@awboost/cfn-resource-types 0.1.77 → 0.1.79

package/lib/AWS-Connect-RoutingProfile.d.ts

@@ -38,7 +38,6 @@ export type ConnectRoutingProfileProperties = {
     /**
      * The queues to associate with this routing profile.
      * @minLength `1`
-     * @maxLength `10`
      */
     QueueConfigs?: RoutingProfileQueueConfig[];
     /**

package/lib/AWS-DynamoDB-Table.d.ts

@@ -58,6 +58,9 @@ export type DynamoDBTableProperties = {
      * Local secondary indexes to be created on the table. You can create up to 5 local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes.
      */
     LocalSecondaryIndexes?: LocalSecondaryIndex[];
+    /**
+     * Sets the maximum number of read and write units for the specified on-demand table. If you use this property, you must specify ``MaxReadRequestUnits``, ``MaxWriteRequestUnits``, or both.
+     */
     OnDemandThroughput?: OnDemandThroughput;
     /**
      * The settings used to enable point in time recovery.
@@ -176,6 +179,9 @@ export type GlobalSecondaryIndex = {
        The sort key of an item is also known as its *range attribute*. The term "range attribute" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.
        */
     KeySchema: KeySchema[];
+    /**
+     * The maximum number of read and write units for the specified global secondary index. If you use this parameter, you must specify ``MaxReadRequestUnits``, ``MaxWriteRequestUnits``, or both.
+     */
     OnDemandThroughput?: OnDemandThroughput;
     /**
      * Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.
@@ -285,16 +291,21 @@ export type LocalSecondaryIndex = {
 };
 /**
  * Type definition for `AWS::DynamoDB::Table.OnDemandThroughput`.
+ * Sets the maximum number of read and write units for the specified on-demand table. If you use this property, you must specify ``MaxReadRequestUnits``, ``MaxWriteRequestUnits``, or both.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-ondemandthroughput.html}
  */
 export type OnDemandThroughput = {
     /**
-     * @min `1`
-     */
+       * Maximum number of read request units for the specified table.
+       To specify a maximum ``OnDemandThroughput`` on your table, set the value of ``MaxReadRequestUnits`` as greater than or equal to 1. To remove the maximum ``OnDemandThroughput`` that is currently set on your table, set the value of ``MaxReadRequestUnits`` to -1.
+       * @min `1`
+       */
     MaxReadRequestUnits?: number;
     /**
-     * @min `1`
-     */
+       * Maximum number of write request units for the specified table.
+       To specify a maximum ``OnDemandThroughput`` on your table, set the value of ``MaxWriteRequestUnits`` as greater than or equal to 1. To remove the maximum ``OnDemandThroughput`` that is currently set on your table, set the value of ``MaxWriteRequestUnits`` to -1.
+       * @min `1`
+       */
     MaxWriteRequestUnits?: number;
 };
 /**

package/lib/AWS-ElastiCache-ParameterGroup.d.ts

@@ -5,9 +5,21 @@ import type { ResourceOptions as $ResourceOptions } from "@awboost/cfn-template-
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-parametergroup.html}
  */
 export type ElastiCacheParameterGroupProperties = {
+    /**
+     * The name of the cache parameter group family that this cache parameter group is compatible with.
+     */
     CacheParameterGroupFamily: string;
+    /**
+     * The description for this cache parameter group.
+     */
     Description: string;
+    /**
+     * A comma-delimited list of parameter name/value pairs. For more information see ModifyCacheParameterGroup in the Amazon ElastiCache API Reference Guide.
+     */
     Properties?: Record<string, string>;
+    /**
+     * Tags are composed of a Key/Value pair. You can use tags to categorize and track each parameter group. The tag value null is permitted.
+     */
     Tags?: Tag[];
 };
 /**
@@ -15,7 +27,10 @@ export type ElastiCacheParameterGroupProperties = {
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticache-parametergroup.html#aws-resource-elasticache-parametergroup-return-values}
  */
 export type ElastiCacheParameterGroupAttributes = {
-    Id: string;
+    /**
+     * The name of the Cache Parameter Group.
+     */
+    CacheParameterGroupName: string;
 };
 /**
  * Type definition for `AWS::ElastiCache::ParameterGroup.Tag`.

