@awboost/cfn-resource-types 0.1.472 → 0.1.474

package/lib/AWS-Backup-LogicallyAirGappedBackupVault.d.ts

@@ -13,6 +13,7 @@ export type BackupLogicallyAirGappedBackupVaultProperties = {
     BackupVaultTags?: Record<string, string>;
     MaxRetentionDays: number;
     MinRetentionDays: number;
+    MpaApprovalTeamArn?: string;
     Notifications?: NotificationObjectType;
 };
 /**

package/lib/AWS-BedrockAgentCore-GatewayTarget.d.ts

@@ -35,6 +35,7 @@ export type BedrockAgentCoreGatewayTargetAttributes = {
      * @pattern `^arn:aws(|-cn|-us-gov):bedrock-agentcore:[a-z0-9-]{1,20}:[0-9]{12}:gateway/([0-9a-z][-]?){1,100}-[a-z0-9]{10}$`
      */
     GatewayArn: string;
+    LastSynchronizedAt: string;
     Status: TargetStatus;
     /**
      * @maxLength `100`
@@ -116,6 +117,16 @@ export type McpLambdaTargetConfiguration = {
     LambdaArn: string;
     ToolSchema: ToolSchema;
 };
+/**
+ * Type definition for `AWS::BedrockAgentCore::GatewayTarget.McpServerTargetConfiguration`.
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrockagentcore-gatewaytarget-mcpservertargetconfiguration.html}
+ */
+export type McpServerTargetConfiguration = {
+    /**
+     * @pattern `^https://.*`
+     */
+    Endpoint: string;
+};
 /**
  * Type definition for `AWS::BedrockAgentCore::GatewayTarget.McpTargetConfiguration`.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrockagentcore-gatewaytarget-mcptargetconfiguration.html}
@@ -126,6 +137,8 @@ export type McpTargetConfiguration = {
     SmithyModel: ApiSchemaConfiguration;
 } | {
     Lambda: McpLambdaTargetConfiguration;
+} | {
+    McpServer: McpServerTargetConfiguration;
 };
 /**
  * Type definition for `AWS::BedrockAgentCore::GatewayTarget.OAuthCredentialProvider`.
@@ -193,7 +206,7 @@ export type TargetConfiguration = {
  * Type definition for `AWS::BedrockAgentCore::GatewayTarget.TargetStatus`.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrockagentcore-gatewaytarget-targetstatus.html}
  */
-export type TargetStatus = "CREATING" | "UPDATING" | "UPDATE_UNSUCCESSFUL" | "DELETING" | "READY" | "FAILED";
+export type TargetStatus = "CREATING" | "UPDATING" | "UPDATE_UNSUCCESSFUL" | "DELETING" | "READY" | "FAILED" | "SYNCHRONIZING" | "SYNCHRONIZE_UNSUCCESSFUL";
 /**
  * Type definition for `AWS::BedrockAgentCore::GatewayTarget.ToolDefinition`.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrockagentcore-gatewaytarget-tooldefinition.html}

