TagFilter``, or an ``And`` child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration.\n V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the ``Prefix`` directly as a child element of the ``Rule`` element."
- },
- "Id": {
- "description": "A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as \"ID\".",
- "type": "string",
- "maxLength": 255
- },
- "Prefix": {
- "description": "An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the ``Prefix`` directly as a child element of the ``Rule`` element.\n Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints).",
- "type": "string",
- "maxLength": 1024
- },
- "Priority": {
- "type": "integer",
- "description": "The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority. \n For more information, see [Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) in the *Amazon S3 User Guide*."
- },
- "SourceSelectionCriteria": {
- "$ref": "#/definitions/SourceSelectionCriteria",
- "description": "A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects."
- },
- "Status": {
- "description": "Specifies whether the rule is enabled.",
+ "AccessTier": {
+ "description": "S3 Intelligent-Tiering access tier. See [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access) for a list of access tiers in the S3 Intelligent-Tiering storage class.",
"type": "string",
"enum": [
- "Disabled",
- "Enabled"
+ "ARCHIVE_ACCESS",
+ "DEEP_ARCHIVE_ACCESS"
]
+ },
+ "Days": {
+ "description": "The number of consecutive days of no access after which an object will be eligible to be transitioned to the corresponding tier. The minimum number of days specified for Archive Access tier must be at least 90 days and Deep Archive Access tier must be at least 180 days. The maximum can be up to 2 years (730 days).",
+ "type": "integer"
}
},
"required": [
- "Destination",
- "Status"
+ "AccessTier",
+ "Days"
]
},
- "DeleteMarkerReplication": {
- "type": "object",
+ "ReplicationTime": {
+ "description": "A container specifying S3 Replication Time Control (S3 RTC) related information, including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a ``Metrics`` block.",
"additionalProperties": false,
+ "type": "object",
"properties": {
"Status": {
+ "description": "Specifies whether the replication time is enabled.",
"type": "string",
"enum": [
"Disabled",
"Enabled"
- ],
- "description": "Indicates whether to replicate delete markers. Disabled by default."
+ ]
+ },
+ "Time": {
+ "description": "A container specifying the time by which replication should be complete for all objects and operations on objects.",
+ "$ref": "#/definitions/ReplicationTimeValue"
}
},
- "description": "Specifies whether Amazon S3 replicates delete markers. If you specify a ``Filter`` in your replication configuration, you must also include a ``DeleteMarkerReplication`` element. If your ``Filter`` includes a ``Tag`` element, the ``DeleteMarkerReplication`` ``Status`` must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config). \n For more information about delete marker replication, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html). \n If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations)."
+ "required": [
+ "Status",
+ "Time"
+ ]
},
- "ReplicationDestination": {
- "type": "object",
- "description": "A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).",
+ "ReplicationRuleFilter": {
+ "description": "A filter that identifies the subset of objects to which the replication rule applies. A ``Filter`` must specify exactly one ``Prefix``, ``TagFilter``, or an ``And`` child element.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "AccessControlTranslation": {
- "$ref": "#/definitions/AccessControlTranslation",
- "description": "Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object."
- },
- "Account": {
- "type": "string",
- "description": "Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS-account that owns the destination bucket by specifying the ``AccessControlTranslation`` property, this is the account ID of the destination bucket owner. For more information, see [Cross-Region Replication Additional Configuration: Change Replica Owner](https://docs.aws.amazon.com/AmazonS3/latest/dev/crr-change-owner.html) in the *Amazon S3 User Guide*.\n If you specify the ``AccessControlTranslation`` property, the ``Account`` property is required."
- },
- "Bucket": {
- "type": "string",
- "description": "The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results."
- },
- "EncryptionConfiguration": {
- "$ref": "#/definitions/EncryptionConfiguration",
- "description": "Specifies encryption-related information."
- },
- "Metrics": {
- "$ref": "#/definitions/Metrics",
- "description": "A container specifying replication metrics-related settings enabling replication metrics and events."
+ "And": {
+ "description": "A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example: \n + If you specify both a ``Prefix`` and a ``TagFilter``, wrap these filters in an ``And`` tag.\n + If you specify a filter based on multiple tags, wrap the ``TagFilter`` elements in an ``And`` tag.",
+ "$ref": "#/definitions/ReplicationRuleAndOperator"
},
- "ReplicationTime": {
- "$ref": "#/definitions/ReplicationTime",
- "description": "A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a ``Metrics`` block."
