@awboost/cfn-resource-types 0.1.53 → 0.1.55

package/lib/AWS-B2BI-Capability.d.ts

@@ -120,7 +120,7 @@ export type X12Details = {
  * Type definition for `AWS::B2BI::Capability.X12TransactionSet`.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-b2bi-capability-x12transactionset.html}
  */
-export type X12TransactionSet = "X12_110" | "X12_180" | "X12_204" | "X12_210" | "X12_214" | "X12_215" | "X12_310" | "X12_315" | "X12_322" | "X12_404" | "X12_410" | "X12_820" | "X12_824" | "X12_830" | "X12_846" | "X12_850" | "X12_852" | "X12_855" | "X12_856" | "X12_860" | "X12_861" | "X12_864" | "X12_940" | "X12_990" | "X12_997";
+export type X12TransactionSet = "X12_110" | "X12_180" | "X12_204" | "X12_210" | "X12_211" | "X12_214" | "X12_215" | "X12_259" | "X12_260" | "X12_266" | "X12_269" | "X12_270" | "X12_271" | "X12_274" | "X12_275" | "X12_276" | "X12_277" | "X12_278" | "X12_310" | "X12_315" | "X12_322" | "X12_404" | "X12_410" | "X12_417" | "X12_421" | "X12_426" | "X12_810" | "X12_820" | "X12_824" | "X12_830" | "X12_832" | "X12_834" | "X12_835" | "X12_837" | "X12_844" | "X12_846" | "X12_849" | "X12_850" | "X12_852" | "X12_855" | "X12_856" | "X12_860" | "X12_861" | "X12_864" | "X12_865" | "X12_869" | "X12_870" | "X12_940" | "X12_945" | "X12_990" | "X12_997" | "X12_999" | "X12_270_X279" | "X12_271_X279" | "X12_275_X210" | "X12_275_X211" | "X12_276_X212" | "X12_277_X212" | "X12_277_X214" | "X12_277_X364" | "X12_278_X217" | "X12_820_X218" | "X12_820_X306" | "X12_824_X186" | "X12_834_X220" | "X12_834_X307" | "X12_834_X318" | "X12_835_X221" | "X12_837_X222" | "X12_837_X223" | "X12_837_X224" | "X12_837_X291" | "X12_837_X292" | "X12_837_X298" | "X12_999_X231";
 /**
  * Type definition for `AWS::B2BI::Capability.X12Version`.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-b2bi-capability-x12version.html}

package/lib/AWS-B2BI-Transformer.d.ts

@@ -93,12 +93,12 @@ export type X12Details = {
  * Type definition for `AWS::B2BI::Transformer.X12TransactionSet`.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-b2bi-transformer-x12transactionset.html}
  */
-export type X12TransactionSet = "X12_110" | "X12_180" | "X12_204" | "X12_210" | "X12_214" | "X12_215" | "X12_310" | "X12_315" | "X12_322" | "X12_404" | "X12_410" | "X12_820" | "X12_824" | "X12_830" | "X12_846" | "X12_850" | "X12_852" | "X12_855" | "X12_856" | "X12_860" | "X12_861" | "X12_864" | "X12_940" | "X12_990" | "X12_997";
+export type X12TransactionSet = "X12_110" | "X12_180" | "X12_204" | "X12_210" | "X12_211" | "X12_214" | "X12_215" | "X12_259" | "X12_260" | "X12_266" | "X12_269" | "X12_270" | "X12_271" | "X12_274" | "X12_275" | "X12_276" | "X12_277" | "X12_278" | "X12_310" | "X12_315" | "X12_322" | "X12_404" | "X12_410" | "X12_417" | "X12_421" | "X12_426" | "X12_810" | "X12_820" | "X12_824" | "X12_830" | "X12_832" | "X12_834" | "X12_835" | "X12_837" | "X12_844" | "X12_846" | "X12_849" | "X12_850" | "X12_852" | "X12_855" | "X12_856" | "X12_860" | "X12_861" | "X12_864" | "X12_865" | "X12_869" | "X12_870" | "X12_940" | "X12_945" | "X12_990" | "X12_997" | "X12_999" | "X12_270_X279" | "X12_271_X279" | "X12_275_X210" | "X12_275_X211" | "X12_276_X212" | "X12_277_X212" | "X12_277_X214" | "X12_277_X364" | "X12_278_X217" | "X12_820_X218" | "X12_820_X306" | "X12_824_X186" | "X12_834_X220" | "X12_834_X307" | "X12_834_X318" | "X12_835_X221" | "X12_837_X222" | "X12_837_X223" | "X12_837_X224" | "X12_837_X291" | "X12_837_X292" | "X12_837_X298" | "X12_999_X231";
 /**
  * Type definition for `AWS::B2BI::Transformer.X12Version`.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-b2bi-transformer-x12version.html}
  */
-export type X12Version = "VERSION_4010" | "VERSION_4030" | "VERSION_5010";
+export type X12Version = "VERSION_4010" | "VERSION_4030" | "VERSION_5010" | "VERSION_5010_HIPAA";
 /**
  * Definition of AWS::B2BI::Transformer Resource Type
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-b2bi-transformer.html}