package/lib/AWS-Connect-SecurityProfile.d.ts

@@ -28,6 +28,12 @@ export type ConnectSecurityProfileProperties = {
      * @maxLength `250`
      */
     Description?: string;
+    GranularAccessControlConfiguration?: {
+        /**
+         * Defines the access control configuration for data tables.
+         */
+        DataTableAccessControlConfiguration?: DataTableAccessControlConfiguration;
+    };
     /**
      * The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect.
      * @maxLength `10`
@@ -99,6 +105,54 @@ export type Application = {
      */
     Namespace: string;
 };
+/**
+ * Type definition for `AWS::Connect::SecurityProfile.DataTableAccessControlConfiguration`.
+ * Defines the access control configuration for data tables.
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-connect-securityprofile-datatableaccesscontrolconfiguration.html}
+ */
+export type DataTableAccessControlConfiguration = {
+    /**
+     * Contains the configuration for record-based access control.
+     */
+    PrimaryAttributeAccessControlConfiguration?: PrimaryAttributeAccessControlConfigurationItem;
+};
+/**
+ * Type definition for `AWS::Connect::SecurityProfile.PrimaryAttributeAccessControlConfigurationItem`.
+ * Contains the configuration for record-based access control.
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-connect-securityprofile-primaryattributeaccesscontrolconfigurationitem.html}
+ */
+export type PrimaryAttributeAccessControlConfigurationItem = {
+    /**
+     * An array of PrimaryAttributeValue objects.
+     * @minLength `1`
+     * @maxLength `5`
+     */
+    PrimaryAttributeValues: PrimaryAttributeValue[];
+};
+/**
+ * Type definition for `AWS::Connect::SecurityProfile.PrimaryAttributeValue`.
+ * An object defining the access control for a specific attribute and its values.
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-connect-securityprofile-primaryattributevalue.html}
+ */
+export type PrimaryAttributeValue = {
+    /**
+     * Specifies the type of access granted. Currently, only "ALLOW" is supported
+     */
+    AccessType: "ALLOW";
+    /**
+     * The name of the primary attribute.
+     * @minLength `1`
+     * @maxLength `127`
+     * @pattern `^(?!aws:|connect:)[\p{L}\p{Z}\p{N}\-_.:=@'|]+$`
+     */
+    AttributeName: string;
+    /**
+     * An array of allowed primary values for the specified primary attribute.
+     * @minLength `1`
+     * @maxLength `2`
+     */
+    Values: string[];
+};
 /**
  * Type definition for `AWS::Connect::SecurityProfile.Tag`.
  * A key-value pair to associate with a resource.

package/lib/AWS-ControlTower-LandingZone.d.ts

@@ -6,6 +6,7 @@ import type { ResourceOptions as $ResourceOptions } from "@awboost/cfn-template-
  */
 export type ControlTowerLandingZoneProperties = {
     Manifest: any;
+    RemediationTypes?: "INHERITANCE_DRIFT"[];
     Tags?: Tag[];
     /**
      * @minLength `3`

package/lib/AWS-EC2-EC2Fleet.d.ts

@@ -148,9 +148,9 @@ export type FleetLaunchTemplateSpecificationRequest = {
 export type InstanceRequirementsRequest = {
     AcceleratorCount?: AcceleratorCountRequest;
     AcceleratorManufacturers?: ("amazon-web-services" | "amd" | "habana" | "nvidia" | "xilinx")[];
-    AcceleratorNames?: ("a10g" | "a100" | "h100" | "inferentia" | "k520" | "k80" | "m60" | "radeon-pro-v520" | "t4" | "t4g" | "vu9p" | "v100")[];
+    AcceleratorNames?: ("a10g" | "a100" | "h100" | "inferentia" | "k520" | "k80" | "m60" | "radeon-pro-v520" | "t4" | "t4g" | "vu9p" | "v100" | "l40s" | "l4" | "gaudi-hl-205" | "inferentia2" | "trainium" | "trainium2" | "u30")[];
     AcceleratorTotalMemoryMiB?: AcceleratorTotalMemoryMiBRequest;
-    AcceleratorTypes?: ("gpu" | "fpga" | "inference")[];
+    AcceleratorTypes?: ("gpu" | "fpga" | "inference" | "media")[];
     AllowedInstanceTypes?: string[];
     BareMetal?: "included" | "required" | "excluded";
     BaselineEbsBandwidthMbps?: BaselineEbsBandwidthMbpsRequest;

package/lib/AWS-EC2-SpotFleet.d.ts

@@ -147,9 +147,9 @@ export type InstanceNetworkInterfaceSpecification = {
 export type InstanceRequirementsRequest = {
     AcceleratorCount?: AcceleratorCountRequest;
     AcceleratorManufacturers?: ("amazon-web-services" | "amd" | "habana" | "nvidia" | "xilinx")[];
-    AcceleratorNames?: ("a10g" | "a100" | "h100" | "inferentia" | "k520" | "k80" | "m60" | "radeon-pro-v520" | "t4" | "t4g" | "vu9p" | "v100")[];
+    AcceleratorNames?: ("a10g" | "a100" | "h100" | "inferentia" | "k520" | "k80" | "m60" | "radeon-pro-v520" | "t4" | "t4g" | "vu9p" | "v100" | "l40s" | "l4" | "gaudi-hl-205" | "inferentia2" | "trainium" | "trainium2" | "u30")[];
     AcceleratorTotalMemoryMiB?: AcceleratorTotalMemoryMiBRequest;
-    AcceleratorTypes?: ("gpu" | "fpga" | "inference")[];
+    AcceleratorTypes?: ("gpu" | "fpga" | "inference" | "media")[];
     AllowedInstanceTypes?: string[];
     BareMetal?: "included" | "required" | "excluded";
     BaselineEbsBandwidthMbps?: BaselineEbsBandwidthMbpsRequest;