+ "TagFilter": {
+ "description": "A container for specifying a tag key and value. \n The rule applies only to objects that have the tag in their tag set.",
+ "$ref": "#/definitions/TagFilter"
},
- "StorageClass": {
- "description": "The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica. \n For valid values, see the ``StorageClass`` element of the [PUT Bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) action in the *Amazon S3 API Reference*.",
- "type": "string",
- "enum": [
- "DEEP_ARCHIVE",
- "GLACIER",
- "GLACIER_IR",
- "INTELLIGENT_TIERING",
- "ONEZONE_IA",
- "REDUCED_REDUNDANCY",
- "STANDARD",
- "STANDARD_IA"
- ]
+ "Prefix": {
+ "description": "An object key name prefix that identifies the subset of objects to which the rule applies.\n Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints).",
+ "type": "string"
}
- },
- "required": [
- "Bucket"
- ]
+ }
},
- "AccessControlTranslation": {
- "type": "object",
- "description": "Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object.",
+ "RedirectRule": {
+ "description": "Specifies how requests are redirected. In the event of an error, you can specify a different error code to return.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "Owner": {
+ "ReplaceKeyWith": {
+ "description": "The specific object key to use in the redirect request. For example, redirect request to ``error.html``. Not required if one of the siblings is present. Can be present only if ``ReplaceKeyPrefixWith`` is not provided.\n Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints).",
+ "type": "string"
+ },
+ "HttpRedirectCode": {
+ "description": "The HTTP redirect code to use on the response. Not required if one of the siblings is present.",
+ "type": "string"
+ },
+ "Protocol": {
+ "description": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.",
"type": "string",
- "const": "Destination",
- "description": "Specifies the replica ownership. For default and valid values, see [PUT bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) in the *Amazon S3 API Reference*."
+ "enum": [
+ "http",
+ "https"
+ ]
+ },
+ "HostName": {
+ "description": "The host name to use in the redirect request.",
+ "type": "string"
+ },
+ "ReplaceKeyPrefixWith": {
+ "description": "The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix ``docs/`` (objects in the ``docs/`` folder) to ``documents/``, you can set a condition block with ``KeyPrefixEquals`` set to ``docs/`` and in the Redirect set ``ReplaceKeyPrefixWith`` to ``/documents``. Not required if one of the siblings is present. Can be present only if ``ReplaceKeyWith`` is not provided.\n Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints).",
+ "type": "string"
}
- },
- "required": [
- "Owner"
- ]
+ }
},
"EncryptionConfiguration": {
- "type": "object",
- "description": "Specifies encryption-related information for an Amazon S3 bucket that is a destination for replicated objects.",
+ "description": "Specifies encryption-related information for an Amazon S3 bucket that is a destination for replicated objects.\n If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the requester\u2019s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner.",
"additionalProperties": false,
+ "type": "object",
"properties": {
"ReplicaKmsKeyID": {
"description": "Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *Key Management Service Developer Guide*.",
@@ -1353,189 +1266,224 @@
"ReplicaKmsKeyID"
]
},
- "Metrics": {
- "type": "object",
+ "BucketEncryption": {
+ "description": "Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide*.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "EventThreshold": {
- "$ref": "#/definitions/ReplicationTimeValue",
- "description": "A container specifying the time threshold for emitting the ``s3:Replication:OperationMissedThreshold`` event."
- },
- "Status": {
- "type": "string",
- "enum": [
- "Disabled",
- "Enabled"
- ],
- "description": "Specifies whether the replication metrics are enabled."
+ "ServerSideEncryptionConfiguration": {
+ "uniqueItems": true,
+ "description": "Specifies the default server-side-encryption configuration.",
+ "insertionOrder": true,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/ServerSideEncryptionRule"
+ }
}
},
"required": [
- "Status"
- ],
- "description": "A container specifying replication metrics-related settings enabling replication metrics and events."
+ "ServerSideEncryptionConfiguration"
+ ]
},
- "ReplicationTimeValue": {
- "type": "object",
+ "NotificationConfiguration": {
+ "description": "Describes the notification configuration for an Amazon S3 bucket.\n If you create the target resource and related permissions in the same template, you might have a circular dependency.\n For example, you might use the ``AWS::Lambda::Permission`` resource to grant the bucket permission to invoke an AWS Lambda function. However, AWS CloudFormation can't create the bucket until the bucket has permission to invoke the function (AWS CloudFormation checks whether the bucket can invoke the function). If you're using Refs to pass the bucket name, this leads to a circular dependency.\n To avoid this dependency, you can create all resources without specifying the notification configuration. Then, update the stack with a notification configuration.\n For more information on permissions, see [AWS::Lambda::Permission](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html) and [Granting Permissions to Publish Event Notification Messages to a Destination](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html#grant-destinations-permissions-to-s3).",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "Minutes": {
- "type": "integer",
- "description": "Contains an integer specifying time in minutes. \n Valid value: 15"
+ "TopicConfigurations": {
+ "uniqueItems": true,
+ "description": "The topic to which notifications are sent and the events for which notifications are generated.",
+ "insertionOrder": true,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/TopicConfiguration"
+ }
+ },
+ "QueueConfigurations": {
+ "uniqueItems": true,
+ "description": "The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.",
+ "insertionOrder": true,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/QueueConfiguration"
+ }
+ },
+ "LambdaConfigurations": {
+ "uniqueItems": true,
+ "description": "Describes the LAMlong functions to invoke and the events for which to invoke them.",
+ "insertionOrder": true,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/LambdaConfiguration"
+ }
+ },
+ "EventBridgeConfiguration": {
+ "description": "Enables delivery of events to Amazon EventBridge.",
+ "$ref": "#/definitions/EventBridgeConfiguration"
}
- },
- "required": [
- "Minutes"
- ],
- "description": "A container specifying the time value for S3 Replication Time Control (S3 RTC) and replication metrics ``EventThreshold``."
+ }
},
- "ReplicationTime": {
- "type": "object",
+ "LifecycleConfiguration": {
+ "description": "Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide*.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "Status": {
- "type": "string",
- "enum": [
- "Disabled",
- "Enabled"
- ],
- "description": "Specifies whether the replication time is enabled."
