@btc-embedded/cdk-extensions 0.22.2 → 0.22.3

package/API.md

@@ -115,7 +115,7 @@ Any object.
 
 ##### ~~`node`~~<sup>Required</sup> <a name="node" id="@btc-embedded/cdk-extensions.ApiGateway.property.node"></a>
 
-- *Deprecated:* Use the {@link ApiGatewayV2 } construct instead.
+- *Deprecated:* Use the ApiGatewayVpcLink construct instead.
 
 ```typescript
 public readonly node: Node;
@@ -3702,6 +3702,12 @@ public readonly frontendClient: IUserPoolClient;
 
 ### DocumentDB <a name="DocumentDB" id="@btc-embedded/cdk-extensions.DocumentDB"></a>
 
+Platform component that provisions an Amazon DocumentDB cluster and exports the required outputs for application stacks.
+
+Cross-stack access is supported via {@link fromBasePlatform}, which imports:
+- the MongoDB connection URL secret ARN
+- the DocumentDB security group ID
+
 #### Initializers <a name="Initializers" id="@btc-embedded/cdk-extensions.DocumentDB.Initializer"></a>
 
 ```typescript
@@ -3757,7 +3763,7 @@ Returns a string representation of this construct.
 | **Name** | **Description** |
 | --- | --- |
 | <code><a href="#@btc-embedded/cdk-extensions.DocumentDB.isConstruct">isConstruct</a></code> | Checks if `x` is a construct. |
-| <code><a href="#@btc-embedded/cdk-extensions.DocumentDB.fromBasePlatform">fromBasePlatform</a></code> | *No description.* |
+| <code><a href="#@btc-embedded/cdk-extensions.DocumentDB.fromBasePlatform">fromBasePlatform</a></code> | Imports a {@link IDocumentDB} instance from a base platform stack. |
 
 ---
 
@@ -3801,22 +3807,30 @@ import { DocumentDB } from '@btc-embedded/cdk-extensions'
 DocumentDB.fromBasePlatform(scope: Construct, id: string, name?: string)
 ```
 
+Imports a {@link IDocumentDB} instance from a base platform stack.
+
 ###### `scope`<sup>Required</sup> <a name="scope" id="@btc-embedded/cdk-extensions.DocumentDB.fromBasePlatform.parameter.scope"></a>
 
 - *Type:* constructs.Construct
 
+Construct scope to attach the imported component to.
+
 ---
 
 ###### `id`<sup>Required</sup> <a name="id" id="@btc-embedded/cdk-extensions.DocumentDB.fromBasePlatform.parameter.id"></a>
 
 - *Type:* string
 
+Construct id for the imported component.
+
 ---
 
 ###### `name`<sup>Optional</sup> <a name="name" id="@btc-embedded/cdk-extensions.DocumentDB.fromBasePlatform.parameter.name"></a>
 
 - *Type:* string
 
+Base platform stack name used to import stack parameters.
+
 ---
 
 #### Properties <a name="Properties" id="Properties"></a>
@@ -4898,6 +4912,14 @@ The AWS Route53 HostedZone instance.
 
 - *Implements:* <a href="#@btc-embedded/cdk-extensions.IPrivateDnsNamespace">IPrivateDnsNamespace</a>
 
+Platform component that provides a Cloud Map private DNS namespace for service discovery.
+
+The namespace can either be created by this construct (via {@link PrivateDnsNamespaceProps.namespaceName})
+or referenced from an existing namespace (via {@link PrivateDnsNamespaceProps.definedPrivateDnsNamespace}).
+
+For cross-stack usage, the construct exports namespace attributes as stack parameters and
+can be imported from application stacks using {@link fromBasePlatform}.
+
 #### Initializers <a name="Initializers" id="@btc-embedded/cdk-extensions.PrivateDnsNamespace.Initializer"></a>
 
 ```typescript
@@ -4953,7 +4975,7 @@ Returns a string representation of this construct.
 | **Name** | **Description** |
 | --- | --- |
 | <code><a href="#@btc-embedded/cdk-extensions.PrivateDnsNamespace.isConstruct">isConstruct</a></code> | Checks if `x` is a construct. |
-| <code><a href="#@btc-embedded/cdk-extensions.PrivateDnsNamespace.fromBasePlatform">fromBasePlatform</a></code> | *No description.* |
+| <code><a href="#@btc-embedded/cdk-extensions.PrivateDnsNamespace.fromBasePlatform">fromBasePlatform</a></code> | Imports a {@link IPrivateDnsNamespace} instance from a base platform stack. |
 
 ---
 
@@ -4997,22 +5019,30 @@ import { PrivateDnsNamespace } from '@btc-embedded/cdk-extensions'
 PrivateDnsNamespace.fromBasePlatform(scope: Construct, id: string, stackName?: string)
 ```
 
+Imports a {@link IPrivateDnsNamespace} instance from a base platform stack.
+
 ###### `scope`<sup>Required</sup> <a name="scope" id="@btc-embedded/cdk-extensions.PrivateDnsNamespace.fromBasePlatform.parameter.scope"></a>
 
 - *Type:* constructs.Construct
 
+Construct scope to attach the imported component to.
+
 ---
 
 ###### `id`<sup>Required</sup> <a name="id" id="@btc-embedded/cdk-extensions.PrivateDnsNamespace.fromBasePlatform.parameter.id"></a>
 
 - *Type:* string
 
+Construct id for the imported component.
+
 ---
 
 ###### `stackName`<sup>Optional</sup> <a name="stackName" id="@btc-embedded/cdk-extensions.PrivateDnsNamespace.fromBasePlatform.parameter.stackName"></a>
 
 - *Type:* string
 
+Base platform stack name used to import stack parameters.
+
 ---
 
 #### Properties <a name="Properties" id="Properties"></a>
@@ -7617,7 +7647,6 @@ const apiKeyManagementProps: ApiKeyManagementProps = { ... }
 | **Name** | **Type** | **Description** |
 | --- | --- | --- |
 | <code><a href="#@btc-embedded/cdk-extensions.ApiKeyManagementProps.property.apiKeys">apiKeys</a></code> | <code><a href="#@btc-embedded/cdk-extensions.ApiKeyStore">ApiKeyStore</a></code> | The {@link ApiKeyStore} component. |
-| <code><a href="#@btc-embedded/cdk-extensions.ApiKeyManagementProps.property.userPool">userPool</a></code> | <code>aws-cdk-lib.aws_cognito.IUserPool</code> | The user pool to be used. |
 
 ---
 
@@ -7633,18 +7662,6 @@ The {@link ApiKeyStore} component.
 
 ---
 
-##### `userPool`<sup>Required</sup> <a name="userPool" id="@btc-embedded/cdk-extensions.ApiKeyManagementProps.property.userPool"></a>
-
-```typescript
-public readonly userPool: IUserPool;
-```
-
-- *Type:* aws-cdk-lib.aws_cognito.IUserPool
-
-The user pool to be used.
-
----
-
 ### ApiKeyPreTokenHandlerProps <a name="ApiKeyPreTokenHandlerProps" id="@btc-embedded/cdk-extensions.ApiKeyPreTokenHandlerProps"></a>
 
 Properties to instantiate the {@link ApiKeyPreTokenHandler} component.
@@ -7831,6 +7848,8 @@ public readonly path: string;
 
 ### ApplicationLoadBalancerExtensionPropsV2 <a name="ApplicationLoadBalancerExtensionPropsV2" id="@btc-embedded/cdk-extensions.ApplicationLoadBalancerExtensionPropsV2"></a>
 
+Properties for the ApplicationLoadBalancerExtensionV2.
+
 #### Initializer <a name="Initializer" id="@btc-embedded/cdk-extensions.ApplicationLoadBalancerExtensionPropsV2.Initializer"></a>
 