package/lib/AWS-CloudWatch-Alarm.d.ts

@@ -1,7 +1,9 @@
 import { Resource as $Resource } from "@awboost/cfn-template-builder/template/resource";
 import type { ResourceOptions as $ResourceOptions } from "@awboost/cfn-template-builder/template";
 /**
- * Resource Type definition for AWS::CloudWatch::Alarm
+ * The ``AWS::CloudWatch::Alarm`` type specifies an alarm and associates it with the specified metric or metric math expression.
+ When this operation creates an alarm, the alarm state is immediately set to ``INSUFFICIENT_DATA``. The alarm is then evaluated and its state is set appropriately. Any actions associated with the new state are then executed.
+ When you update an existing alarm, its state is left unchanged, but the update completely overwrites the previous configuration of the alarm.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudwatch-alarm.html}
  */
 export type CloudWatchAlarmProperties = {
@@ -10,7 +12,7 @@ export type CloudWatchAlarmProperties = {
      */
     ActionsEnabled?: boolean;
     /**
-     * The list of actions to execute when this alarm transitions into an ALARM state from any other state.
+     * The list of actions to execute when this alarm transitions into an ALARM state from any other state. Specify each action as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutMetricAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutMetricAlarm.html) in the *API Reference*.
      */
     AlarmActions?: string[];
     /**
@@ -18,76 +20,93 @@ export type CloudWatchAlarmProperties = {
      */
     AlarmDescription?: string;
     /**
-     * The name of the alarm.
-     */
+       * The name of the alarm. If you don't specify a name, CFN generates a unique physical ID and uses that ID for the alarm name.
+        If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.
+       */
     AlarmName?: string;
     /**
-     * The arithmetic operation to use when comparing the specified statistic and threshold.
+     * The arithmetic operation to use when comparing the specified statistic and threshold. The specified statistic value is used as the first operand.
      */
     ComparisonOperator: string;
     /**
-     * The number of datapoints that must be breaching to trigger the alarm.
-     */
+       * The number of datapoints that must be breaching to trigger the alarm. This is used only if you are setting an "M out of N" alarm. In that case, this value is the M, and the value that you set for ``EvaluationPeriods`` is the N value. For more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *User Guide*.
+       If you omit this parameter, CW uses the same value here that you set for ``EvaluationPeriods``, and the alarm goes to alarm state if that many consecutive periods are breaching.
+       */
     DatapointsToAlarm?: number;
     /**
-     * The dimensions for the metric associated with the alarm. For an alarm based on a math expression, you can't specify Dimensions. Instead, you use Metrics.
+     * The dimensions for the metric associated with the alarm. For an alarm based on a math expression, you can't specify ``Dimensions``. Instead, you use ``Metrics``.
      */
     Dimensions?: Dimension[];
     /**
-     * Used only for alarms based on percentiles.
+     * Used only for alarms based on percentiles. If ``ignore``, the alarm state does not change during periods with too few data points to be statistically significant. If ``evaluate`` or this parameter is not used, the alarm is always evaluated and possibly changes state no matter how many data points are available.
      */
     EvaluateLowSampleCountPercentile?: string;
     /**
-     * The number of periods over which data is compared to the specified threshold.
-     */
+       * The number of periods over which data is compared to the specified threshold. If you are setting an alarm that requires that a number of consecutive data points be breaching to trigger the alarm, this value specifies that number. If you are setting an "M out of N" alarm, this value is the N, and ``DatapointsToAlarm`` is the M.
+       For more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *User Guide*.
+       */
     EvaluationPeriods: number;
     /**
-     * The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100.
-     */
+       * The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100.
+       For an alarm based on a metric, you must specify either ``Statistic`` or ``ExtendedStatistic`` but not both.
+       For an alarm based on a math expression, you can't specify ``ExtendedStatistic``. Instead, you use ``Metrics``.
+       */
     ExtendedStatistic?: string;
     /**
-     * The actions to execute when this alarm transitions to the INSUFFICIENT_DATA state from any other state.
+     * The actions to execute when this alarm transitions to the ``INSUFFICIENT_DATA`` state from any other state. Each action is specified as an Amazon Resource Name (ARN).
      */
     InsufficientDataActions?: string[];
     /**
-     * The name of the metric associated with the alarm.
+     * The name of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you use ``Metrics`` instead and you can't specify ``MetricName``.
      */
     MetricName?: string;
     /**
-     * An array that enables you to create an alarm based on the result of a metric math expression.
-     */
+       * An array that enables you to create an alarm based on the result of a metric math expression. Each item in the array either retrieves a metric or performs a math expression.
+       If you specify the ``Metrics`` parameter, you cannot specify ``MetricName``, ``Dimensions``, ``Period``, ``Namespace``, ``Statistic``, ``ExtendedStatistic``, or ``Unit``.
+       */
     Metrics?: MetricDataQuery[];
     /**
-     * The namespace of the metric associated with the alarm.
-     */
+       * The namespace of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you can't specify ``Namespace`` and you use ``Metrics`` instead.
+       For a list of namespaces for metrics from AWS services, see [Services That Publish Metrics.](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html)
+       */
     Namespace?: string;
     /**
-     * The actions to execute when this alarm transitions to the OK state from any other state.
+     * The actions to execute when this alarm transitions to the ``OK`` state from any other state. Each action is specified as an Amazon Resource Name (ARN).
      */
     OKActions?: string[];
     /**
-     * The period in seconds, over which the statistic is applied.
-     */
+       * The period, in seconds, over which the statistic is applied. This is required for an alarm based on a metric. Valid values are 10, 30, 60, and any multiple of 60.
+       For an alarm based on a math expression, you can't specify ``Period``, and instead you use the ``Metrics`` parameter.
+       *Minimum:* 10
+       */
     Period?: number;
     /**
-     * The statistic for the metric associated with the alarm, other than percentile.
-     */
+       * The statistic for the metric associated with the alarm, other than percentile. For percentile statistics, use ``ExtendedStatistic``.
+       For an alarm based on a metric, you must specify either ``Statistic`` or ``ExtendedStatistic`` but not both.
+       For an alarm based on a math expression, you can't specify ``Statistic``. Instead, you use ``Metrics``.
+       */
     Statistic?: string;
     /**
-     * In an alarm based on an anomaly detection model, this is the ID of the ANOMALY_DETECTION_BAND function used as the threshold for the alarm.
+     * @maxLength `50`
+     */
+    Tags?: Tag[];
+    /**
+     * The value to compare with the specified statistic.
      */
     Threshold?: number;
     /**
-     * In an alarm based on an anomaly detection model, this is the ID of the ANOMALY_DETECTION_BAND function used as the threshold for the alarm.
+     * In an alarm based on an anomaly detection model, this is the ID of the ``ANOMALY_DETECTION_BAND`` function used as the threshold for the alarm.
      */
     ThresholdMetricId?: string;
     /**
-     * Sets how this alarm is to handle missing data points. Valid values are breaching, notBreaching, ignore, and missing.
-     */
+       * Sets how this alarm is to handle missing data points. Valid values are ``breaching``, ``notBreaching``, ``ignore``, and ``missing``. For more information, see [Configuring How Alarms Treat Missing Data](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarms-and-missing-data) in the *Amazon User Guide*.
+       If you omit this parameter, the default behavior of ``missing`` is used.
+       */
     TreatMissingData?: string;
     /**
-     * The unit of the metric associated with the alarm.
-     */
+       * The unit of the metric associated with the alarm. Specify this only if you are creating an alarm based on a single metric. Do not specify this if you are specifying a ``Metrics`` array.
+        You can specify the following values: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None.
+       */
     Unit?: string;
 };
 /**
@@ -95,48 +114,46 @@ export type CloudWatchAlarmProperties = {
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudwatch-alarm.html#aws-resource-cloudwatch-alarm-return-values}
  */
 export type CloudWatchAlarmAttributes = {
-    /**
-     * Amazon Resource Name is a unique name for each resource.
-     */
     Arn: string;
 };
 /**
  * Type definition for `AWS::CloudWatch::Alarm.Dimension`.
- * Dimensions are arbitrary name/value pairs that can be associated with a CloudWatch metric.
+ * Dimension is an embedded property of the ``AWS::CloudWatch::Alarm`` type. Dimensions are name/value pairs that can be associated with a CW metric. You can specify a maximum of 10 dimensions for a given metric.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudwatch-alarm-dimension.html}
  */
 export type Dimension = {
     /**
-     * The name of the dimension.
+     * The name of the dimension, from 1–255 characters in length. This dimension name must have been included when the metric was published.
      */
     Name: string;
     /**
-     * The value for the dimension.
+     * The value for the dimension, from 1–255 characters in length.
      */
     Value: string;
 };
 /**
  * Type definition for `AWS::CloudWatch::Alarm.Metric`.
- * The Metric property type represents a specific metric.
+ * The ``Metric`` property type represents a specific metric. ``Metric`` is a property of the [MetricStat](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudwatch-alarm-metricstat.html) property type.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudwatch-alarm-metric.html}
  */
 export type Metric = {
     /**
-     * The dimensions for the metric.
+     * The metric dimensions that you want to be used for the metric that the alarm will watch.
      */
     Dimensions?: Dimension[];
     /**
-     * The name of the metric.
+     * The name of the metric that you want the alarm to watch. This is a required field.
      */
     MetricName?: string;
     /**
-     * The namespace of the metric.
+     * The namespace of the metric that the alarm will watch.
      */
     Namespace?: string;
 };
 /**
  * Type definition for `AWS::CloudWatch::Alarm.MetricDataQuery`.
- * This property type specifies the metric data to return, and whether this call is just retrieving a batch set of data for one metric, or is performing a math expression on metric data.
+ * The ``MetricDataQuery`` property type specifies the metric data to return, and whether this call is just retrieving a batch set of data for one metric, or is performing a math expression on metric data.
+ Any expression used must return a single time series. For more information, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *User Guide*.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudwatch-alarm-metricdataquery.html}
  */
 export type MetricDataQuery = {
@@ -145,33 +162,38 @@ export type MetricDataQuery = {
      */
     AccountId?: string;
     /**
-     * The math expression to be performed on the returned data.
-     */
+       * The math expression to be performed on the returned data, if this object is performing a math expression. This expression can use the ``Id`` of the other metrics to refer to those metrics, and can also use the ``Id`` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *User Guide*.
+       Within each MetricDataQuery object, you must specify either ``Expression`` or ``MetricStat`` but not both.
+       */
     Expression?: string;
     /**
-     * A short name used to tie this object to the results in the response.
+     * A short name used to tie this object to the results in the response. This name must be unique within a single call to ``GetMetricData``. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.
      */
     Id: string;
     /**
-     * A human-readable label for this metric or expression.
+     * A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. If the metric or expression is shown in a CW dashboard widget, the label is shown. If ``Label`` is omitted, CW generates a default.
      */
     Label?: string;
     /**
-     * The metric to be returned, along with statistics, period, and units.
-     */
+       * The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.
+       Within one MetricDataQuery object, you must specify either ``Expression`` or ``MetricStat`` but not both.
+       */
     MetricStat?: MetricStat;
     /**
-     * The period in seconds, over which the statistic is applied.
+     * The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a ``PutMetricData`` operation that includes a ``StorageResolution of 1 second``.
      */
     Period?: number;
     /**
-     * This option indicates whether to return the timestamps and raw data values of this metric.
-     */
+       * This option indicates whether to return the timestamps and raw data values of this metric.
+       When you create an alarm based on a metric math expression, specify ``True`` for this value for only the one math expression that the alarm is based on. You must specify ``False`` for ``ReturnData`` for all the other metrics and expressions used in the alarm.
+       This field is required.
+       */
     ReturnData?: boolean;
 };
 /**
  * Type definition for `AWS::CloudWatch::Alarm.MetricStat`.
  * This structure defines the metric to be returned, along with the statistics, period, and units.
+  ``MetricStat`` is a property of the [MetricDataQuery](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudwatch-alarm-metricdataquery.html) property type.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudwatch-alarm-metricstat.html}
  */
 export type MetricStat = {
@@ -180,20 +202,45 @@ export type MetricStat = {
      */
     Metric: Metric;
     /**
-     * The granularity, in seconds, of the returned data points.
-     */
+       * The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a ``PutMetricData`` call that includes a ``StorageResolution`` of 1 second.
+       If the ``StartTime`` parameter specifies a time stamp that is greater than 3 hours ago, you must specify the period as follows or no data points in that time range is returned:
+        +  Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute).
+        +  Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes).
+        +  Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour).
+       */
     Period: number;
     /**
-     * The statistic to return.
+     * The statistic to return. It can include any CW statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *User Guide*.
      */
     Stat: string;
     /**
-     * The unit to use for the returned data points.
-     */
+       * The unit to use for the returned data points.
+       Valid values are: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None.
+       */
     Unit?: string;
 };
 /**
- * Resource Type definition for AWS::CloudWatch::Alarm
+ * Type definition for `AWS::CloudWatch::Alarm.Tag`.
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudwatch-alarm-tag.html}
+ */
+export type Tag = {
+    /**
+     * A unique identifier for the tag. The combination of tag keys and values can help you organize and categorize your resources.
+     * @minLength `1`
+     * @maxLength `128`
+     */
+    Key: string;
+    /**
+     * The value for the specified tag key.
+     * @minLength `1`
+     * @maxLength `256`
+     */
+    Value: string;
+};
+/**
+ * The ``AWS::CloudWatch::Alarm`` type specifies an alarm and associates it with the specified metric or metric math expression.
+ When this operation creates an alarm, the alarm state is immediately set to ``INSUFFICIENT_DATA``. The alarm is then evaluated and its state is set appropriately. Any actions associated with the new state are then executed.
+ When you update an existing alarm, its state is left unchanged, but the update completely overwrites the previous configuration of the alarm.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudwatch-alarm.html}
  */
 export declare class CloudWatchAlarm extends $Resource<"AWS::CloudWatch::Alarm", CloudWatchAlarmProperties, CloudWatchAlarmAttributes> {