- },
- "Time": {
- "$ref": "#/definitions/ReplicationTimeValue",
- "description": "A container specifying the time by which replication should be complete for all objects and operations on objects."
+ "Rules": {
+ "uniqueItems": true,
+ "description": "A lifecycle rule for individual objects in an Amazon S3 bucket.",
+ "insertionOrder": true,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/Rule"
+ }
}
},
"required": [
- "Status",
- "Time"
- ],
- "description": "A container specifying S3 Replication Time Control (S3 RTC) related information, including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a ``Metrics`` block."
+ "Rules"
+ ]
},
- "ReplicationRuleFilter": {
- "type": "object",
+ "InventoryConfiguration": {
+ "description": "Specifies the inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference*.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "And": {
- "$ref": "#/definitions/ReplicationRuleAndOperator",
- "description": "A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example: \n + If you specify both a ``Prefix`` and a ``TagFilter``, wrap these filters in an ``And`` tag.\n + If you specify a filter based on multiple tags, wrap the ``TagFilter`` elements in an ``And`` tag."
+ "Destination": {
+ "description": "Contains information about where to publish the inventory results.",
+ "$ref": "#/definitions/Destination"
+ },
+ "OptionalFields": {
+ "uniqueItems": true,
+ "description": "Contains the optional fields that are included in the inventory results.",
+ "insertionOrder": true,
+ "type": "array",
+ "items": {
+ "type": "string",
+ "enum": [
+ "Size",
+ "LastModifiedDate",
+ "StorageClass",
+ "ETag",
+ "IsMultipartUploaded",
+ "ReplicationStatus",
+ "EncryptionStatus",
+ "ObjectLockRetainUntilDate",
+ "ObjectLockMode",
+ "ObjectLockLegalHoldStatus",
+ "IntelligentTieringAccessTier",
+ "BucketKeyStatus",
+ "ChecksumAlgorithm",
+ "ObjectAccessControlList",
+ "ObjectOwner"
+ ]
+ }
+ },
+ "IncludedObjectVersions": {
+ "description": "Object versions to include in the inventory list. If set to ``All``, the list includes all the object versions, which adds the version-related fields ``VersionId``, ``IsLatest``, and ``DeleteMarker`` to the list. If set to ``Current``, the list does not contain these version-related fields.",
+ "type": "string",
+ "enum": [
+ "All",
+ "Current"
+ ]
+ },
+ "Enabled": {
+ "description": "Specifies whether the inventory is enabled or disabled. If set to ``True``, an inventory list is generated. If set to ``False``, no inventory list is generated.",
+ "type": "boolean"
+ },
+ "Id": {
+ "description": "The ID used to identify the inventory configuration.",
+ "type": "string"
},
"Prefix": {
- "type": "string",
- "description": "An object key name prefix that identifies the subset of objects to which the rule applies.\n Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints)."
+ "description": "Specifies the inventory filter prefix.",
+ "type": "string"
},
- "TagFilter": {
- "$ref": "#/definitions/TagFilter",
- "description": "A container for specifying a tag key and value. \n The rule applies only to objects that have the tag in their tag set."
+ "ScheduleFrequency": {
+ "description": "Specifies the schedule for generating inventory results.",
+ "type": "string",
+ "enum": [
+ "Daily",
+ "Weekly"
+ ]
}
},
- "description": "A filter that identifies the subset of objects to which the replication rule applies. A ``Filter`` must specify exactly one ``Prefix``, ``TagFilter``, or an ``And`` child element."
+ "required": [
+ "Destination",
+ "Enabled",
+ "Id",
+ "IncludedObjectVersions",
+ "ScheduleFrequency"
+ ]
},
"ReplicationRuleAndOperator": {
- "type": "object",
+ "description": "A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. \n For example:\n + If you specify both a ``Prefix`` and a ``TagFilter``, wrap these filters in an ``And`` tag. \n + If you specify a filter based on multiple tags, wrap the ``TagFilter`` elements in an ``And`` tag",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "Prefix": {
- "type": "string",
- "description": "An object key name prefix that identifies the subset of objects to which the rule applies."
- },
"TagFilters": {
- "type": "array",
"uniqueItems": true,
+ "description": "An array of tags containing key and value pairs.",
"insertionOrder": true,
+ "type": "array",
"items": {
"$ref": "#/definitions/TagFilter"
- },
- "description": "An array of tags containing key and value pairs."