 ```typescript
@@ -7843,8 +7862,8 @@ const applicationLoadBalancerExtensionPropsV2: ApplicationLoadBalancerExtensionP
 
 | **Name** | **Type** | **Description** |
 | --- | --- | --- |
-| <code><a href="#@btc-embedded/cdk-extensions.ApplicationLoadBalancerExtensionPropsV2.property.basePlatformStackName">basePlatformStackName</a></code> | <code>string</code> | *No description.* |
-| <code><a href="#@btc-embedded/cdk-extensions.ApplicationLoadBalancerExtensionPropsV2.property.loadBalancer">loadBalancer</a></code> | <code><a href="#@btc-embedded/cdk-extensions.ApplicationLoadBalancerV2">ApplicationLoadBalancerV2</a></code> | *No description.* |
+| <code><a href="#@btc-embedded/cdk-extensions.ApplicationLoadBalancerExtensionPropsV2.property.basePlatformStackName">basePlatformStackName</a></code> | <code>string</code> | The name of the platform stack to use for the load balancer. |
+| <code><a href="#@btc-embedded/cdk-extensions.ApplicationLoadBalancerExtensionPropsV2.property.loadBalancer">loadBalancer</a></code> | <code><a href="#@btc-embedded/cdk-extensions.ApplicationLoadBalancerV2">ApplicationLoadBalancerV2</a></code> | The Application Load Balancer to use. |
 
 ---
 
@@ -7856,6 +7875,10 @@ public readonly basePlatformStackName: string;
 
 - *Type:* string
 
+The name of the platform stack to use for the load balancer.
+
+Either this or `loadBalancer` must be provided.
+
 ---
 
 ##### `loadBalancer`<sup>Optional</sup> <a name="loadBalancer" id="@btc-embedded/cdk-extensions.ApplicationLoadBalancerExtensionPropsV2.property.loadBalancer"></a>
@@ -7866,6 +7889,10 @@ public readonly loadBalancer: ApplicationLoadBalancerV2;
 
 - *Type:* <a href="#@btc-embedded/cdk-extensions.ApplicationLoadBalancerV2">ApplicationLoadBalancerV2</a>
 
+The Application Load Balancer to use.
+
+Either this or `platformStackName` must be provided.
+
 ---
 
 ### ApplicationLoadBalancerProps <a name="ApplicationLoadBalancerProps" id="@btc-embedded/cdk-extensions.ApplicationLoadBalancerProps"></a>
@@ -10388,6 +10415,8 @@ configured at the cluster level (e.g., FARGATE_SPOT).
 
 ### DocumentDbAccessExtensionProps <a name="DocumentDbAccessExtensionProps" id="@btc-embedded/cdk-extensions.DocumentDbAccessExtensionProps"></a>
 
+Configuration for {@link DocumentDbAccessExtension}.
+
 #### Initializer <a name="Initializer" id="@btc-embedded/cdk-extensions.DocumentDbAccessExtensionProps.Initializer"></a>
 
 ```typescript
@@ -10400,8 +10429,8 @@ const documentDbAccessExtensionProps: DocumentDbAccessExtensionProps = { ... }
 
 | **Name** | **Type** | **Description** |
 | --- | --- | --- |
-| <code><a href="#@btc-embedded/cdk-extensions.DocumentDbAccessExtensionProps.property.securityGroupId">securityGroupId</a></code> | <code>string</code> | *No description.* |
-| <code><a href="#@btc-embedded/cdk-extensions.DocumentDbAccessExtensionProps.property.basePlatformStackName">basePlatformStackName</a></code> | <code>string</code> | *No description.* |
+| <code><a href="#@btc-embedded/cdk-extensions.DocumentDbAccessExtensionProps.property.securityGroupId">securityGroupId</a></code> | <code>string</code> | ID of the security group associated with the database access path. |
+| <code><a href="#@btc-embedded/cdk-extensions.DocumentDbAccessExtensionProps.property.basePlatformStackName">basePlatformStackName</a></code> | <code>string</code> | Name of the base platform stack to import the shared DocumentDB instance from. |
 
 ---
 
@@ -10413,6 +10442,11 @@ public readonly securityGroupId: string;
 
 - *Type:* string
 
+ID of the security group associated with the database access path.
+
+Note: This property is currently not referenced directly by this extension's
+implementation, but is kept as part of the public contract.
+
 ---
 
 ##### `basePlatformStackName`<sup>Optional</sup> <a name="basePlatformStackName" id="@btc-embedded/cdk-extensions.DocumentDbAccessExtensionProps.property.basePlatformStackName"></a>
@@ -10423,10 +10457,16 @@ public readonly basePlatformStackName: string;
 
 - *Type:* string
 
+Name of the base platform stack to import the shared DocumentDB instance from.
+
+This is passed to {@link DocumentDB.fromBasePlatform}.
+
 ---
 
 ### DocumentDBProps <a name="DocumentDBProps" id="@btc-embedded/cdk-extensions.DocumentDBProps"></a>
 
+Properties for {@link DocumentDB}.
+
 #### Initializer <a name="Initializer" id="@btc-embedded/cdk-extensions.DocumentDBProps.Initializer"></a>
 