package/lib/AWS-CloudWatch-Alarm.js

@@ -1,6 +1,8 @@
 import { Resource as $Resource } from "@awboost/cfn-template-builder/template/resource";
 /**
- * Resource Type definition for AWS::CloudWatch::Alarm
+ * The ``AWS::CloudWatch::Alarm`` type specifies an alarm and associates it with the specified metric or metric math expression.
+ When this operation creates an alarm, the alarm state is immediately set to ``INSUFFICIENT_DATA``. The alarm is then evaluated and its state is set appropriately. Any actions associated with the new state are then executed.
+ When you update an existing alarm, its state is left unchanged, but the update completely overwrites the previous configuration of the alarm.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudwatch-alarm.html}
  */
 export class CloudWatchAlarm extends $Resource {

package/lib/AWS-CloudWatch-CompositeAlarm.d.ts

@@ -58,6 +58,11 @@ export type CloudWatchCompositeAlarmProperties = {
      * @maxLength `5`
      */
     OKActions?: string[];
+    /**
+     * A list of key-value pairs to associate with the composite alarm. You can associate as many as 50 tags with an alarm.
+     * @maxLength `50`
+     */
+    Tags?: Tag[];
 };
 /**
  * Attribute type definition for `AWS::CloudWatch::CompositeAlarm`.
@@ -71,6 +76,25 @@ export type CloudWatchCompositeAlarmAttributes = {
      */
     Arn: string;
 };
+/**
+ * Type definition for `AWS::CloudWatch::CompositeAlarm.Tag`.
+ * Metadata that you can assign to a composite alarm, Tags can help you organize and categorize your resources.
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudwatch-compositealarm-tag.html}
+ */
+export type Tag = {
+    /**
+     * A unique identifier for the tag. The combination of tag keys and values can help you organize and categorize your resources.
+     * @minLength `1`
+     * @maxLength `128`
+     */
+    Key: string;
+    /**
+     * The value for the specified tag key.
+     * @minLength `1`
+     * @maxLength `256`
+     */
+    Value: string;
+};
 /**
  * The AWS::CloudWatch::CompositeAlarm type specifies an alarm which aggregates the states of other Alarms (Metric or Composite Alarms) as defined by the AlarmRule expression
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudwatch-compositealarm.html}