- }
- },
- "description": "A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. \n For example:\n + If you specify both a ``Prefix`` and a ``TagFilter``, wrap these filters in an ``And`` tag. \n + If you specify a filter based on multiple tags, wrap the ``TagFilter`` elements in an ``And`` tag"
- },
- "SourceSelectionCriteria": {
- "description": "A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.",
- "type": "object",
- "additionalProperties": false,
- "properties": {
- "ReplicaModifications": {
- "description": "A filter that you can specify for selection for modifications on replicas.",
- "$ref": "#/definitions/ReplicaModifications"
+ }
},
- "SseKmsEncryptedObjects": {
- "description": "A container for filter information for the selection of Amazon S3 objects encrypted with AWS KMS.",
- "$ref": "#/definitions/SseKmsEncryptedObjects"
+ "Prefix": {
+ "description": "An object key name prefix that identifies the subset of objects to which the rule applies.",
+ "type": "string"
}
}
},
- "ReplicaModifications": {
- "type": "object",
+ "VersioningConfiguration": {
+ "description": "Describes the versioning state of an Amazon S3 bucket. For more information, see [PUT Bucket versioning](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTVersioningStatus.html) in the *Amazon S3 API Reference*.\n When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (``PUT`` or ``DELETE``) on objects in the bucket.",
"additionalProperties": false,
+ "type": "object",
"properties": {
"Status": {
- "description": "Specifies whether Amazon S3 replicates modifications on replicas.\n *Allowed values*: ``Enabled`` | ``Disabled``",
+ "default": "Suspended",
+ "description": "The versioning state of the bucket.",
"type": "string",
"enum": [
"Enabled",
- "Disabled"
+ "Suspended"
]
}
},
"required": [
"Status"
- ],
- "description": "A filter that you can specify for selection for modifications on replicas."
+ ]
},
- "SseKmsEncryptedObjects": {
- "type": "object",
- "description": "A container for filter information for the selection of S3 objects encrypted with AWS KMS.",
+ "CorsConfiguration": {
+ "description": "Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide*.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "Status": {
- "description": "Specifies whether Amazon S3 replicates objects created with server-side encryption using an AWS KMS key stored in AWS Key Management Service.",
- "type": "string",
- "enum": [
- "Disabled",
- "Enabled"
- ]
+ "CorsRules": {
+ "uniqueItems": true,
+ "description": "A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.",
+ "insertionOrder": true,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/CorsRule",
+ "maxLength": 100
+ }
}
},
"required": [
- "Status"
+ "CorsRules"
]
},
- "Tag": {
- "type": "object",
+ "ReplicaModifications": {
+ "description": "A filter that you can specify for selection for modifications on replicas.",
"additionalProperties": false,
- "properties": {
- "Key": {
- "type": "string",
- "minLength": 1,
- "maxLength": 128,
- "description": "Name of the object key."
- },
- "Value": {
- "type": "string",
- "maxLength": 256,
- "description": "Value of the tag."
- }
- },
- "required": [
- "Value",
- "Key"
- ],
- "description": "A container of a key value name pair."
- },
- "VersioningConfiguration": {
- "description": "Describes the versioning state of an Amazon S3 bucket. For more information, see [PUT Bucket versioning](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTVersioningStatus.html) in the *Amazon S3 API Reference*.",
"type": "object",
- "additionalProperties": false,
"properties": {
"Status": {
- "description": "The versioning state of the bucket.",
+ "description": "Specifies whether Amazon S3 replicates modifications on replicas.\n *Allowed values*: ``Enabled`` | ``Disabled``",
"type": "string",
- "default": "Suspended",
"enum": [
"Enabled",
- "Suspended"
+ "Disabled"
]
}
},
@@ -1543,253 +1491,285 @@
"Status"
]
},
- "WebsiteConfiguration": {
- "type": "object",
- "description": "Specifies website configuration parameters for an Amazon S3 bucket.",
+ "NoncurrentVersionExpiration": {
+ "description": "Specifies when noncurrent object versions expire. Upon expiration, S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that S3 delete noncurrent object versions at a specific period in the object's lifetime. For more information about setting a lifecycle rule configuration, see [AWS::S3::Bucket Rule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-lifecycleconfig-rule.html).",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "ErrorDocument": {
- "description": "The name of the error document for the website.",
- "type": "string"
- },
- "IndexDocument": {
- "description": "The name of the index document for the website.",
- "type": "string"
- },
- "RoutingRules": {
- "type": "array",
- "insertionOrder": true,
- "items": {
- "$ref": "#/definitions/RoutingRule"
- },
- "description": "Rules that define when a redirect is applied and the redirect behavior."
+ "NoncurrentDays": {
+ "description": "Specifies the number of days an object is noncurrent before S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates When an Object Became Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide*.",
+ "type": "integer"
},
- "RedirectAllRequestsTo": {
- "$ref": "#/definitions/RedirectAllRequestsTo",
- "description": "The redirect behavior for every request to this bucket's website endpoint.\n If you specify this property, you can't specify any other property."
+ "NewerNoncurrentVersions": {
+ "description": "Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide*.",
+ "type": "integer"
}
- }
+ },
+ "required": [
+ "NoncurrentDays"
+ ]
},
- "RoutingRule": {
- "description": "Specifies the redirect behavior and when a redirect is applied. For more information about routing rules, see [Configuring advanced conditional redirects](https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html#advanced-conditional-redirects) in the *Amazon S3 User Guide*.",
- "type": "object",
+ "QueueConfiguration": {
+ "description": "Specifies the configuration for publishing messages to an Amazon Simple Queue Service (Amazon SQS) queue when Amazon S3 detects specified events.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "RedirectRule": {
- "description": "Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.",
- "$ref": "#/definitions/RedirectRule"
+ "Filter": {
+ "description": "The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a ``.jpg`` extension are added to the bucket. For more information, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/notification-how-to-filtering.html) in the *Amazon S3 User Guide*.",
+ "$ref": "#/definitions/NotificationFilter"
},
- "RoutingRuleCondition": {
- "$ref": "#/definitions/RoutingRuleCondition",
- "description": "A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the ``/docs`` folder, redirect to the ``/documents`` folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error."