 ```typescript
@@ -10439,10 +10479,10 @@ const documentDBProps: DocumentDBProps = { ... }
 
 | **Name** | **Type** | **Description** |
 | --- | --- | --- |
-| <code><a href="#@btc-embedded/cdk-extensions.DocumentDBProps.property.secretName">secretName</a></code> | <code>string</code> | *No description.* |
-| <code><a href="#@btc-embedded/cdk-extensions.DocumentDBProps.property.stackName">stackName</a></code> | <code>string</code> | *No description.* |
-| <code><a href="#@btc-embedded/cdk-extensions.DocumentDBProps.property.username">username</a></code> | <code>string</code> | *No description.* |
-| <code><a href="#@btc-embedded/cdk-extensions.DocumentDBProps.property.vpc">vpc</a></code> | <code>aws-cdk-lib.aws_ec2.IVpc</code> | *No description.* |
+| <code><a href="#@btc-embedded/cdk-extensions.DocumentDBProps.property.secretName">secretName</a></code> | <code>string</code> | Name of the Secrets Manager secret that stores the DocumentDB master credentials. |
+| <code><a href="#@btc-embedded/cdk-extensions.DocumentDBProps.property.stackName">stackName</a></code> | <code>string</code> | Name of the stack this database belongs to. |
+| <code><a href="#@btc-embedded/cdk-extensions.DocumentDBProps.property.username">username</a></code> | <code>string</code> | Master username for the DocumentDB cluster. |
+| <code><a href="#@btc-embedded/cdk-extensions.DocumentDBProps.property.vpc">vpc</a></code> | <code>aws-cdk-lib.aws_ec2.IVpc</code> | VPC to deploy the DocumentDB cluster into. |
 
 ---
 
@@ -10454,6 +10494,8 @@ public readonly secretName: string;
 
 - *Type:* string
 
+Name of the Secrets Manager secret that stores the DocumentDB master credentials.
+
 ---
 
 ##### `stackName`<sup>Required</sup> <a name="stackName" id="@btc-embedded/cdk-extensions.DocumentDBProps.property.stackName"></a>
@@ -10464,6 +10506,11 @@ public readonly stackName: string;
 
 - *Type:* string
 
+Name of the stack this database belongs to.
+
+Note: This value is currently not referenced directly by the implementation,
+but is kept as part of the public contract.
+
 ---
 
 ##### `username`<sup>Required</sup> <a name="username" id="@btc-embedded/cdk-extensions.DocumentDBProps.property.username"></a>
@@ -10474,6 +10521,8 @@ public readonly username: string;
 
 - *Type:* string
 
+Master username for the DocumentDB cluster.
+
 ---
 
 ##### `vpc`<sup>Required</sup> <a name="vpc" id="@btc-embedded/cdk-extensions.DocumentDBProps.property.vpc"></a>
@@ -10484,6 +10533,8 @@ public readonly vpc: IVpc;
 
 - *Type:* aws-cdk-lib.aws_ec2.IVpc
 
+VPC to deploy the DocumentDB cluster into.
+
 ---
 
 ### EcsClusterAttributes <a name="EcsClusterAttributes" id="@btc-embedded/cdk-extensions.EcsClusterAttributes"></a>
@@ -10800,6 +10851,8 @@ The path to mount the EFS to.
 
 ### EnvironmentVariableNames <a name="EnvironmentVariableNames" id="@btc-embedded/cdk-extensions.EnvironmentVariableNames"></a>
 
+Optional overrides for the environment variable names injected into application containers.
+
 #### Initializer <a name="Initializer" id="@btc-embedded/cdk-extensions.EnvironmentVariableNames.Initializer"></a>
 
 ```typescript
@@ -10812,7 +10865,7 @@ const environmentVariableNames: EnvironmentVariableNames = { ... }
 
 | **Name** | **Type** | **Description** |
 | --- | --- | --- |
-| <code><a href="#@btc-embedded/cdk-extensions.EnvironmentVariableNames.property.databaseUrl">databaseUrl</a></code> | <code>string</code> | Environment variable for the connction string. |
+| <code><a href="#@btc-embedded/cdk-extensions.EnvironmentVariableNames.property.databaseUrl">databaseUrl</a></code> | <code>string</code> | Environment variable for the connection string. |
 | <code><a href="#@btc-embedded/cdk-extensions.EnvironmentVariableNames.property.postgresDatabase">postgresDatabase</a></code> | <code>string</code> | Environment variable for the Postgres database name. |
 | <code><a href="#@btc-embedded/cdk-extensions.EnvironmentVariableNames.property.postgresEndpoint">postgresEndpoint</a></code> | <code>string</code> | Environment variable for the Postgres endpoint. |
 | <code><a href="#@btc-embedded/cdk-extensions.EnvironmentVariableNames.property.postgresPassword">postgresPassword</a></code> | <code>string</code> | Environment variable for the Postgres password. |
@@ -10829,7 +10882,7 @@ public readonly databaseUrl: string;
 - *Type:* string
 - *Default:* DATABASE_URL
 
-Environment variable for the connction string.
+Environment variable for the connection string.
 
 ---
 
@@ -10887,6 +10940,8 @@ Environment variable for the Postgres username.
 
 ### EventListenerExtensionProps <a name="EventListenerExtensionProps" id="@btc-embedded/cdk-extensions.EventListenerExtensionProps"></a>
 
+Configuration for {@link DomainEventMessagingExtension}.
+
 #### Initializer <a name="Initializer" id="@btc-embedded/cdk-extensions.EventListenerExtensionProps.Initializer"></a>
 
 ```typescript
@@ -10899,7 +10954,7 @@ const eventListenerExtensionProps: EventListenerExtensionProps = { ... }
 
 | **Name** | **Type** | **Description** |
 | --- | --- | --- |
-| <code><a href="#@btc-embedded/cdk-extensions.EventListenerExtensionProps.property.queue">queue</a></code> | <code>aws-cdk-lib.aws_sqs.Queue</code> | *No description.* |
+| <code><a href="#@btc-embedded/cdk-extensions.EventListenerExtensionProps.property.queue">queue</a></code> | <code>aws-cdk-lib.aws_sqs.Queue</code> | Optional SQS queue to use for inbound domain events. |
 
 ---
 
@@ -10911,6 +10966,10 @@ public readonly queue: Queue;
 
 - *Type:* aws-cdk-lib.aws_sqs.Queue
 
+Optional SQS queue to use for inbound domain events.
+
+If omitted, the extension creates a new queue and a dead-letter queue.
+
 ---
 
 ### EventPipeProps <a name="EventPipeProps" id="@btc-embedded/cdk-extensions.EventPipeProps"></a>
@@ -11021,6 +11080,8 @@ If omitted, a new role is created.
 