package/lib/AWS-DynamoDB-Table.d.ts

@@ -3,7 +3,7 @@ import type { ResourceOptions as $ResourceOptions } from "@awboost/cfn-template-
 /**
  * The ``AWS::DynamoDB::Table`` resource creates a DDB table. For more information, see [CreateTable](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_CreateTable.html) in the *API Reference*.
  You should be aware of the following behaviors when working with DDB tables:
-  +  CFNlong typically creates DDB tables in parallel. However, if your template includes multiple DDB tables with indexes, you must declare dependencies so that the tables are created sequentially. DDBlong limits the number of tables with secondary indexes that are in the creating state. If you create multiple tables with indexes at the same time, DDB returns an error and the stack operation fails. For an example, see [DynamoDB Table with a DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#aws-resource-dynamodb-table--examples--DynamoDB_Table_with_a_DependsOn_Attribute).
+  +   CFNlong typically creates DDB tables in parallel. However, if your template includes multiple DDB tables with indexes, you must declare dependencies so that the tables are created sequentially. DDBlong limits the number of tables with secondary indexes that are in the creating state. If you create multiple tables with indexes at the same time, DDB returns an error and the stack operation fails. For an example, see [DynamoDB Table with a DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#aws-resource-dynamodb-table--examples--DynamoDB_Table_with_a_DependsOn_Attribute).
   
    Our guidance is to use the latest schema documented here for your CFNlong templates. This schema supports the provisioning of all table settings below. When using this schema in your CFNlong templates, please ensure that your Identity and Access Management (IAM) policies are updated with appropriate permissions to allow for the authorization of these setting changes.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html}
@@ -67,6 +67,10 @@ export type DynamoDBTableProperties = {
        If you set ``BillingMode`` as ``PROVISIONED``, you must specify this property. If you set ``BillingMode`` as ``PAY_PER_REQUEST``, you cannot specify this property.
        */
     ProvisionedThroughput?: ProvisionedThroughput;
+    /**
+       * A resource-based policy document that contains permissions to add to the specified table. In a CFNshort template, you can provide the policy in JSON or YAML format because CFNshort converts YAML to JSON before submitting it to DDB. For more information about resource-based policies, see [Using resource-based policies for](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html).
+       When you attach a resource-based policy while creating a table, the policy creation is *strongly consistent*. For information about the considerations that you should keep in mind while attaching a resource-based policy, see [Resource-based policy considerations](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-considerations.html).
+       */
     ResourcePolicy?: ResourcePolicy;
     /**
      * Specifies the settings to enable server-side encryption.
@@ -328,9 +332,22 @@ export type ProvisionedThroughput = {
 };
 /**
  * Type definition for `AWS::DynamoDB::Table.ResourcePolicy`.
+ * Creates or updates a resource-based policy document that contains the permissions for DDB resources, such as a table, its indexes, and stream. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.
+ In a CFNshort template, you can provide the policy in JSON or YAML format because CFNshort converts YAML to JSON before submitting it to DDB. For more information about resource-based policies, see [Using resource-based policies for](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html).
+ While defining resource-based policies in your CFNshort templates, the following considerations apply:
+  +  The maximum size supported for a resource-based policy document in JSON format is 20 KB. DDB counts whitespaces when calculating the size of a policy against this limit.
+  +  Resource-based policies don't support [drift detection](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html#). If you update a policy outside of the CFNshort stack template, you'll need to update the CFNshort stack with the changes.
+  +  Resource-based policies don't support out-of-band changes. If you add, update, or delete a policy outside of the CFNshort template, the change won't be overwritten if there are no changes to the policy within the template.
+ For example, say that your template contains a resource-based policy, which you later update outside of the template. If you don't make any changes to the policy in the template, the updated policy in DDB won’t be synced with the policy in the template.
+ Conversely, say that your template doesn’t contain a resource-based policy, but you add a policy outside of the template. This policy won’t be removed from DDB as long as you don’t add it to the template. When you add a policy to the template and update the stack, the existing policy in DDB will be updated to match the one defined in the template.
+  
+ For a full list of all considerations, see [Resource-based policy considerations](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-considerations.html).
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-resourcepolicy.html}
  */
 export type ResourcePolicy = {
+    /**
+     * A resource-based policy document that contains permissions to add to the specified DDB table, index, or both. In a CFNshort template, you can provide the policy in JSON or YAML format because CFNshort converts YAML to JSON before submitting it to DDB. For more information about resource-based policies, see [Using resource-based policies for](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html).
+     */
     PolicyDocument: Record<string, any>;
 };
 /**
@@ -378,6 +395,10 @@ export type SSESpecification = {
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-streamspecification.html}
  */
 export type StreamSpecification = {
+    /**
+       * Creates or updates a resource-based policy document that contains the permissions for DDB resources, such as a table's streams. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.
+       In a CFNshort template, you can provide the policy in JSON or YAML format because CFNshort converts YAML to JSON before submitting it to DDB. For more information about resource-based policies, see [Using resource-based policies for](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html).
+       */
     ResourcePolicy?: ResourcePolicy;
     /**
        * When an item in the table is modified, ``StreamViewType`` determines what information is written to the stream for this table. Valid values for ``StreamViewType`` are:
@@ -413,7 +434,7 @@ export type Tag = {
 export type TimeToLiveSpecification = {
     /**
        * The name of the TTL attribute used to store the expiration time for items in the table.
-         + The ``AttributeName`` property is required when enabling the TTL, or when TTL is already enabled.
+         +  The ``AttributeName`` property is required when enabling the TTL, or when TTL is already enabled.
         +  To update this property, you must first disable TTL and then enable TTL with the new attribute name.
        */
     AttributeName?: string;
@@ -425,7 +446,7 @@ export type TimeToLiveSpecification = {
 /**
  * The ``AWS::DynamoDB::Table`` resource creates a DDB table. For more information, see [CreateTable](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_CreateTable.html) in the *API Reference*.
  You should be aware of the following behaviors when working with DDB tables:
-  +  CFNlong typically creates DDB tables in parallel. However, if your template includes multiple DDB tables with indexes, you must declare dependencies so that the tables are created sequentially. DDBlong limits the number of tables with secondary indexes that are in the creating state. If you create multiple tables with indexes at the same time, DDB returns an error and the stack operation fails. For an example, see [DynamoDB Table with a DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#aws-resource-dynamodb-table--examples--DynamoDB_Table_with_a_DependsOn_Attribute).
+  +   CFNlong typically creates DDB tables in parallel. However, if your template includes multiple DDB tables with indexes, you must declare dependencies so that the tables are created sequentially. DDBlong limits the number of tables with secondary indexes that are in the creating state. If you create multiple tables with indexes at the same time, DDB returns an error and the stack operation fails. For an example, see [DynamoDB Table with a DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#aws-resource-dynamodb-table--examples--DynamoDB_Table_with_a_DependsOn_Attribute).
   