+ "Event": {
+ "description": "The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*.",
+ "type": "string"
+ },
+ "Queue": {
+ "description": "The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.",
+ "type": "string"
}
},
"required": [
- "RedirectRule"
+ "Event",
+ "Queue"
]
},
- "RedirectRule": {
- "type": "object",
- "description": "Specifies how requests are redirected. In the event of an error, you can specify a different error code to return.",
+ "Transition": {
+ "description": "Specifies when an object transitions to a specified storage class. For more information about Amazon S3 lifecycle configuration rules, see [Transitioning Objects Using Amazon S3 Lifecycle](https://docs.aws.amazon.com/AmazonS3/latest/dev/lifecycle-transition-general-considerations.html) in the *Amazon S3 User Guide*.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "HostName": {
- "description": "The host name to use in the redirect request.",
- "type": "string"
- },
- "HttpRedirectCode": {
- "description": "The HTTP redirect code to use on the response. Not required if one of the siblings is present.",
- "type": "string"
+ "TransitionDate": {
+ "description": "Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC.",
+ "$ref": "#/definitions/iso8601UTC"
},
- "Protocol": {
- "description": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.",
+ "StorageClass": {
+ "description": "The storage class to which you want the object to transition.",
+ "type": "string",
"enum": [
- "http",
- "https"
- ],
- "type": "string"
- },
- "ReplaceKeyPrefixWith": {
- "description": "The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix ``docs/`` (objects in the ``docs/`` folder) to ``documents/``, you can set a condition block with ``KeyPrefixEquals`` set to ``docs/`` and in the Redirect set ``ReplaceKeyPrefixWith`` to ``/documents``. Not required if one of the siblings is present. Can be present only if ``ReplaceKeyWith`` is not provided.\n Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints).",
- "type": "string"
+ "DEEP_ARCHIVE",
+ "GLACIER",
+ "Glacier",
+ "GLACIER_IR",
+ "INTELLIGENT_TIERING",
+ "ONEZONE_IA",
+ "STANDARD_IA"
+ ]
},
- "ReplaceKeyWith": {
- "description": "The specific object key to use in the redirect request. For example, redirect request to ``error.html``. Not required if one of the siblings is present. Can be present only if ``ReplaceKeyPrefixWith`` is not provided.\n Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints).",
- "type": "string"
+ "TransitionInDays": {
+ "description": "Indicates the number of days after creation when objects are transitioned to the specified storage class. The value must be a positive integer.",
+ "type": "integer"
}
- }
+ },
+ "required": [
+ "StorageClass"
+ ]
},
- "RoutingRuleCondition": {
- "description": "A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the ``/docs`` folder, redirect to the ``/documents`` folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.",
- "type": "object",
+ "SseKmsEncryptedObjects": {
+ "description": "A container for filter information for the selection of S3 objects encrypted with AWS KMS.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "KeyPrefixEquals": {
- "description": "The object key name prefix when the redirect is applied. For example, to redirect requests for ``ExamplePage.html``, the key prefix will be ``ExamplePage.html``. To redirect request for all pages with the prefix ``docs/``, the key prefix will be ``/docs``, which identifies all objects in the docs/ folder.\n Required when the parent element ``Condition`` is specified and sibling ``HttpErrorCodeReturnedEquals`` is not specified. If both conditions are specified, both must be true for the redirect to be applied.",
- "type": "string"
- },
- "HttpErrorCodeReturnedEquals": {
- "description": "The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied.\n Required when parent element ``Condition`` is specified and sibling ``KeyPrefixEquals`` is not specified. If both are specified, then both must be true for the redirect to be applied.",
- "type": "string"
+ "Status": {
+ "description": "Specifies whether Amazon S3 replicates objects created with server-side encryption using an AWS KMS key stored in AWS Key Management Service.",
+ "type": "string",
+ "enum": [
+ "Disabled",
+ "Enabled"
+ ]
}
- }
+ },
+ "required": [
+ "Status"
+ ]
},
- "RedirectAllRequestsTo": {
- "description": "Specifies the redirect behavior of all requests to a website endpoint of an Amazon S3 bucket.",
- "type": "object",
+ "Tag": {
+ "description": "A container of a key value name pair.",
"additionalProperties": false,
+ "type": "object",
"properties": {
- "HostName": {
- "description": "Name of the host where requests are redirected.",
- "type": "string"
+ "Value": {