 ### ExistingLogroupOption <a name="ExistingLogroupOption" id="@btc-embedded/cdk-extensions.ExistingLogroupOption"></a>
 
+Option to use an already created CloudWatch Log Group for container logging.
+
 #### Initializer <a name="Initializer" id="@btc-embedded/cdk-extensions.ExistingLogroupOption.Initializer"></a>
 
 ```typescript
@@ -11033,7 +11094,7 @@ const existingLogroupOption: ExistingLogroupOption = { ... }
 
 | **Name** | **Type** | **Description** |
 | --- | --- | --- |
-| <code><a href="#@btc-embedded/cdk-extensions.ExistingLogroupOption.property.logGroup">logGroup</a></code> | <code>aws-cdk-lib.aws_logs.ILogGroup</code> | *No description.* |
+| <code><a href="#@btc-embedded/cdk-extensions.ExistingLogroupOption.property.logGroup">logGroup</a></code> | <code>aws-cdk-lib.aws_logs.ILogGroup</code> | Target CloudWatch log group for container stdout/stderr. |
 
 ---
 
@@ -11045,6 +11106,8 @@ public readonly logGroup: ILogGroup;
 
 - *Type:* aws-cdk-lib.aws_logs.ILogGroup
 
+Target CloudWatch log group for container stdout/stderr.
+
 ---
 
 ### ExportedServiceLookupOptions <a name="ExportedServiceLookupOptions" id="@btc-embedded/cdk-extensions.ExportedServiceLookupOptions"></a>
@@ -11476,6 +11539,8 @@ Hosted Zone to create the gateway domain A record.
 
 ### ImportLogGroupOption <a name="ImportLogGroupOption" id="@btc-embedded/cdk-extensions.ImportLogGroupOption"></a>
 
+Option to import the shared base platform log group.
+
 #### Initializer <a name="Initializer" id="@btc-embedded/cdk-extensions.ImportLogGroupOption.Initializer"></a>
 
 ```typescript
@@ -11488,7 +11553,7 @@ const importLogGroupOption: ImportLogGroupOption = { ... }
 
 | **Name** | **Type** | **Description** |
 | --- | --- | --- |
-| <code><a href="#@btc-embedded/cdk-extensions.ImportLogGroupOption.property.basePlatformStackName">basePlatformStackName</a></code> | <code>string</code> | *No description.* |
+| <code><a href="#@btc-embedded/cdk-extensions.ImportLogGroupOption.property.basePlatformStackName">basePlatformStackName</a></code> | <code>string</code> | Base platform stack name used to import the log group via {@link BTCLogGroup.fromBasePlatform}. |
 
 ---
 
@@ -11500,6 +11565,8 @@ public readonly basePlatformStackName: string;
 
 - *Type:* string
 
+Base platform stack name used to import the log group via {@link BTCLogGroup.fromBasePlatform}.
+
 ---
 
 ### InputTemplate <a name="InputTemplate" id="@btc-embedded/cdk-extensions.InputTemplate"></a>
@@ -11756,6 +11823,8 @@ The parameter passed to the default container to perform the database migration.
 
 ### PredefinedPrivateDnsNamespaceProps <a name="PredefinedPrivateDnsNamespaceProps" id="@btc-embedded/cdk-extensions.PredefinedPrivateDnsNamespaceProps"></a>
 
+Attributes describing an already existing (predefined) Cloud Map private DNS namespace.
+
 #### Initializer <a name="Initializer" id="@btc-embedded/cdk-extensions.PredefinedPrivateDnsNamespaceProps.Initializer"></a>
 
 ```typescript
@@ -11768,9 +11837,9 @@ const predefinedPrivateDnsNamespaceProps: PredefinedPrivateDnsNamespaceProps = {
 
 | **Name** | **Type** | **Description** |
 | --- | --- | --- |
-| <code><a href="#@btc-embedded/cdk-extensions.PredefinedPrivateDnsNamespaceProps.property.arn">arn</a></code> | <code>string</code> | *No description.* |
-| <code><a href="#@btc-embedded/cdk-extensions.PredefinedPrivateDnsNamespaceProps.property.id">id</a></code> | <code>string</code> | *No description.* |
-| <code><a href="#@btc-embedded/cdk-extensions.PredefinedPrivateDnsNamespaceProps.property.namespace">namespace</a></code> | <code>string</code> | *No description.* |
+| <code><a href="#@btc-embedded/cdk-extensions.PredefinedPrivateDnsNamespaceProps.property.arn">arn</a></code> | <code>string</code> | Namespace ARN. |
+| <code><a href="#@btc-embedded/cdk-extensions.PredefinedPrivateDnsNamespaceProps.property.id">id</a></code> | <code>string</code> | Namespace ID. |
+| <code><a href="#@btc-embedded/cdk-extensions.PredefinedPrivateDnsNamespaceProps.property.namespace">namespace</a></code> | <code>string</code> | Namespace name (e.g. `services.internal`). |
 
 ---
 
@@ -11782,6 +11851,8 @@ public readonly arn: string;
 
 - *Type:* string
 
+Namespace ARN.
+
 ---
 
 ##### `id`<sup>Required</sup> <a name="id" id="@btc-embedded/cdk-extensions.PredefinedPrivateDnsNamespaceProps.property.id"></a>
@@ -11792,6 +11863,8 @@ public readonly id: string;
 
 - *Type:* string
 
+Namespace ID.
+
 ---
 
 ##### `namespace`<sup>Required</sup> <a name="namespace" id="@btc-embedded/cdk-extensions.PredefinedPrivateDnsNamespaceProps.property.namespace"></a>
@@ -11802,6 +11875,8 @@ public readonly namespace: string;
 
 - *Type:* string
 
+Namespace name (e.g. `services.internal`).
+
 ---
 
 ### PrefixFilterRule <a name="PrefixFilterRule" id="@btc-embedded/cdk-extensions.PrefixFilterRule"></a>
@@ -11836,6 +11911,8 @@ public readonly prefix: string | FilterEqualsIgnoreCase;
 
 ### PrivateDnsNamespaceProps <a name="PrivateDnsNamespaceProps" id="@btc-embedded/cdk-extensions.PrivateDnsNamespaceProps"></a>
 
+Properties for {@link PrivateDnsNamespace}.
+
 #### Initializer <a name="Initializer" id="@btc-embedded/cdk-extensions.PrivateDnsNamespaceProps.Initializer"></a>
 