    Our guidance is to use the latest schema documented here for your CFNlong templates. This schema supports the provisioning of all table settings below. When using this schema in your CFNlong templates, please ensure that your Identity and Access Management (IAM) policies are updated with appropriate permissions to allow for the authorization of these setting changes.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html}

package/lib/AWS-DynamoDB-Table.js

@@ -2,7 +2,7 @@ import { Resource as $Resource } from "@awboost/cfn-template-builder/template/re
 /**
  * The ``AWS::DynamoDB::Table`` resource creates a DDB table. For more information, see [CreateTable](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_CreateTable.html) in the *API Reference*.
  You should be aware of the following behaviors when working with DDB tables:
-  +  CFNlong typically creates DDB tables in parallel. However, if your template includes multiple DDB tables with indexes, you must declare dependencies so that the tables are created sequentially. DDBlong limits the number of tables with secondary indexes that are in the creating state. If you create multiple tables with indexes at the same time, DDB returns an error and the stack operation fails. For an example, see [DynamoDB Table with a DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#aws-resource-dynamodb-table--examples--DynamoDB_Table_with_a_DependsOn_Attribute).
+  +   CFNlong typically creates DDB tables in parallel. However, if your template includes multiple DDB tables with indexes, you must declare dependencies so that the tables are created sequentially. DDBlong limits the number of tables with secondary indexes that are in the creating state. If you create multiple tables with indexes at the same time, DDB returns an error and the stack operation fails. For an example, see [DynamoDB Table with a DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#aws-resource-dynamodb-table--examples--DynamoDB_Table_with_a_DependsOn_Attribute).
   
    Our guidance is to use the latest schema documented here for your CFNlong templates. This schema supports the provisioning of all table settings below. When using this schema in your CFNlong templates, please ensure that your Identity and Access Management (IAM) policies are updated with appropriate permissions to allow for the authorization of these setting changes.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html}

package/lib/AWS-EC2-CustomerGateway.d.ts

@@ -1,20 +1,26 @@
 import { Resource as $Resource } from "@awboost/cfn-template-builder/template/resource";
 import type { ResourceOptions as $ResourceOptions } from "@awboost/cfn-template-builder/template";
 /**
- * Resource Type definition for AWS::EC2::CustomerGateway
+ * Resource type definition for `AWS::EC2::CustomerGateway`.
+ * Specifies a customer gateway.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-customergateway.html}
  */
 export type EC2CustomerGatewayProperties = {
     /**
-     * For devices that support BGP, the customer gateway's BGP ASN.
-     */
+       * For devices that support BGP, the customer gateway's BGP ASN.
+       Default: 65000
+       */
     BgpAsn: number;
     /**
-     * A name for the customer gateway device.
+     * @pattern `^arn:(aws[a-zA-Z-]*)?:acm:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}:\d{12}:certificate\/[a-zA-Z0-9-_]+$`
+     */
+    CertificateArn?: string;
+    /**
+     * The name of customer gateway device.
      */
     DeviceName?: string;
     /**
-     * The internet-routable IP address for the customer gateway's outside interface. The address must be static.
+     * IPv4 address for the customer gateway device's outside interface. The address must be static.
      */
     IpAddress: string;
     /**
@@ -22,7 +28,7 @@ export type EC2CustomerGatewayProperties = {
      */
     Tags?: Tag[];
     /**
-     * The type of VPN connection that this customer gateway supports.
+     * The type of VPN connection that this customer gateway supports (``ipsec.1``).
      */
     Type: string;
 };
@@ -31,21 +37,26 @@ export type EC2CustomerGatewayProperties = {
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-customergateway.html#aws-resource-ec2-customergateway-return-values}
  */
 export type EC2CustomerGatewayAttributes = {
-    /**
-     * CustomerGateway ID generated after customer gateway is created. Each customer gateway has a unique ID.
-     */
     CustomerGatewayId: string;
 };
 /**
  * Type definition for `AWS::EC2::CustomerGateway.Tag`.
+ * Specifies a tag. For more information, see [Add tags to a resource](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#cloudformation-add-tag-specifications).
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-customergateway-tag.html}
  */
 export type Tag = {
+    /**
+     * The tag key.
+     */
     Key: string;
+    /**
+     * The tag value.
+     */
     Value: string;
 };
 /**
- * Resource Type definition for AWS::EC2::CustomerGateway
+ * Resource type definition for `AWS::EC2::CustomerGateway`.
+ * Specifies a customer gateway.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-customergateway.html}
  */
 export declare class EC2CustomerGateway extends $Resource<"AWS::EC2::CustomerGateway", EC2CustomerGatewayProperties, EC2CustomerGatewayAttributes> {

package/lib/AWS-EC2-CustomerGateway.js

@@ -1,6 +1,7 @@
 import { Resource as $Resource } from "@awboost/cfn-template-builder/template/resource";
 /**
- * Resource Type definition for AWS::EC2::CustomerGateway
+ * Resource type definition for `AWS::EC2::CustomerGateway`.
+ * Specifies a customer gateway.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-customergateway.html}
  */
 export class EC2CustomerGateway extends $Resource {