package/lib/AWS-EC2-TransitGateway.d.ts

@@ -12,6 +12,7 @@ export type EC2TransitGatewayProperties = {
     DefaultRouteTablePropagation?: string;
     Description?: string;
     DnsSupport?: string;
+    EncryptionSupport?: "disable" | "enable";
     MulticastSupport?: string;
     PropagationDefaultRouteTableId?: string;
     SecurityGroupReferencingSupport?: string;
@@ -24,6 +25,7 @@ export type EC2TransitGatewayProperties = {
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-transitgateway.html#aws-resource-ec2-transitgateway-return-values}
  */
 export type EC2TransitGatewayAttributes = {
+    EncryptionSupportState: string;
     Id: string;
     TransitGatewayArn: string;
 };

package/lib/AWS-Kinesis-Stream.d.ts

@@ -42,10 +42,14 @@ export type KinesisStreamProperties = {
      */
     StreamModeDetails?: StreamModeDetails;
     /**
-     * An arbitrary set of tags (key–value pairs) to associate with the Kinesis stream.
+     * An arbitrary set of tags (key-value pairs) to associate with the Kinesis stream.
      * @maxLength `50`
      */
     Tags?: Tag[];
+    /**
+     * Target warm throughput in MiB/s for the stream. This property can ONLY be set when StreamMode is ON_DEMAND.
+     */
+    WarmThroughputMiBps?: number;
 };
 /**
  * Attribute type definition for `AWS::Kinesis::Stream`.
@@ -56,6 +60,19 @@ export type KinesisStreamAttributes = {
      * The Amazon resource name (ARN) of the Kinesis stream
      */
     Arn: string;
+    /**
+     * Warm throughput configuration details for the stream. Only present for ON_DEMAND streams.
+     */
+    WarmThroughputObject: {
+        /**
+         * Current warm throughput in MiB/s
+         */
+        CurrentMiBps: number;
+        /**
+         * Target warm throughput in MiB/s that a customer can write to a stream at any given time
+         */
+        TargetMiBps: number;
+    };
 };
 /**
  * Type definition for `AWS::Kinesis::Stream.EnhancedMetric`.
@@ -110,6 +127,21 @@ export type Tag = {
      */
     Value: string;
 };
+/**
+ * Type definition for `AWS::Kinesis::Stream.WarmThroughputObject`.
+ * Warm throughput configuration details for the stream. Only present for ON_DEMAND streams.
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesis-stream-warmthroughputobject.html}
+ */
+export type WarmThroughputObject = {
+    /**
+     * Current warm throughput in MiB/s
+     */
+    CurrentMiBps?: number;
+    /**
+     * Target warm throughput in MiB/s that a customer can write to a stream at any given time
+     */
+    TargetMiBps?: number;
+};
 /**
  * Resource Type definition for AWS::Kinesis::Stream
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kinesis-stream.html}