 ```typescript
@@ -11848,9 +11925,9 @@ const privateDnsNamespaceProps: PrivateDnsNamespaceProps = { ... }
 
 | **Name** | **Type** | **Description** |
 | --- | --- | --- |
-| <code><a href="#@btc-embedded/cdk-extensions.PrivateDnsNamespaceProps.property.vpc">vpc</a></code> | <code>aws-cdk-lib.aws_ec2.IVpc</code> | *No description.* |
-| <code><a href="#@btc-embedded/cdk-extensions.PrivateDnsNamespaceProps.property.definedPrivateDnsNamespace">definedPrivateDnsNamespace</a></code> | <code><a href="#@btc-embedded/cdk-extensions.PredefinedPrivateDnsNamespaceProps">PredefinedPrivateDnsNamespaceProps</a></code> | *No description.* |
-| <code><a href="#@btc-embedded/cdk-extensions.PrivateDnsNamespaceProps.property.namespaceName">namespaceName</a></code> | <code>string</code> | *No description.* |
+| <code><a href="#@btc-embedded/cdk-extensions.PrivateDnsNamespaceProps.property.vpc">vpc</a></code> | <code>aws-cdk-lib.aws_ec2.IVpc</code> | VPC in which the private DNS namespace is created/associated. |
+| <code><a href="#@btc-embedded/cdk-extensions.PrivateDnsNamespaceProps.property.definedPrivateDnsNamespace">definedPrivateDnsNamespace</a></code> | <code><a href="#@btc-embedded/cdk-extensions.PredefinedPrivateDnsNamespaceProps">PredefinedPrivateDnsNamespaceProps</a></code> | Reuse an existing namespace by providing its attributes. |
+| <code><a href="#@btc-embedded/cdk-extensions.PrivateDnsNamespaceProps.property.namespaceName">namespaceName</a></code> | <code>string</code> | Name for a new private DNS namespace to be created. |
 
 ---
 
@@ -11862,6 +11939,8 @@ public readonly vpc: IVpc;
 
 - *Type:* aws-cdk-lib.aws_ec2.IVpc
 
+VPC in which the private DNS namespace is created/associated.
+
 ---
 
 ##### `definedPrivateDnsNamespace`<sup>Optional</sup> <a name="definedPrivateDnsNamespace" id="@btc-embedded/cdk-extensions.PrivateDnsNamespaceProps.property.definedPrivateDnsNamespace"></a>
@@ -11872,6 +11951,10 @@ public readonly definedPrivateDnsNamespace: PredefinedPrivateDnsNamespaceProps;
 
 - *Type:* <a href="#@btc-embedded/cdk-extensions.PredefinedPrivateDnsNamespaceProps">PredefinedPrivateDnsNamespaceProps</a>
 
+Reuse an existing namespace by providing its attributes.
+
+If set, {@link namespaceName} is ignored.
+
 ---
 
 ##### `namespaceName`<sup>Optional</sup> <a name="namespaceName" id="@btc-embedded/cdk-extensions.PrivateDnsNamespaceProps.property.namespaceName"></a>
@@ -11882,6 +11965,10 @@ public readonly namespaceName: string;
 
 - *Type:* string
 
+Name for a new private DNS namespace to be created.
+
+Required when {@link definedPrivateDnsNamespace} is not provided.
+
 ---
 
 ### ResourceServerProps <a name="ResourceServerProps" id="@btc-embedded/cdk-extensions.ResourceServerProps"></a>
@@ -12368,6 +12455,13 @@ public readonly invocationType: InvocationType;
 
 ### TcpKeepAliveExtensionProps <a name="TcpKeepAliveExtensionProps" id="@btc-embedded/cdk-extensions.TcpKeepAliveExtensionProps"></a>
 
+Configuration for Linux TCP keepalive settings applied to the ECS task container via `systemControls`.
+
+Values map to the following kernel parameters:
+- `net.ipv4.tcp_keepalive_time`
+- `net.ipv4.tcp_keepalive_intvl`
+- `net.ipv4.tcp_keepalive_probes`
+
 #### Initializer <a name="Initializer" id="@btc-embedded/cdk-extensions.TcpKeepAliveExtensionProps.Initializer"></a>
 
 ```typescript
@@ -12380,9 +12474,9 @@ const tcpKeepAliveExtensionProps: TcpKeepAliveExtensionProps = { ... }
 
 | **Name** | **Type** | **Description** |
 | --- | --- | --- |
-| <code><a href="#@btc-embedded/cdk-extensions.TcpKeepAliveExtensionProps.property.interval">interval</a></code> | <code>number</code> | *No description.* |
-| <code><a href="#@btc-embedded/cdk-extensions.TcpKeepAliveExtensionProps.property.probes">probes</a></code> | <code>number</code> | *No description.* |
-| <code><a href="#@btc-embedded/cdk-extensions.TcpKeepAliveExtensionProps.property.time">time</a></code> | <code>number</code> | *No description.* |
+| <code><a href="#@btc-embedded/cdk-extensions.TcpKeepAliveExtensionProps.property.interval">interval</a></code> | <code>number</code> | Seconds between keepalive probes. |
+| <code><a href="#@btc-embedded/cdk-extensions.TcpKeepAliveExtensionProps.property.probes">probes</a></code> | <code>number</code> | Number of unacknowledged probes before declaring the connection dead. |
+| <code><a href="#@btc-embedded/cdk-extensions.TcpKeepAliveExtensionProps.property.time">time</a></code> | <code>number</code> | Seconds of idle time before keepalive probes are sent. |
 
 ---
 
@@ -12394,6 +12488,8 @@ public readonly interval: number;
 
 - *Type:* number
 
+Seconds between keepalive probes.
+
 ---
 
 ##### `probes`<sup>Required</sup> <a name="probes" id="@btc-embedded/cdk-extensions.TcpKeepAliveExtensionProps.property.probes"></a>
@@ -12404,6 +12500,8 @@ public readonly probes: number;
 
 - *Type:* number
 
+Number of unacknowledged probes before declaring the connection dead.
+
 ---
 
 ##### `time`<sup>Required</sup> <a name="time" id="@btc-embedded/cdk-extensions.TcpKeepAliveExtensionProps.property.time"></a>
@@ -12414,6 +12512,8 @@ public readonly time: number;
 
 - *Type:* number
 
+Seconds of idle time before keepalive probes are sent.
+
 ---
 
 ### VpcProps <a name="VpcProps" id="@btc-embedded/cdk-extensions.VpcProps"></a>
@@ -13139,6 +13239,8 @@ public readonly userPoolDomain: IUserPoolDomain;
 
 ### ApplicationLoadBalancerExtensionV2 <a name="ApplicationLoadBalancerExtensionV2" id="@btc-embedded/cdk-extensions.ApplicationLoadBalancerExtensionV2"></a>
 
+A service extension that adds an Application Load Balancer to an ECS service.
+
 #### Initializers <a name="Initializers" id="@btc-embedded/cdk-extensions.ApplicationLoadBalancerExtensionV2.Initializer"></a>
 