package/lib/AWS-Lambda-Permission.d.ts

@@ -3,7 +3,8 @@ import type { ResourceOptions as $ResourceOptions } from "@awboost/cfn-template-
 /**
  * The ``AWS::Lambda::Permission`` resource grants an AWS service or another account permission to use a function. You can apply the policy at the function level, or specify a qualifier to restrict access to a single version or alias. If you use a qualifier, the invoker must use the full Amazon Resource Name (ARN) of that version or alias to invoke the function.
  To grant permission to another account, specify the account ID as the ``Principal``. To grant permission to an organization defined in AOlong, specify the organization ID as the ``PrincipalOrgID``. For AWS services, the principal is a domain-style identifier defined by the service, like ``s3.amazonaws.com`` or ``sns.amazonaws.com``. For AWS services, you can also specify the ARN of the associated resource as the ``SourceArn``. If you grant permission to a service principal without specifying the source, other accounts could potentially configure resources in their account to invoke your Lambda function.
- If your function has a fu
+ If your function has a function URL, you can specify the ``FunctionUrlAuthType`` parameter. This adds a condition to your permission that only applies when your function URL's ``AuthType`` matches the specified ``FunctionUrlAuthType``. For more information about the ``AuthType`` parameter, see [Security and auth model for function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html).
+ This resource adds a statement to a resource-based permission policy for the function. For more information about function policies, see [Lambda Function Policies](https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html).
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html}
  */
 export type LambdaPermissionProperties = {
@@ -22,7 +23,7 @@ export type LambdaPermissionProperties = {
      */
     EventSourceToken?: string;
     /**
-       * The name of the Lambda function, version, or alias.
+       * The name or ARN of the Lambda function, version, or alias.
         **Name formats**
        +   *Function name* – ``my-function`` (name-only), ``my-function:v1`` (with alias).
         +   *Function ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:my-function``.
@@ -83,7 +84,8 @@ export type LambdaPermissionAttributes = {
 /**
  * The ``AWS::Lambda::Permission`` resource grants an AWS service or another account permission to use a function. You can apply the policy at the function level, or specify a qualifier to restrict access to a single version or alias. If you use a qualifier, the invoker must use the full Amazon Resource Name (ARN) of that version or alias to invoke the function.
  To grant permission to another account, specify the account ID as the ``Principal``. To grant permission to an organization defined in AOlong, specify the organization ID as the ``PrincipalOrgID``. For AWS services, the principal is a domain-style identifier defined by the service, like ``s3.amazonaws.com`` or ``sns.amazonaws.com``. For AWS services, you can also specify the ARN of the associated resource as the ``SourceArn``. If you grant permission to a service principal without specifying the source, other accounts could potentially configure resources in their account to invoke your Lambda function.
- If your function has a fu
+ If your function has a function URL, you can specify the ``FunctionUrlAuthType`` parameter. This adds a condition to your permission that only applies when your function URL's ``AuthType`` matches the specified ``FunctionUrlAuthType``. For more information about the ``AuthType`` parameter, see [Security and auth model for function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html).
+ This resource adds a statement to a resource-based permission policy for the function. For more information about function policies, see [Lambda Function Policies](https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html).
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html}
  */
 export declare class LambdaPermission extends $Resource<"AWS::Lambda::Permission", LambdaPermissionProperties, LambdaPermissionAttributes> {