package/lib/AWS-EC2-NatGateway.d.ts

@@ -5,7 +5,7 @@ import type { ResourceOptions as $ResourceOptions } from "@awboost/cfn-template-
  * Specifies a network address translation (NAT) gateway in the specified subnet. You can create either a public NAT gateway or a private NAT gateway. The default is a public NAT gateway. If you create a public NAT gateway, you must specify an elastic IP address.
  With a NAT gateway, instances in a private subnet can connect to the internet, other AWS services, or an on-premises network using the IP address of the NAT gateway. For more information, see [NAT gateways](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html) in the *Amazon VPC User Guide*.
  If you add a default route (``AWS::EC2::Route`` resource) that points to a NAT gateway, specify the NAT gateway ID for the route's ``NatGatewayId`` property.
- When you associate an Elastic IP address or secondary Elastic IP address with a public NAT gateway, the network border group of the Elastic IP address must match the network border group of the Availability Zone (AZ) that the public NAT gateway is in. Otherwise, the NAT gateway fails to launch. You can see the network border group for the AZ by viewing the details of the subnet. Similarly, you can view the network border group for the Elastic IP address by viewing its details. For more information, see [Allocate an Elastic IP address](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#allocate-eip) in the *Amazon VPC User Guide*.
+  When you associate an Elastic IP address or secondary Elastic IP address with a public NAT gateway, the network border group of the Elastic IP address must match the network border group of the Availability Zone (AZ) that the public NAT gateway is in. Otherwise, the NAT gateway fails to launch. You can see the network border group for the AZ by viewing the details of the subnet. Similarly, you can view the network border group for the Elastic IP address by viewing its details. For more information, see [Allocate an Elastic IP address](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#allocate-eip) in the *Amazon VPC User Guide*.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-natgateway.html}
  */
 export type EC2NatGatewayProperties = {
@@ -31,13 +31,13 @@ export type EC2NatGatewayProperties = {
     SecondaryAllocationIds?: string[];
     /**
        * [Private NAT gateway only] The number of secondary private IPv4 addresses you want to assign to the NAT gateway. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide*.
-       ``SecondaryPrivateIpAddressCount`` and ``SecondaryPrivateIpAddresses`` cannot be set at the same time.
+        ``SecondaryPrivateIpAddressCount`` and ``SecondaryPrivateIpAddresses`` cannot be set at the same time.
        * @min `1`
        */
     SecondaryPrivateIpAddressCount?: number;
     /**
        * Secondary private IPv4 addresses. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide*.
-       ``SecondaryPrivateIpAddressCount`` and ``SecondaryPrivateIpAddresses`` cannot be set at the same time.
+        ``SecondaryPrivateIpAddressCount`` and ``SecondaryPrivateIpAddresses`` cannot be set at the same time.
        */
     SecondaryPrivateIpAddresses?: string[];
     /**
@@ -76,7 +76,7 @@ export type Tag = {
  * Specifies a network address translation (NAT) gateway in the specified subnet. You can create either a public NAT gateway or a private NAT gateway. The default is a public NAT gateway. If you create a public NAT gateway, you must specify an elastic IP address.
  With a NAT gateway, instances in a private subnet can connect to the internet, other AWS services, or an on-premises network using the IP address of the NAT gateway. For more information, see [NAT gateways](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html) in the *Amazon VPC User Guide*.
  If you add a default route (``AWS::EC2::Route`` resource) that points to a NAT gateway, specify the NAT gateway ID for the route's ``NatGatewayId`` property.
- When you associate an Elastic IP address or secondary Elastic IP address with a public NAT gateway, the network border group of the Elastic IP address must match the network border group of the Availability Zone (AZ) that the public NAT gateway is in. Otherwise, the NAT gateway fails to launch. You can see the network border group for the AZ by viewing the details of the subnet. Similarly, you can view the network border group for the Elastic IP address by viewing its details. For more information, see [Allocate an Elastic IP address](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#allocate-eip) in the *Amazon VPC User Guide*.
+  When you associate an Elastic IP address or secondary Elastic IP address with a public NAT gateway, the network border group of the Elastic IP address must match the network border group of the Availability Zone (AZ) that the public NAT gateway is in. Otherwise, the NAT gateway fails to launch. You can see the network border group for the AZ by viewing the details of the subnet. Similarly, you can view the network border group for the Elastic IP address by viewing its details. For more information, see [Allocate an Elastic IP address](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#allocate-eip) in the *Amazon VPC User Guide*.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-natgateway.html}
  */
 export declare class EC2NatGateway extends $Resource<"AWS::EC2::NatGateway", EC2NatGatewayProperties, EC2NatGatewayAttributes> {

package/lib/AWS-EC2-NatGateway.js

@@ -4,7 +4,7 @@ import { Resource as $Resource } from "@awboost/cfn-template-builder/template/re
  * Specifies a network address translation (NAT) gateway in the specified subnet. You can create either a public NAT gateway or a private NAT gateway. The default is a public NAT gateway. If you create a public NAT gateway, you must specify an elastic IP address.
  With a NAT gateway, instances in a private subnet can connect to the internet, other AWS services, or an on-premises network using the IP address of the NAT gateway. For more information, see [NAT gateways](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html) in the *Amazon VPC User Guide*.
  If you add a default route (``AWS::EC2::Route`` resource) that points to a NAT gateway, specify the NAT gateway ID for the route's ``NatGatewayId`` property.
- When you associate an Elastic IP address or secondary Elastic IP address with a public NAT gateway, the network border group of the Elastic IP address must match the network border group of the Availability Zone (AZ) that the public NAT gateway is in. Otherwise, the NAT gateway fails to launch. You can see the network border group for the AZ by viewing the details of the subnet. Similarly, you can view the network border group for the Elastic IP address by viewing its details. For more information, see [Allocate an Elastic IP address](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#allocate-eip) in the *Amazon VPC User Guide*.
+  When you associate an Elastic IP address or secondary Elastic IP address with a public NAT gateway, the network border group of the Elastic IP address must match the network border group of the Availability Zone (AZ) that the public NAT gateway is in. Otherwise, the NAT gateway fails to launch. You can see the network border group for the AZ by viewing the details of the subnet. Similarly, you can view the network border group for the Elastic IP address by viewing its details. For more information, see [Allocate an Elastic IP address](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#allocate-eip) in the *Amazon VPC User Guide*.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-natgateway.html}
  */
 export class EC2NatGateway extends $Resource {

package/lib/AWS-EC2-SecurityGroupEgress.d.ts

@@ -4,21 +4,21 @@ import type { ResourceOptions as $ResourceOptions } from "@awboost/cfn-template-
  * Resource type definition for `AWS::EC2::SecurityGroupEgress`.
  * Adds the specified outbound (egress) rule to a security group.
  An outbound rule permits instances to send traffic to the specified IPv4 or IPv6 address range, the IP addresses that are specified by a prefix list, or the instances that are associated with a destination security group. For more information, see [Security group rules](https://docs.aws.amazon.com/vpc/latest/userguide/security-group-rules.html).
- You must specify exactly one of the following destinations: an IPv4 or IPv6 address range, a prefix list, or a security group. Otherwise, the stack launches successfully but the rule is not added to the security group.
+ You must specify exactly one of the following destinations: an IPv4 address range, an IPv6 address range, a prefix list, or a security group.
  You must specify a protocol for each rule (for example, TCP). If the protocol is TCP or UDP, you must also specify a port or port range. If the protocol is ICMP or ICMPv6, you must also specify the ICMP/ICMPv6 type and code. To specify all types or all codes, use -1.
- Rule changes are propagated to instances associated with the security group as quickly as possible
+ Rule changes are propagated to instances associated with the security group as quickly as possible. However, a small delay might occur.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-securitygroupegress.html}
  */
 export type EC2SecurityGroupEgressProperties = {
     /**
        * The IPv4 address range, in CIDR format.
-       You must specify a destination security group (``DestinationPrefixListId`` or ``DestinationSecurityGroupId``) or a CIDR range (``CidrIp`` or ``CidrIpv6``).
+       You must specify exactly one of the following: ``CidrIp``, ``CidrIpv6``, ``DestinationPrefixListId``, or ``DestinationSecurityGroupId``.
        For examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *User Guide*.
        */
     CidrIp?: string;
     /**
        * The IPv6 address range, in CIDR format.
-       You must specify a destination security group (``DestinationPrefixListId`` or ``DestinationSecurityGroupId``) or a CIDR range (``CidrIp`` or ``CidrIpv6``).
+       You must specify exactly one of the following: ``CidrIp``, ``CidrIpv6``, ``DestinationPrefixListId``, or ``DestinationSecurityGroupId``.
        For examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *User Guide*.
        */
     CidrIpv6?: string;
@@ -28,13 +28,13 @@ export type EC2SecurityGroupEgressProperties = {
        */
     Description?: string;
     /**
-       * The prefix list IDs for an AWS service. This is the AWS service that you want to access through a VPC endpoint from instances associated with the security group.
-       You must specify a destination security group (``DestinationPrefixListId`` or ``DestinationSecurityGroupId``) or a CIDR range (``CidrIp`` or ``CidrIpv6``).
+       * The prefix list IDs for an AWS service. This is the AWS service to access through a VPC endpoint from instances associated with the security group.
+       You must specify exactly one of the following: ``CidrIp``, ``CidrIpv6``, ``DestinationPrefixListId``, or ``DestinationSecurityGroupId``.
        */
     DestinationPrefixListId?: string;
     /**
        * The ID of the security group.
-       You must specify a destination security group (``DestinationPrefixListId`` or ``DestinationSecurityGroupId``) or a CIDR range (``CidrIp`` or ``CidrIpv6``).
+       You must specify exactly one of the following: ``CidrIp``, ``CidrIpv6``, ``DestinationPrefixListId``, or ``DestinationSecurityGroupId``.
        */
     DestinationSecurityGroupId?: string;
     /**
@@ -66,9 +66,9 @@ export type EC2SecurityGroupEgressAttributes = {
  * Resource type definition for `AWS::EC2::SecurityGroupEgress`.
  * Adds the specified outbound (egress) rule to a security group.
  An outbound rule permits instances to send traffic to the specified IPv4 or IPv6 address range, the IP addresses that are specified by a prefix list, or the instances that are associated with a destination security group. For more information, see [Security group rules](https://docs.aws.amazon.com/vpc/latest/userguide/security-group-rules.html).
- You must specify exactly one of the following destinations: an IPv4 or IPv6 address range, a prefix list, or a security group. Otherwise, the stack launches successfully but the rule is not added to the security group.
+ You must specify exactly one of the following destinations: an IPv4 address range, an IPv6 address range, a prefix list, or a security group.
  You must specify a protocol for each rule (for example, TCP). If the protocol is TCP or UDP, you must also specify a port or port range. If the protocol is ICMP or ICMPv6, you must also specify the ICMP/ICMPv6 type and code. To specify all types or all codes, use -1.
- Rule changes are propagated to instances associated with the security group as quickly as possible
+ Rule changes are propagated to instances associated with the security group as quickly as possible. However, a small delay might occur.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-securitygroupegress.html}
  */
 export declare class EC2SecurityGroupEgress extends $Resource<"AWS::EC2::SecurityGroupEgress", EC2SecurityGroupEgressProperties, EC2SecurityGroupEgressAttributes> {