 ```typescript
@@ -13149,7 +13251,7 @@ new ApplicationLoadBalancerExtensionV2(props: ApplicationLoadBalancerExtensionPr
 
 | **Name** | **Type** | **Description** |
 | --- | --- | --- |
-| <code><a href="#@btc-embedded/cdk-extensions.ApplicationLoadBalancerExtensionV2.Initializer.parameter.props">props</a></code> | <code><a href="#@btc-embedded/cdk-extensions.ApplicationLoadBalancerExtensionPropsV2">ApplicationLoadBalancerExtensionPropsV2</a></code> | *No description.* |
+| <code><a href="#@btc-embedded/cdk-extensions.ApplicationLoadBalancerExtensionV2.Initializer.parameter.props">props</a></code> | <code><a href="#@btc-embedded/cdk-extensions.ApplicationLoadBalancerExtensionPropsV2">ApplicationLoadBalancerExtensionPropsV2</a></code> | - The properties for configuring the load balancer extension. |
 
 ---
 
@@ -13157,6 +13259,8 @@ new ApplicationLoadBalancerExtensionV2(props: ApplicationLoadBalancerExtensionPr
 
 - *Type:* <a href="#@btc-embedded/cdk-extensions.ApplicationLoadBalancerExtensionPropsV2">ApplicationLoadBalancerExtensionPropsV2</a>
 
+The properties for configuring the load balancer extension.
+
 ---
 
 #### Methods <a name="Methods" id="Methods"></a>
@@ -14143,6 +14247,14 @@ connected to the service.
 
 ### DocumentDbAccessExtension <a name="DocumentDbAccessExtension" id="@btc-embedded/cdk-extensions.DocumentDbAccessExtension"></a>
 
+ECS Service Extension that grants a service access to a shared Amazon DocumentDB instance defined in the base platform stack.
+
+At synth-time, this extension:
+- imports the base platform DocumentDB via {@link DocumentDB.fromBasePlatform}
+- injects a `MONGODB_URL` secret into selected containers
+- optionally adds environment defaults needed by the application runtime
+- grants network/IAM access for the ECS service via `documentDb.allowAccess(...)`
+
 #### Initializers <a name="Initializers" id="@btc-embedded/cdk-extensions.DocumentDbAccessExtension.Initializer"></a>
 
 ```typescript
@@ -14394,6 +14506,14 @@ public readonly documentDb: IDocumentDB;
 
 ### DomainEventMessagingExtension <a name="DomainEventMessagingExtension" id="@btc-embedded/cdk-extensions.DomainEventMessagingExtension"></a>
 
+ECS Service Extension that wires domain-event messaging via SNS + SQS.
+
+It supports two complementary capabilities:
+- **Subscribe**: create/attach an SQS queue and subscribe it to one or more SNS topics
+- **Publish**: inject SNS topic metadata into the task so the service can publish events
+
+Internally it composes the ECS Service Extensions `QueueExtension` and `InjecterExtension`.
+
 #### Initializers <a name="Initializers" id="@btc-embedded/cdk-extensions.DomainEventMessagingExtension.Initializer"></a>
 
 ```typescript
@@ -15522,6 +15642,12 @@ public readonly props: HTTPApiExtensionProps;
 
 ### LogExtension <a name="LogExtension" id="@btc-embedded/cdk-extensions.LogExtension"></a>
 
+ECS Service Extension that configures CloudWatch Logs for all containers in a service.
+
+You can either:
+- pass an existing log group ({@link ExistingLogroupOption}), or
+- import a shared base platform log group ({@link ImportLogGroupOption}).
+
 #### Initializers <a name="Initializers" id="@btc-embedded/cdk-extensions.LogExtension.Initializer"></a>
 
 ```typescript
@@ -16253,6 +16379,15 @@ public readonly props: TaskDefinitionProps;
 
 ### OpenIdExtension <a name="OpenIdExtension" id="@btc-embedded/cdk-extensions.OpenIdExtension"></a>
 
+ECS service extension that wires the service to OpenID Connect settings from the base platform's Cognito user pool.
+
+This extension injects the following into the main application container:
+- `OIDC_ISSUER_URL`
+- `OIDC_CLIENT_ID`
+- `OIDC_SCOPE`
+- `OIDC_CLIENT_SECRET` (as a Secrets Manager secret)
+- `OIDC_REDIRECT_URI` (optional)
+
 #### Initializers <a name="Initializers" id="@btc-embedded/cdk-extensions.OpenIdExtension.Initializer"></a>
 
 ```typescript
@@ -16278,11 +16413,11 @@ new OpenIdExtension(props: OpenIdExtensionProps)
 | **Name** | **Description** |
 | --- | --- |
 | <code><a href="#@btc-embedded/cdk-extensions.OpenIdExtension.addContainerMutatingHook">addContainerMutatingHook</a></code> | This hook allows another service extension to register a mutating hook for changing the primary container of this extension. |
-| <code><a href="#@btc-embedded/cdk-extensions.OpenIdExtension.addHooks">addHooks</a></code> | A hook that allows the extension to add hooks to other extensions that are registered. |
+| <code><a href="#@btc-embedded/cdk-extensions.OpenIdExtension.addHooks">addHooks</a></code> | Registers container hooks after the parent service and user pool are known. |
 | <code><a href="#@btc-embedded/cdk-extensions.OpenIdExtension.connectToService">connectToService</a></code> | This hook allows the extension to establish a connection to extensions from another service. |
 | <code><a href="#@btc-embedded/cdk-extensions.OpenIdExtension.modifyServiceProps">modifyServiceProps</a></code> | Prior to launching the task definition as a service, this hook is called on each extension to give it a chance to mutate the properties of the service to be created. |
 | <code><a href="#@btc-embedded/cdk-extensions.OpenIdExtension.modifyTaskDefinitionProps">modifyTaskDefinitionProps</a></code> | This is a hook which allows extensions to modify the settings of the task definition prior to it being created. |
-| <code><a href="#@btc-embedded/cdk-extensions.OpenIdExtension.prehook">prehook</a></code> | A hook that is called for each extension ahead of time to allow for any initial setup, such as creating resources in advance. |
+| <code><a href="#@btc-embedded/cdk-extensions.OpenIdExtension.prehook">prehook</a></code> | Resolves base-platform resources needed by the extension. |
 | <code><a href="#@btc-embedded/cdk-extensions.OpenIdExtension.resolveContainerDependencies">resolveContainerDependencies</a></code> | Once all containers are added to the task definition, this hook is called for each extension to give it a chance to resolve its dependency graph so that its container starts in the right order based on the other extensions that were enabled. |
 | <code><a href="#@btc-embedded/cdk-extensions.OpenIdExtension.useService">useService</a></code> | When this hook is implemented by extension, it allows the extension to use the service which has been created. |
 | <code><a href="#@btc-embedded/cdk-extensions.OpenIdExtension.useTaskDefinition">useTaskDefinition</a></code> | Once the task definition is created, this hook is called for each extension to give it a chance to add containers to the task definition, change the task definition's role to add permissions, etc. |
@@ -16314,7 +16449,10 @@ route logs through Firelens.
 public addHooks(): void
 ```
 
-A hook that allows the extension to add hooks to other extensions that are registered.
+Registers container hooks after the parent service and user pool are known.
+
+Requires a main container named `service-container` with a configured
+traffic port.
 
 ##### `connectToService` <a name="connectToService" id="@btc-embedded/cdk-extensions.OpenIdExtension.connectToService"></a>
 
@@ -16385,7 +16523,9 @@ Properties of the task definition to be created.
 public prehook(service: Service, _scope: Construct): void
 ```
 