package/lib/AWS-Lambda-Permission.js

@@ -2,7 +2,8 @@ import { Resource as $Resource } from "@awboost/cfn-template-builder/template/re
 /**
  * The ``AWS::Lambda::Permission`` resource grants an AWS service or another account permission to use a function. You can apply the policy at the function level, or specify a qualifier to restrict access to a single version or alias. If you use a qualifier, the invoker must use the full Amazon Resource Name (ARN) of that version or alias to invoke the function.
  To grant permission to another account, specify the account ID as the ``Principal``. To grant permission to an organization defined in AOlong, specify the organization ID as the ``PrincipalOrgID``. For AWS services, the principal is a domain-style identifier defined by the service, like ``s3.amazonaws.com`` or ``sns.amazonaws.com``. For AWS services, you can also specify the ARN of the associated resource as the ``SourceArn``. If you grant permission to a service principal without specifying the source, other accounts could potentially configure resources in their account to invoke your Lambda function.
- If your function has a fu
+ If your function has a function URL, you can specify the ``FunctionUrlAuthType`` parameter. This adds a condition to your permission that only applies when your function URL's ``AuthType`` matches the specified ``FunctionUrlAuthType``. For more information about the ``AuthType`` parameter, see [Security and auth model for function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html).
+ This resource adds a statement to a resource-based permission policy for the function. For more information about function policies, see [Lambda Function Policies](https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html).
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html}
  */
 export class LambdaPermission extends $Resource {

package/lib/AWS-Lambda-Version.d.ts

@@ -19,9 +19,13 @@ export type LambdaVersionProperties = {
      * The name of the Lambda function.
      * @minLength `1`
      * @maxLength `140`
-     * @pattern `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$`
+     * @pattern `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$`
      */
     FunctionName: string;
+    /**
+     * The resource policy of your function
+     */
+    Policy?: Record<string, any>;
     /**
      * Specifies a provisioned concurrency configuration for a function's version. Updates are not supported for this property.
      */
@@ -38,6 +42,7 @@ export type LambdaVersionProperties = {
 export type LambdaVersionAttributes = {
     /**
      * The ARN of the version.
+     * @pattern `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$`
      */
     FunctionArn: string;
     /**
@@ -66,7 +71,7 @@ export type RuntimePolicy = {
      * The ARN of the runtime the function is configured to use. If the runtime update mode is manual, the ARN is returned, otherwise null is returned.
      * @minLength `26`
      * @maxLength `2048`
-     * @pattern `^arn:(aws[a-zA-Z-]*):lambda:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}::runtime:.+$`
+     * @pattern `^arn:(aws[a-zA-Z-]*):lambda:[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}::runtime:.+$`
      */
     RuntimeVersionArn?: string;
     /**