+ "description": "Value of the tag.",
+ "type": "string",
+ "maxLength": 256
},
- "Protocol": {
- "description": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.",
+ "Key": {
+ "minLength": 1,
+ "description": "Name of the object key.",
"type": "string",
- "enum": [
- "http",
- "https"
- ]
+ "maxLength": 128
+ }
+ },
+ "required": [
+ "Value",
+ "Key"
+ ]
+ },
+ "AbortIncompleteMultipartUpload": {
+ "description": "Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload. For more information, see [Stopping Incomplete Multipart Uploads Using a Bucket Lifecycle Policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) in the *Amazon S3 User Guide*.",
+ "additionalProperties": false,
+ "type": "object",
+ "properties": {
+ "DaysAfterInitiation": {
+ "description": "Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.",
+ "type": "integer",
+ "minimum": 0
}
},
"required": [
- "HostName"
+ "DaysAfterInitiation"
]
- },
- "Arn": {
- "description": "the Amazon Resource Name (ARN) of the specified bucket.",
- "type": "string"
}
},
- "tagging": {
- "taggable": true,
- "tagOnCreate": true,
- "tagUpdatable": true,
- "cloudFormationSystemTags": true,
- "tagProperty": "/properties/Tags"
- },
- "createOnlyProperties": [
- "/properties/BucketName"
- ],
- "primaryIdentifier": [
- "/properties/BucketName"
- ],
- "readOnlyProperties": [
- "/properties/Arn",
- "/properties/DomainName",
- "/properties/DualStackDomainName",
- "/properties/RegionalDomainName",
- "/properties/WebsiteURL"
- ],
- "writeOnlyProperties": [
- "/properties/AccessControl",
- "/properties/LifecycleConfiguration/Rules/*/NoncurrentVersionExpirationInDays",
- "/properties/LifecycleConfiguration/Rules/*/NoncurrentVersionTransition",
- "/properties/LifecycleConfiguration/Rules/*/Transition",
- "/properties/ReplicationConfiguration/Rules/*/Prefix",
- "/properties/LifecycleConfiguration/Rules/*/ExpiredObjectDeleteMarker"
- ],
- "propertyTransform": {
- "/properties/NotificationConfiguration/QueueConfigurations/*/Filter/S3Key/Rules/*/Name": "$replace(Name, \"prefix\", \"Prefix\") $OR $replace(Name, \"suffix\", \"Suffix\")",
- "/properties/NotificationConfiguration/LambdaConfigurations/*/Filter/S3Key/Rules/*/Name": "$replace(Name, \"prefix\", \"Prefix\") $OR $replace(Name, \"suffix\", \"Suffix\")",
- "/properties/NotificationConfiguration/TopicConfigurations/*/Filter/S3Key/Rules/*/Name": "$replace(Name, \"prefix\", \"Prefix\") $OR $replace(Name, \"suffix\", \"Suffix\")"
- },
- "handlers": {
- "create": {
- "permissions": [
- "s3:CreateBucket",
- "s3:PutBucketTagging",
- "s3:PutAnalyticsConfiguration",
- "s3:PutEncryptionConfiguration",
- "s3:PutBucketCORS",
- "s3:PutInventoryConfiguration",
- "s3:PutLifecycleConfiguration",
- "s3:PutMetricsConfiguration",
- "s3:PutBucketNotification",
- "s3:PutBucketReplication",
- "s3:PutBucketWebsite",
- "s3:PutAccelerateConfiguration",
- "s3:PutBucketPublicAccessBlock",
- "s3:PutReplicationConfiguration",
- "s3:PutObjectAcl",
- "s3:PutBucketObjectLockConfiguration",
- "s3:GetBucketAcl",
- "s3:ListBucket",
- "iam:PassRole",
- "s3:DeleteObject",
- "s3:PutBucketLogging",
- "s3:PutBucketVersioning",
- "s3:PutObjectLockConfiguration",
- "s3:PutBucketOwnershipControls",
- "s3:PutIntelligentTieringConfiguration"
- ]
+ "properties": {
+ "InventoryConfigurations": {
+ "uniqueItems": true,
+ "description": "Specifies the inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference*.",
+ "insertionOrder": true,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/InventoryConfiguration"
+ }
},
- "read": {
- "permissions": [
- "s3:GetAccelerateConfiguration",
- "s3:GetLifecycleConfiguration",
- "s3:GetBucketPublicAccessBlock",
- "s3:GetAnalyticsConfiguration",
- "s3:GetBucketCORS",
- "s3:GetEncryptionConfiguration",
- "s3:GetInventoryConfiguration",
- "s3:GetBucketLogging",
- "s3:GetMetricsConfiguration",
- "s3:GetBucketNotification",
- "s3:GetBucketVersioning",
- "s3:GetReplicationConfiguration",
- "S3:GetBucketWebsite",
- "s3:GetBucketPublicAccessBlock",
- "s3:GetBucketObjectLockConfiguration",
- "s3:GetBucketTagging",
- "s3:GetBucketOwnershipControls",
- "s3:GetIntelligentTieringConfiguration",
- "s3:ListBucket"
- ]
+ "WebsiteConfiguration": {
+ "description": "Information used to configure the bucket as a static website. For more information, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html).",
+ "$ref": "#/definitions/WebsiteConfiguration"
},
- "update": {
- "permissions": [
- "s3:PutBucketAcl",
- "s3:PutBucketTagging",
- "s3:PutAnalyticsConfiguration",
- "s3:PutEncryptionConfiguration",
- "s3:PutBucketCORS",
- "s3:PutInventoryConfiguration",
- "s3:PutLifecycleConfiguration",
- "s3:PutMetricsConfiguration",
- "s3:PutBucketNotification",
- "s3:PutBucketReplication",
- "s3:PutBucketWebsite",
- "s3:PutAccelerateConfiguration",