-A hook that is called for each extension ahead of time to allow for any initial setup, such as creating resources in advance.
+Resolves base-platform resources needed by the extension.
+
+Called by the extensions framework before hooks are applied.
 
 ###### `service`<sup>Required</sup> <a name="service" id="@btc-embedded/cdk-extensions.OpenIdExtension.prehook.parameter.service"></a>
 
@@ -16449,7 +16589,7 @@ The created task definition to add containers to.
 | --- | --- | --- |
 | <code><a href="#@btc-embedded/cdk-extensions.OpenIdExtension.property.name">name</a></code> | <code>string</code> | The name of the extension. |
 | <code><a href="#@btc-embedded/cdk-extensions.OpenIdExtension.property.container">container</a></code> | <code>aws-cdk-lib.aws_ecs.ContainerDefinition</code> | The container for this extension. |
-| <code><a href="#@btc-embedded/cdk-extensions.OpenIdExtension.property.cognitoUserPool">cognitoUserPool</a></code> | <code><a href="#@btc-embedded/cdk-extensions.ICognitoUserPool">ICognitoUserPool</a></code> | *No description.* |
+| <code><a href="#@btc-embedded/cdk-extensions.OpenIdExtension.property.cognitoUserPool">cognitoUserPool</a></code> | <code><a href="#@btc-embedded/cdk-extensions.ICognitoUserPool">ICognitoUserPool</a></code> | Resolved Cognito user pool from the base platform. |
 
 ---
 
@@ -16490,6 +16630,10 @@ public readonly cognitoUserPool: ICognitoUserPool;
 
 - *Type:* <a href="#@btc-embedded/cdk-extensions.ICognitoUserPool">ICognitoUserPool</a>
 
+Resolved Cognito user pool from the base platform.
+
+Populated during {@link prehook}.
+
 ---
 
 
@@ -16741,6 +16885,15 @@ public readonly props: OpenTelemetryExtensionProps;
 
 ### PostgresDbAccessExtension <a name="PostgresDbAccessExtension" id="@btc-embedded/cdk-extensions.PostgresDbAccessExtension"></a>
 
+ECS service extension that grants an ECS service access to an Aurora Postgres database created by the base platform.
+
+What it does:
+- Imports DB endpoint, secrets and security group IDs from the base platform stack outputs.
+- Allows the service SG to connect to the DB SG on port 5432.
+- Injects connection details into selected containers via container hooks.
+- Optionally adds a one-shot migration container and wires dependencies so the
+  main container starts only after migrations succeed.
+
 #### Initializers <a name="Initializers" id="@btc-embedded/cdk-extensions.PostgresDbAccessExtension.Initializer"></a>
 
 ```typescript
@@ -16766,14 +16919,14 @@ new PostgresDbAccessExtension(props: PostgresDbAccessExtensionProps)
 | **Name** | **Description** |
 | --- | --- |
 | <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.addContainerMutatingHook">addContainerMutatingHook</a></code> | This hook allows another service extension to register a mutating hook for changing the primary container of this extension. |
-| <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.addHooks">addHooks</a></code> | A hook that allows the extension to add hooks to other extensions that are registered. |
+| <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.addHooks">addHooks</a></code> | Applies the Postgres env/secrets hook to database-access containers. |
 | <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.connectToService">connectToService</a></code> | This hook allows the extension to establish a connection to extensions from another service. |
-| <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.modifyServiceProps">modifyServiceProps</a></code> | Prior to launching the task definition as a service, this hook is called on each extension to give it a chance to mutate the properties of the service to be created. |
+| <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.modifyServiceProps">modifyServiceProps</a></code> | When migrations are enabled, ensures the default container depends on the migration container completing successfully. |
 | <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.modifyTaskDefinitionProps">modifyTaskDefinitionProps</a></code> | This is a hook which allows extensions to modify the settings of the task definition prior to it being created. |
-| <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.prehook">prehook</a></code> | A hook that is called for each extension ahead of time to allow for any initial setup, such as creating resources in advance. |
+| <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.prehook">prehook</a></code> | Resolves base-platform outputs (endpoint, secret ARNs) and prepares a service-specific connection-string secret. |
 | <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.resolveContainerDependencies">resolveContainerDependencies</a></code> | Once all containers are added to the task definition, this hook is called for each extension to give it a chance to resolve its dependency graph so that its container starts in the right order based on the other extensions that were enabled. |
-| <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.useService">useService</a></code> | When this hook is implemented by extension, it allows the extension to use the service which has been created. |
-| <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.useTaskDefinition">useTaskDefinition</a></code> | Once the task definition is created, this hook is called for each extension to give it a chance to add containers to the task definition, change the task definition's role to add permissions, etc. |
+| <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.useService">useService</a></code> | Grants the ECS service security group ingress to the database security group on TCP 5432. |
+| <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.useTaskDefinition">useTaskDefinition</a></code> | Optionally adds a non-essential migration container that runs before the default container. |
 
 ---
 
@@ -16802,7 +16955,10 @@ route logs through Firelens.
 public addHooks(): void
 ```
 
-A hook that allows the extension to add hooks to other extensions that are registered.
+Applies the Postgres env/secrets hook to database-access containers.
+
+If `enableMigration` is true, also applies the hook to the migration
+container (created later in {@link useTaskDefinition}).
 