package/lib/AWS-EC2-SecurityGroupEgress.js

@@ -3,9 +3,9 @@ import { Resource as $Resource } from "@awboost/cfn-template-builder/template/re
  * Resource type definition for `AWS::EC2::SecurityGroupEgress`.
  * Adds the specified outbound (egress) rule to a security group.
  An outbound rule permits instances to send traffic to the specified IPv4 or IPv6 address range, the IP addresses that are specified by a prefix list, or the instances that are associated with a destination security group. For more information, see [Security group rules](https://docs.aws.amazon.com/vpc/latest/userguide/security-group-rules.html).
- You must specify exactly one of the following destinations: an IPv4 or IPv6 address range, a prefix list, or a security group. Otherwise, the stack launches successfully but the rule is not added to the security group.
+ You must specify exactly one of the following destinations: an IPv4 address range, an IPv6 address range, a prefix list, or a security group.
  You must specify a protocol for each rule (for example, TCP). If the protocol is TCP or UDP, you must also specify a port or port range. If the protocol is ICMP or ICMPv6, you must also specify the ICMP/ICMPv6 type and code. To specify all types or all codes, use -1.
- Rule changes are propagated to instances associated with the security group as quickly as possible
+ Rule changes are propagated to instances associated with the security group as quickly as possible. However, a small delay might occur.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-securitygroupegress.html}
  */
 export class EC2SecurityGroupEgress extends $Resource {

package/lib/AWS-ElasticLoadBalancingV2-Listener.d.ts

@@ -38,6 +38,7 @@ export type ElasticLoadBalancingV2ListenerProperties = {
     Protocol?: string;
     /**
        * [HTTPS and TLS listeners] The security policy that defines which protocols and ciphers are supported.
+       Updating the security policy can result in interruptions if the load balancer is handling a high volume of traffic.
        For more information, see [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies) in the *Application Load Balancers Guide* and [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html#describe-ssl-policies) in the *Network Load Balancers Guide*.
        */
     SslPolicy?: string;

package/lib/AWS-ElasticLoadBalancingV2-LoadBalancer.d.ts

@@ -35,16 +35,16 @@ export type ElasticLoadBalancingV2LoadBalancerProperties = {
      */
     SecurityGroups?: string[];
     /**
-       * The IDs of the public subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both.
+       * The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both.
        [Application Load Balancers] You must specify subnets from at least two Availability Zones. You cannot specify Elastic IP addresses for your subnets.
        [Application Load Balancers on Outposts] You must specify one Outpost subnet.
        [Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.
        [Network Load Balancers] You can specify subnets from one or more Availability Zones. You can specify one Elastic IP address per subnet if you need static IP addresses for your internet-facing load balancer. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet. For internet-facing load balancer, you can specify one IPv6 address per subnet.
-       [Gateway Load Balancers] You can specify subnets from one or more Availability Zones. You cannot specify Elastic IP
+       [Gateway Load Balancers] You can specify subnets from one or more Availability Zones. You cannot specify Elastic IP addresses for your subnets.
        */
     SubnetMappings?: SubnetMapping[];
     /**
-       * The IDs of the public subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both. To specify an Elastic IP address, specify subnet mappings instead of subnets.
+       * The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both. To specify an Elastic IP address, specify subnet mappings instead of subnets.
        [Application Load Balancers] You must specify subnets from at least two Availability Zones.
        [Application Load Balancers on Outposts] You must specify one Outpost subnet.
        [Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.
@@ -86,7 +86,31 @@ export type LoadBalancerAttribute = {
         