- "s3:PutBucketPublicAccessBlock",
- "s3:PutReplicationConfiguration",
- "s3:PutBucketOwnershipControls",
- "s3:PutIntelligentTieringConfiguration",
- "s3:DeleteBucketWebsite",
- "s3:PutBucketLogging",
- "s3:PutBucketVersioning",
- "s3:PutObjectLockConfiguration",
- "s3:PutBucketObjectLockConfiguration",
- "s3:DeleteBucketAnalyticsConfiguration",
- "s3:DeleteBucketCors",
- "s3:DeleteBucketMetricsConfiguration",
- "s3:DeleteBucketEncryption",
- "s3:DeleteBucketLifecycle",
- "s3:DeleteBucketReplication",
- "iam:PassRole",
- "s3:ListBucket"
- ]
+ "DualStackDomainName": {
+ "examples": [
+ "mystack-mybucket-kdwwxmddtr2g.s3.dualstack.us-east-2.amazonaws.com"
+ ],
+ "description": "",
+ "type": "string"
},
- "delete": {
- "permissions": [
- "s3:DeleteBucket",
- "s3:ListBucket"
+ "AccessControl": {
+ "description": "This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see [Controlling object ownership](https://docs.aws.amazon.com//AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*.\n A canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 User Guide*.\n S3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the [AWS::S3::OwnershipControls](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-ownershipcontrols.html) property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon.\n The majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see [AWS::S3::BucketPolicy](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-policy.html). For examples of common policy configurations, including S3 Server Access Logs buckets and more, see [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) in the *Amazon S3 User Guide*.",
+ "type": "string",
+ "enum": [
+ "AuthenticatedRead",
+ "AwsExecRead",
+ "BucketOwnerFullControl",
+ "BucketOwnerRead",
+ "LogDeliveryWrite",
+ "Private",
+ "PublicRead",
+ "PublicReadWrite"
]
},
- "list": {
- "permissions": [
- "s3:ListAllMyBuckets"
- ]
+ "AnalyticsConfigurations": {
+ "uniqueItems": true,
+ "description": "Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.",
+ "insertionOrder": true,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/AnalyticsConfiguration"
+ }
+ },
+ "AccelerateConfiguration": {
+ "description": "Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see [Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the *Amazon S3 User Guide*.",
+ "$ref": "#/definitions/AccelerateConfiguration"
+ },
+ "PublicAccessBlockConfiguration": {
+ "description": "Configuration that defines how Amazon S3 handles public access.",
+ "$ref": "#/definitions/PublicAccessBlockConfiguration"
+ },
+ "BucketName": {
+ "description": "A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html). For more information, see [Rules for naming Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html#bucketnamingrules) in the *Amazon S3 User Guide*. \n If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.",
+ "type": "string"
+ },
+ "RegionalDomainName": {
+ "examples": [
+ "mystack-mybucket-kdwwxmddtr2g.s3.us-east-2.amazonaws.com"
+ ],
+ "description": "",
+ "type": "string"
+ },
+ "OwnershipControls": {
+ "description": "Configuration that defines how Amazon S3 handles Object Ownership rules.",
+ "$ref": "#/definitions/OwnershipControls"
+ },
+ "ObjectLockConfiguration": {
+ "description": "This operation is not supported by directory buckets.\n Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). \n + The ``DefaultRetention`` settings require both a mode and a period.\n + The ``DefaultRetention`` period can be either ``Days`` or ``Years`` but you must select one. You cannot specify ``Days`` and ``Years`` at the same time.\n + You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html).",
+ "$ref": "#/definitions/ObjectLockConfiguration"
+ },
+ "ObjectLockEnabled": {
+ "description": "Indicates whether this bucket has an Object Lock configuration enabled. Enable ``ObjectLockEnabled`` when you apply ``ObjectLockConfiguration`` to a bucket.",
+ "type": "boolean"
+ },
+ "LoggingConfiguration": {
+ "description": "Settings that define where logs are stored.",
+ "$ref": "#/definitions/LoggingConfiguration"
+ },
+ "ReplicationConfiguration": {
+ "description": "Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the ``VersioningConfiguration`` property.\n Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist.",
+ "$ref": "#/definitions/ReplicationConfiguration"
+ },
+ "Tags": {
+ "description": "An arbitrary set of tags (key-value pairs) for this S3 bucket.",
+ "insertionOrder": false,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/Tag"
+ }
+ },
+ "DomainName": {
+ "examples": [
+ "mystack-mybucket-kdwwxmddtr2g.s3.amazonaws.com"
+ ],
+ "description": "",
+ "type": "string"
+ },
+ "BucketEncryption": {
+ "description": "Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide*.",