package/lib/AWS-Lambda-Permission.d.ts

@@ -3,7 +3,7 @@ import type { ResourceOptions as $ResourceOptions } from "@awboost/cfn-template-
 /**
  * The ``AWS::Lambda::Permission`` resource grants an AWS service or another account permission to use a function. You can apply the policy at the function level, or specify a qualifier to restrict access to a single version or alias. If you use a qualifier, the invoker must use the full Amazon Resource Name (ARN) of that version or alias to invoke the function.
  To grant permission to another account, specify the account ID as the ``Principal``. To grant permission to an organization defined in AOlong, specify the organization ID as the ``PrincipalOrgID``. For AWS services, the principal is a domain-style identifier defined by the service, like ``s3.amazonaws.com`` or ``sns.amazonaws.com``. For AWS services, you can also specify the ARN of the associated resource as the ``SourceArn``. If you grant permission to a service principal without specifying the source, other accounts could potentially configure resources in their account to invoke your Lambda function.
- If your function has a function URL, you can specify the ``FunctionUrlAuthType`` parameter. This adds a condition to your permission that only applies when your function URL's ``AuthType`` matches the specified ``FunctionUrlAuthType``. For more information about the ``AuthType`` parameter, see [Security and auth model for function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html).
+ If your function has a function URL, you can specify the ``FunctionUrlAuthType`` parameter. This adds a condition to your permission that only applies when your function URL's ``AuthType`` matches the specified ``FunctionUrlAuthType``. For more information about the ``AuthType`` parameter, see [Control access to function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html).
  This resource adds a statement to a resource-based permission policy for the function. For more information about function policies, see [Lambda Function Policies](https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html).
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html}
  */
@@ -36,9 +36,12 @@ export type LambdaPermissionProperties = {
        */
     FunctionName: string;
     /**
-     * The type of authentication that your function URL uses. Set to ``AWS_IAM`` if you want to restrict access to authenticated users only. Set to ``NONE`` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html).
+     * The type of authentication that your function URL uses. Set to ``AWS_IAM`` if you want to restrict access to authenticated users only. Set to ``NONE`` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Control access to Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html).
      */
     FunctionUrlAuthType?: "AWS_IAM" | "NONE";
+    /**
+     * Restricts the ``lambda:InvokeFunction`` action to function URL calls. When specified, this option prevents the principal from invoking the function by any means other than the function URL. For more information, see [Control access to Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html).
+     */
     InvokedViaFunctionUrl?: boolean;
     /**
      * The AWS-service, AWS-account, IAM user, or IAM role that invokes the function. If you specify a service, use ``SourceArn`` or ``SourceAccount`` to limit who can invoke the function through that service.
@@ -85,7 +88,7 @@ export type LambdaPermissionAttributes = {
 /**
  * The ``AWS::Lambda::Permission`` resource grants an AWS service or another account permission to use a function. You can apply the policy at the function level, or specify a qualifier to restrict access to a single version or alias. If you use a qualifier, the invoker must use the full Amazon Resource Name (ARN) of that version or alias to invoke the function.
  To grant permission to another account, specify the account ID as the ``Principal``. To grant permission to an organization defined in AOlong, specify the organization ID as the ``PrincipalOrgID``. For AWS services, the principal is a domain-style identifier defined by the service, like ``s3.amazonaws.com`` or ``sns.amazonaws.com``. For AWS services, you can also specify the ARN of the associated resource as the ``SourceArn``. If you grant permission to a service principal without specifying the source, other accounts could potentially configure resources in their account to invoke your Lambda function.
- If your function has a function URL, you can specify the ``FunctionUrlAuthType`` parameter. This adds a condition to your permission that only applies when your function URL's ``AuthType`` matches the specified ``FunctionUrlAuthType``. For more information about the ``AuthType`` parameter, see [Security and auth model for function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html).
+ If your function has a function URL, you can specify the ``FunctionUrlAuthType`` parameter. This adds a condition to your permission that only applies when your function URL's ``AuthType`` matches the specified ``FunctionUrlAuthType``. For more information about the ``AuthType`` parameter, see [Control access to function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html).
  This resource adds a statement to a resource-based permission policy for the function. For more information about function policies, see [Lambda Function Policies](https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html).
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html}
  */