        The following attributes are supported by both Application Load Balancers and Network Load Balancers:
         +   ``access_logs.s3.enabled`` - Indicates whether access logs are enabled. The value is ``true`` or ``false``. The default is ``false``.
-        +   ``access_logs.s3.bucket`` - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and h
+        +   ``access_logs.s3.bucket`` - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.
+        +   ``access_logs.s3.prefix`` - The prefix for the location in the S3 bucket for the access logs.
+        +   ``ipv6.deny_all_igw_traffic`` - Blocks internet gateway (IGW) access to the load balancer. It is set to ``false`` for internet-facing load balancers and ``true`` for internal load balancers, preventing unintended access to your internal load balancer through an internet gateway.
+        
+       The following attributes are supported by only Application Load Balancers:
+        +   ``idle_timeout.timeout_seconds`` - The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds.
+        +   ``client_keep_alive.seconds`` - The client keep alive value, in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.
+        +   ``connection_logs.s3.enabled`` - Indicates whether connection logs are enabled. The value is ``true`` or ``false``. The default is ``false``.
+        +   ``connection_logs.s3.bucket`` - The name of the S3 bucket for the connection logs. This attribute is required if connection logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.
+        +   ``connection_logs.s3.prefix`` - The prefix for the location in the S3 bucket for the connection logs.
+        +   ``routing.http.desync_mitigation_mode`` - Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are ``monitor``, ``defensive``, and ``strictest``. The default is ``defensive``.
+        +   ``routing.http.drop_invalid_header_fields.enabled`` - Indicates whether HTTP headers with invalid header fields are removed by the load balancer (``true``) or routed to targets (``false``). The default is ``false``.
+        +   ``routing.http.preserve_host_header.enabled`` - Indicates whether the Application Load Balancer should preserve the ``Host`` header in the HTTP request and send it to the target without any change. The possible values are ``true`` and ``false``. The default is ``false``.
+        +   ``routing.http.x_amzn_tls_version_and_cipher_suite.enabled`` - Indicates whether the two headers (``x-amzn-tls-version`` and ``x-amzn-tls-cipher-suite``), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. The ``x-amzn-tls-version`` header has information about the TLS protocol version negotiated with the client, and the ``x-amzn-tls-cipher-suite`` header has information about the cipher suite negotiated with the client. Both headers are in OpenSSL format. The possible values for the attribute are ``true`` and ``false``. The default is ``false``.
+        +   ``routing.http.xff_client_port.enabled`` - Indicates whether the ``X-Forwarded-For`` header should preserve the source port that the client used to connect to the load balancer. The possible values are ``true`` and ``false``. The default is ``false``.
+        +   ``routing.http.xff_header_processing.mode`` - Enables you to modify, preserve, or remove the ``X-Forwarded-For`` header in the HTTP request before the Application Load Balancer sends the request to the target. The possible values are ``append``, ``preserve``, and ``remove``. The default is ``append``.
+        +  If the value is ``append``, the Application Load Balancer adds the client IP address (of the last hop) to the ``X-Forwarded-For`` header in the HTTP request before it sends it to targets.
+        +  If the value is ``preserve`` the Application Load Balancer preserves the ``X-Forwarded-For`` header in the HTTP request, and sends it to targets without any change.
+        +  If the value is ``remove``, the Application Load Balancer removes the ``X-Forwarded-For`` header in the HTTP request before it sends it to targets.
+        
+        +   ``routing.http2.enabled`` - Indicates whether HTTP/2 is enabled. The possible values are ``true`` and ``false``. The default is ``true``. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens.
+        +   ``waf.fail_open.enabled`` - Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. The possible values are ``true`` and ``false``. The default is ``false``.
+        
+       The following attributes are supported by only Network Load Balancers:
+        +   ``dns_record.client_routing_policy`` - Indicates how traffic is distributed among the load balancer Availability Zones. The possible values are ``availability_zone_affinity`` with 100 percent zonal affinity, ``partial_availability_zone_affinity`` with 85 percent zonal affinity, and ``any_availability_zone`` with 0 percent zonal affinity.
        */
     Key?: string;
     /**

package/lib/AWS-IAM-ManagedPolicy.d.ts

@@ -40,7 +40,10 @@ export type IAMManagedPolicyProperties = {
        You must provide policies in JSON format in IAM. However, for CFN templates formatted in YAML, you can provide the policy in JSON or YAML format. CFN always converts a YAML policy to JSON format before submitting it to IAM.
        The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see [IAM and character quotas](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
        To learn more about JSON policy grammar, see [Grammar of the IAM JSON policy language](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html) in the *IAM User Guide*.
-       The [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the
+       The [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:
+        +  Any printable ASCII character ranging from the space character (``\u0020``) through the end of the ASCII character range
+        +  The printable characters in the Basic Latin and Latin-1 Supplement character set (through ``\u00FF``)
+        +  The special characters tab (``\u0009``), line feed (``\u000A``), and carriage return (``\u000D``)
        */
     PolicyDocument: Record<string, any> | string;
     /**

package/lib/AWS-Redshift-EventSubscription.d.ts

@@ -31,7 +31,7 @@ export type RedshiftEventSubscriptionProperties = {
     SourceType?: "cluster" | "cluster-parameter-group" | "cluster-security-group" | "cluster-snapshot" | "scheduled-action";
     /**
      * The name of the Amazon Redshift event notification subscription
-     * @pattern `^(?=^[a-z][a-z0-9]*(-[a-z0-9]+)*$).{1,255}$`
+     * @pattern `^(?=^[a-zA-Z][a-zA-Z0-9]*(-[a-zA-Z0-9]+)*$).{1,255}$`
      */
     SubscriptionName: string;
     /**

package/lib/AWS-Redshift-ScheduledAction.d.ts

@@ -23,12 +23,10 @@ export type RedshiftScheduledActionProperties = {
     Schedule?: string;
     /**
      * The description of the scheduled action.
-     * @pattern `^(?=^[\x09\x0a\x0d\x20-\xff]*$).{1,255}$`
      */
     ScheduledActionDescription?: string;
     /**
      * The name of the scheduled action. The name must be unique within an account.
-     * @pattern `^(?=^[a-z][a-z0-9]*(-[a-z0-9]+)*$).{1,60}$`
      */
     ScheduledActionName: string;
     /**

package/lib/AWS-SageMaker-AppImageConfig.d.ts

@@ -12,6 +12,10 @@ export type SageMakerAppImageConfigProperties = {
      * @pattern `^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62}`
      */
     AppImageConfigName: string;
+    /**
+     * The CodeEditorAppImageConfig.
+     */
+    CodeEditorAppImageConfig?: CodeEditorAppImageConfig;
     /**
      * The JupyterLabAppImageConfig.
      */
@@ -40,6 +44,17 @@ export type SageMakerAppImageConfigAttributes = {
      */
     AppImageConfigArn: string;
 };
+/**
+ * Type definition for `AWS::SageMaker::AppImageConfig.CodeEditorAppImageConfig`.
+ * The configuration for the kernels in a SageMaker image running as a CodeEditor app.
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-appimageconfig-codeeditorappimageconfig.html}
+ */
+export type CodeEditorAppImageConfig = {
+    /**
+     * The container configuration for a SageMaker image.
+     */
+    ContainerConfig?: ContainerConfig;
+};
 /**
  * Type definition for `AWS::SageMaker::AppImageConfig.ContainerConfig`.
  * The container configuration for a SageMaker image.

package/lib/AWS-VerifiedPermissions-IdentitySource.d.ts

@@ -51,6 +51,18 @@ export type VerifiedPermissionsIdentitySourceAttributes = {
      */
     IdentitySourceId: string;
 };
+/**
+ * Type definition for `AWS::VerifiedPermissions::IdentitySource.CognitoGroupConfiguration`.
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-verifiedpermissions-identitysource-cognitogroupconfiguration.html}
+ */
+export type CognitoGroupConfiguration = {
+    /**
+     * @minLength `1`
+     * @maxLength `200`
+     * @pattern `^([_a-zA-Z][_a-zA-Z0-9]*::)*[_a-zA-Z][_a-zA-Z0-9]*$`
+     */
+    GroupEntityType: string;
+};
 /**
  * Type definition for `AWS::VerifiedPermissions::IdentitySource.CognitoUserPoolConfiguration`.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-verifiedpermissions-identitysource-cognitouserpoolconfiguration.html}
@@ -61,6 +73,7 @@ export type CognitoUserPoolConfiguration = {
      * @maxLength `1000`
      */
     ClientIds?: string[];
+    GroupConfiguration?: CognitoGroupConfiguration;
     /**
      * @minLength `1`
      * @maxLength `255`

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@awboost/cfn-resource-types",
-  "version": "0.1.53",
+  "version": "0.1.55",
   "publishConfig": {
     "access": "public"
   },