+ "$ref": "#/definitions/BucketEncryption"
+ },
+ "WebsiteURL": {
+ "examples": [
+ "Example (IPv4): http://mystack-mybucket-kdwwxmddtr2g.s3-website-us-east-2.amazonaws.com/",
+ "Example (IPv6): http://mystack-mybucket-kdwwxmddtr2g.s3.dualstack.us-east-2.amazonaws.com/"
+ ],
+ "format": "uri",
+ "description": "",
+ "type": "string"
+ },
+ "NotificationConfiguration": {
+ "description": "Configuration that defines how Amazon S3 handles bucket notifications.",
+ "$ref": "#/definitions/NotificationConfiguration"
+ },
+ "LifecycleConfiguration": {
+ "description": "Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide*.",
+ "$ref": "#/definitions/LifecycleConfiguration"
+ },
+ "VersioningConfiguration": {
+ "description": "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.\n When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (``PUT`` or ``DELETE``) on objects in the bucket.",
+ "$ref": "#/definitions/VersioningConfiguration"
+ },
+ "MetricsConfigurations": {
+ "uniqueItems": true,
+ "description": "Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html).",
+ "insertionOrder": true,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/MetricsConfiguration"
+ }
+ },
+ "IntelligentTieringConfigurations": {
+ "uniqueItems": true,
+ "description": "Defines how Amazon S3 handles Intelligent-Tiering storage.",
+ "insertionOrder": true,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/IntelligentTieringConfiguration"
+ }
+ },
+ "CorsConfiguration": {
+ "description": "Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide*.",
+ "$ref": "#/definitions/CorsConfiguration"
+ },
+ "Arn": {
+ "examples": [
+ "arn:aws:s3:::mybucket"
+ ],
+ "description": "",
+ "$ref": "#/definitions/Arn"
}
}
}
diff --git a/internal/service/cloudformation/schemas/AWS_Signer_SigningProfile.json b/internal/service/cloudformation/schemas/AWS_Signer_SigningProfile.json
index a532b558a..8a1ff25c3 100644
--- a/internal/service/cloudformation/schemas/AWS_Signer_SigningProfile.json
+++ b/internal/service/cloudformation/schemas/AWS_Signer_SigningProfile.json
@@ -18,7 +18,7 @@
"type": "string",
"minLength": 2,
"maxLength": 64,
- "pattern": "^[0-9a-zA-Z_]$"
+ "pattern": "^[0-9a-zA-Z_]{2,64}$"
},
"ProfileVersion": {
"type": "string",
diff --git a/internal/service/cloudformation/schemas/AWS_SystemsManagerSAP_Application.json b/internal/service/cloudformation/schemas/AWS_SystemsManagerSAP_Application.json
index badd34a7a..254c14ac4 100644
--- a/internal/service/cloudformation/schemas/AWS_SystemsManagerSAP_Application.json
+++ b/internal/service/cloudformation/schemas/AWS_SystemsManagerSAP_Application.json
@@ -4,16 +4,17 @@
"properties": {
"ApplicationId": {
"type": "string",
- "pattern": "[\\w\\d]{1,50}"
+ "pattern": "[\\w\\d\\.-]{1,60}"
},
"ApplicationType": {
"type": "string",
"enum": [
- "HANA"
+ "HANA",
+ "SAP_ABAP"
]
},
"Arn": {
- "description": "The ARN of the Helix application",
+ "description": "The ARN of the SSM-SAP application",
"type": "string",
"pattern": "^arn:(.+:){2,4}.+$|^arn:(.+:){1,3}.+\\/.+$"
},
@@ -48,6 +49,11 @@
"$ref": "#/definitions/Tag"
},
"insertionOrder": true
+ },
+ "DatabaseArn": {
+ "description": "The ARN of the SAP HANA database",
+ "type": "string",
+ "pattern": "^arn:(.+:){2,4}.+$|^arn:(.+:){1,3}.+\\/.+$"
}
},
"required": [
@@ -64,13 +70,15 @@
"/properties/Credentials",
"/properties/Instances",
"/properties/SapInstanceNumber",
- "/properties/Sid"
+ "/properties/Sid",
+ "/properties/DatabaseArn"
],
"writeOnlyProperties": [
"/properties/Credentials",
"/properties/Instances",
"/properties/SapInstanceNumber",
- "/properties/Sid"
+ "/properties/Sid",
+ "/properties/DatabaseArn"
],
"additionalProperties": false,
"definitions": {
@@ -128,7 +136,8 @@
"ssm-sap:RegisterApplication",
"ssm-sap:GetApplication",
"ssm-sap:TagResource",
- "ssm-sap:ListTagsForResource"
+ "ssm-sap:ListTagsForResource",
+ "iam:CreateServiceLinkedRole"
]
},
"read": {
@@ -162,6 +171,11 @@
"tagOnCreate": true,
"tagUpdatable": true,
"cloudFormationSystemTags": true,
- "tagProperty": "/properties/Tags"
+ "tagProperty": "/properties/Tags",
+ "permissions": [
+ "ssm-sap:UntagResource",
+ "ssm-sap:TagResource",
+ "ssm-sap:ListTagsForResource"
+ ]
}
}
diff --git a/internal/service/cloudformation/schemas/AWS_VpcLattice_AuthPolicy.json b/internal/service/cloudformation/schemas/AWS_VpcLattice_AuthPolicy.json
index ab6e34583..45487ded7 100644
--- a/internal/service/cloudformation/schemas/AWS_VpcLattice_AuthPolicy.json
+++ b/internal/service/cloudformation/schemas/AWS_VpcLattice_AuthPolicy.json
@@ -7,7 +7,7 @@
"type": "string",
"pattern": "^((((sn)|(svc))-[0-9a-z]{17})|(arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:((servicenetwork/sn)|(service/svc))-[0-9a-z]{17}))$",
"maxLength": 200,
- "minLength": 21
+ "minLength": 17
},
"Policy": {
"type": "object"