package/lib/AWS-Lambda-Permission.js

@@ -2,7 +2,7 @@ import { Resource as $Resource } from "@awboost/cfn-template-builder/template/re
 /**
  * The ``AWS::Lambda::Permission`` resource grants an AWS service or another account permission to use a function. You can apply the policy at the function level, or specify a qualifier to restrict access to a single version or alias. If you use a qualifier, the invoker must use the full Amazon Resource Name (ARN) of that version or alias to invoke the function.
  To grant permission to another account, specify the account ID as the ``Principal``. To grant permission to an organization defined in AOlong, specify the organization ID as the ``PrincipalOrgID``. For AWS services, the principal is a domain-style identifier defined by the service, like ``s3.amazonaws.com`` or ``sns.amazonaws.com``. For AWS services, you can also specify the ARN of the associated resource as the ``SourceArn``. If you grant permission to a service principal without specifying the source, other accounts could potentially configure resources in their account to invoke your Lambda function.
- If your function has a function URL, you can specify the ``FunctionUrlAuthType`` parameter. This adds a condition to your permission that only applies when your function URL's ``AuthType`` matches the specified ``FunctionUrlAuthType``. For more information about the ``AuthType`` parameter, see [Security and auth model for function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html).
+ If your function has a function URL, you can specify the ``FunctionUrlAuthType`` parameter. This adds a condition to your permission that only applies when your function URL's ``AuthType`` matches the specified ``FunctionUrlAuthType``. For more information about the ``AuthType`` parameter, see [Control access to function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html).
  This resource adds a statement to a resource-based permission policy for the function. For more information about function policies, see [Lambda Function Policies](https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html).
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html}
  */

package/lib/AWS-S3Tables-Table.d.ts

@@ -33,6 +33,10 @@ export type S3TablesTableProperties = {
      * The name for the table.
      */
     TableName: string;
+    /**
+     * User tags (key-value pairs) to associate with the table.
+     */
+    Tags?: Tag[];
     /**
      * Indicates that you don't want to specify a schema for the table. This property is mutually exclusive to 'IcebergMetadata', and its only possible value is 'Yes'.
      */
@@ -140,6 +144,23 @@ export type SnapshotManagement = {
      */
     Status?: "enabled" | "disabled";
 };
+/**
+ * Type definition for `AWS::S3Tables::Table.Tag`.
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3tables-table-tag.html}
+ */
+export type Tag = {
+    /**
+     * Tag key must be between 1 to 128 characters in length. Tag key cannot start with 'aws:' and can only contain alphanumeric characters, spaces, _, ., /, =, +, -, and @.
+     * @minLength `1`
+     * @maxLength `128`
+     */
+    Key: string;
+    /**
+     * Tag value must be between 0 to 256 characters in length. Tag value can only contain alphanumeric characters, spaces, _, ., /, =, +, -, and @.
+     * @maxLength `256`
+     */
+    Value: string;
+};
 /**
  * Type definition for `AWS::S3Tables::Table.WithoutMetadata`.
  * Indicates that you don't want to specify a schema for the table. This property is mutually exclusive to 'IcebergMetadata', and its only possible value is 'Yes'.

package/lib/AWS-S3Tables-TableBucket.d.ts

@@ -16,6 +16,10 @@ export type S3TablesTableBucketProperties = {
      * @maxLength `63`
      */
     TableBucketName: string;
+    /**
+     * User tags (key-value pairs) to associate with the table bucket.
+     */
+    Tags?: Tag[];
     /**
      * Settings governing the Unreferenced File Removal maintenance action. Unreferenced file removal identifies and deletes all objects that are not referenced by any table snapshots.
      */
@@ -46,6 +50,23 @@ export type EncryptionConfiguration = {
      */
     SSEAlgorithm?: "AES256" | "aws:kms";
 };
+/**
+ * Type definition for `AWS::S3Tables::TableBucket.Tag`.
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3tables-tablebucket-tag.html}
+ */
+export type Tag = {
+    /**
+     * Tag key must be between 1 to 128 characters in length. Tag key cannot start with 'aws:' and can only contain alphanumeric characters, spaces, _, ., /, =, +, -, and @.
+     * @minLength `1`
+     * @maxLength `128`
+     */
+    Key: string;
+    /**
+     * Tag value must be between 0 to 256 characters in length. Tag value can only contain alphanumeric characters, spaces, _, ., /, =, +, -, and @.
+     * @maxLength `256`
+     */
+    Value: string;
+};
 /**
  * Type definition for `AWS::S3Tables::TableBucket.UnreferencedFileRemoval`.
  * Settings governing the Unreferenced File Removal maintenance action. Unreferenced file removal identifies and deletes all objects that are not referenced by any table snapshots.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@awboost/cfn-resource-types",
-  "version": "0.1.472",
+  "version": "0.1.474",
   "publishConfig": {
     "access": "public"
   },