package/lib/AWS-RDS-DBInstance.d.ts

@@ -90,6 +90,9 @@ export type RDSDBInstanceProperties = {
      * A value that indicates whether minor engine upgrades are applied automatically to the DB instance during the maintenance window. By default, minor engine upgrades are applied automatically.
      */
     AutoMinorVersionUpgrade?: boolean;
+    /**
+     * The AWS KMS key identifier for encryption of the replicated automated backups. The KMS key ID is the Amazon Resource Name (ARN) for the KMS encryption key in the destination AWS-Region, for example, ``arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE``.
+     */
     AutomaticBackupReplicationKmsKeyId?: string;
     /**
      * The destination region for the backup replication of the DB instance. For more info, see [Replicating automated backups to another Region](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ReplicateBackups.html) in the *Amazon RDS User Guide*.
@@ -385,7 +388,7 @@ export type RDSDBInstanceProperties = {
     /**
        * The name of the database engine to use for this DB instance. Not every database engine is available in every AWS Region.
        This property is required when creating a DB instance.
-        You can change the architecture of an Oracle database from the non-container database (CDB) architecture to the CDB architecture by updating the ``Engine`` value in your templates from ``oracle-ee`` or ``oracle-ee-cdb`` to ``oracle-se2-cdb``. Converting to the CDB architecture requires an interruption.
+        You can convert an Oracle database from the non-CDB architecture to the container database (CDB) architecture by updating the ``Engine`` value in your templates from ``oracle-ee`` to ``oracle-ee-cdb`` or from ``oracle-se2`` to ``oracle-se2-cdb``. Converting to the CDB architecture requires an interruption.
         Valid Values:
         +   ``aurora-mysql`` (for Aurora MySQL DB instances)
         +   ``aurora-postgresql`` (for Aurora PostgreSQL DB instances)
@@ -442,7 +445,7 @@ export type RDSDBInstanceProperties = {
        * The ARN of the AWS KMS key that's used to encrypt the DB instance, such as ``arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef``. If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default KMS key. If you specify this property, you must set the StorageEncrypted property to true.
        If you specify the ``SourceDBInstanceIdentifier`` property, the value is inherited from the source DB instance if the read replica is created in the same region.
        If you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region.
-       If you specify the ``SnapshotIdentifier`` property, the ``StorageEncrypted`` property value is inherited from the snapshot, and if the DB instance is encrypted, the specified ``KmsKeyId`` property is used.
+       If you specify the ``DBSnapshotIdentifier`` property, don't specify this property. The ``StorageEncrypted`` property value is inherited from the snapshot. If the DB instance is encrypted, the specified ``KmsKeyId`` property is also inherited from the snapshot.
        If you specify ``DBSecurityGroups``, AWS CloudFormation ignores this property. To specify both a security group and this property, you must use a VPC security group. For more information about Amazon RDS and VPC, see [Using Amazon RDS with Amazon VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide*.
         *Amazon Aurora*
        Not applicable. The KMS key identifier is managed by the DB cluster.
@@ -707,8 +710,7 @@ export type RDSDBInstanceProperties = {
        * A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted.
        If you specify the ``KmsKeyId`` property, then you must enable encryption.
        If you specify the ``SourceDBInstanceIdentifier`` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified ``KmsKeyId`` property is used.
-       If you specify the ``DBSnapshotIdentifier`` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified ``KmsKeyId`` property is used.
-       If you specify the ``DBSnapshotIdentifier`` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB instance is encrypted. Specify the ``KmsKeyId`` property for the KMS key to use for encryption. If you don't want the restored DB instance to be encrypted, then don't set this property or set it to ``false``.
+       If you specify ``DBSnapshotIdentifier`` property, don't specify this property. The value is inherited from the snapshot.
         *Amazon Aurora*
        Not applicable. The encryption for DB instances is managed by the DB cluster.
        */
@@ -733,7 +735,7 @@ export type RDSDBInstanceProperties = {
     TdeCredentialArn?: string;
     TdeCredentialPassword?: string;
     /**
-     * The time zone of the DB instance. The time zone parameter is currently supported only by [Microsoft SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone).
+     * The time zone of the DB instance. The time zone parameter is currently supported only by [RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-time-zone) and [RDS for SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone).
      */
     Timezone?: string;
     /**

package/lib/AWS-SecurityHub-SecurityControl.js

@@ -0,0 +1,13 @@
+import { Resource as $Resource } from "@awboost/cfn-template-builder/template/resource";
+/**
+ * Resource type definition for `AWS::SecurityHub::SecurityControl`.
+ * A security control in Security Hub describes a security best practice related to a specific resource.
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-securitycontrol.html}
+ */
+export class SecurityHubSecurityControl extends $Resource {
+    static Type = "AWS::SecurityHub::SecurityControl";
+    constructor(logicalId, properties, options) {
+        super(logicalId, SecurityHubSecurityControl.Type, properties, options);
+    }
+}
+//# sourceMappingURL=AWS-SecurityHub-SecurityControl.js.map

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@awboost/cfn-resource-types",
-  "version": "0.1.77",
+  "version": "0.1.79",
   "publishConfig": {
     "access": "public"
   },