 ##### `connectToService` <a name="connectToService" id="@btc-embedded/cdk-extensions.PostgresDbAccessExtension.connectToService"></a>
 
@@ -16836,7 +16992,7 @@ The other service to connect to.
 public modifyServiceProps(props: ServiceBuild): ServiceBuild
 ```
 
-Prior to launching the task definition as a service, this hook is called on each extension to give it a chance to mutate the properties of the service to be created.
+When migrations are enabled, ensures the default container depends on the migration container completing successfully.
 
 ###### `props`<sup>Required</sup> <a name="props" id="@btc-embedded/cdk-extensions.PostgresDbAccessExtension.modifyServiceProps.parameter.props"></a>
 
@@ -16871,7 +17027,7 @@ Properties of the task definition to be created.
 public prehook(parent: Service, _scope: Construct): void
 ```
 
-A hook that is called for each extension ahead of time to allow for any initial setup, such as creating resources in advance.
+Resolves base-platform outputs (endpoint, secret ARNs) and prepares a service-specific connection-string secret.
 
 ###### `parent`<sup>Required</sup> <a name="parent" id="@btc-embedded/cdk-extensions.PostgresDbAccessExtension.prehook.parameter.parent"></a>
 
@@ -16899,10 +17055,7 @@ Once all containers are added to the task definition, this hook is called for ea
 public useService(service: Ec2Service | FargateService): void
 ```
 
-When this hook is implemented by extension, it allows the extension to use the service which has been created.
-
-It is generally used to
-create any final resources which might depend on the service itself.
+Grants the ECS service security group ingress to the database security group on TCP 5432.
 
 ###### `service`<sup>Required</sup> <a name="service" id="@btc-embedded/cdk-extensions.PostgresDbAccessExtension.useService.parameter.service"></a>
 
@@ -16916,7 +17069,10 @@ create any final resources which might depend on the service itself.
 public useTaskDefinition(taskDefinition: TaskDefinition): void
 ```
 
-Once the task definition is created, this hook is called for each extension to give it a chance to add containers to the task definition, change the task definition's role to add permissions, etc.
+Optionally adds a non-essential migration container that runs before the default container.
+
+The migration container uses the same image repo/tag as the default
+container, but runs with `command: [migrationParameter]`.
 
 ###### `taskDefinition`<sup>Required</sup> <a name="taskDefinition" id="@btc-embedded/cdk-extensions.PostgresDbAccessExtension.useTaskDefinition.parameter.taskDefinition"></a>
 
@@ -16932,9 +17088,9 @@ Once the task definition is created, this hook is called for each extension to g
 | <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.property.name">name</a></code> | <code>string</code> | The name of the extension. |
 | <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.property.container">container</a></code> | <code>aws-cdk-lib.aws_ecs.ContainerDefinition</code> | The container for this extension. |
 | <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.property.props">props</a></code> | <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtensionProps">PostgresDbAccessExtensionProps</a></code> | *No description.* |
-| <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.property.connectionString">connectionString</a></code> | <code>aws-cdk-lib.aws_secretsmanager.ISecret</code> | *No description.* |
-| <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.property.credentialsSecret">credentialsSecret</a></code> | <code>aws-cdk-lib.aws_secretsmanager.ISecret</code> | *No description.* |
-| <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.property.endpoint">endpoint</a></code> | <code>string</code> | *No description.* |
+| <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.property.connectionString">connectionString</a></code> | <code>aws-cdk-lib.aws_secretsmanager.ISecret</code> | Connection-string secret created for this service (populated in {@link prehook}). |
+| <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.property.credentialsSecret">credentialsSecret</a></code> | <code>aws-cdk-lib.aws_secretsmanager.ISecret</code> | Credentials secret imported from base platform (populated in {@link prehook}). |
+| <code><a href="#@btc-embedded/cdk-extensions.PostgresDbAccessExtension.property.endpoint">endpoint</a></code> | <code>string</code> | Database endpoint imported from base platform (populated in {@link prehook}). |
 
 ---
 
@@ -16985,6 +17141,8 @@ public readonly connectionString: ISecret;
 
 - *Type:* aws-cdk-lib.aws_secretsmanager.ISecret
 
+Connection-string secret created for this service (populated in {@link prehook}).
+
 ---
 
 ##### `credentialsSecret`<sup>Required</sup> <a name="credentialsSecret" id="@btc-embedded/cdk-extensions.PostgresDbAccessExtension.property.credentialsSecret"></a>
@@ -16995,6 +17153,8 @@ public readonly credentialsSecret: ISecret;
 
 - *Type:* aws-cdk-lib.aws_secretsmanager.ISecret
 
+Credentials secret imported from base platform (populated in {@link prehook}).
+
 ---
 
 ##### `endpoint`<sup>Required</sup> <a name="endpoint" id="@btc-embedded/cdk-extensions.PostgresDbAccessExtension.property.endpoint"></a>
@@ -17005,6 +17165,8 @@ public readonly endpoint: string;
 
 - *Type:* string
 
+Database endpoint imported from base platform (populated in {@link prehook}).
+
 ---
 
 
@@ -17359,6 +17521,13 @@ If not provided, will resolve from context.
 
 ### TcpKeepAliveExtension <a name="TcpKeepAliveExtension" id="@btc-embedded/cdk-extensions.TcpKeepAliveExtension"></a>
 
+ECS service extension that configures Linux TCP keepalive settings for the service's containers.
+
+If no props are provided, defaults are applied:
+- `time`: 200
+- `interval`: 200
+- `probes`: 5
+
 #### Initializers <a name="Initializers" id="@btc-embedded/cdk-extensions.TcpKeepAliveExtension.Initializer"></a>
 
 ```typescript
@@ -17384,7 +17553,7 @@ new TcpKeepAliveExtension(props?: TcpKeepAliveExtensionProps)
 | **Name** | **Description** |
 | --- | --- |
 | <code><a href="#@btc-embedded/cdk-extensions.TcpKeepAliveExtension.addContainerMutatingHook">addContainerMutatingHook</a></code> | This hook allows another service extension to register a mutating hook for changing the primary container of this extension. |
-| <code><a href="#@btc-embedded/cdk-extensions.TcpKeepAliveExtension.addHooks">addHooks</a></code> | A hook that allows the extension to add hooks to other extensions that are registered. |
+| <code><a href="#@btc-embedded/cdk-extensions.TcpKeepAliveExtension.addHooks">addHooks</a></code> | Registers a container mutating hook that sets TCP keepalive sysctls. |
 | <code><a href="#@btc-embedded/cdk-extensions.TcpKeepAliveExtension.connectToService">connectToService</a></code> | This hook allows the extension to establish a connection to extensions from another service. |
 | <code><a href="#@btc-embedded/cdk-extensions.TcpKeepAliveExtension.modifyServiceProps">modifyServiceProps</a></code> | Prior to launching the task definition as a service, this hook is called on each extension to give it a chance to mutate the properties of the service to be created. |
 | <code><a href="#@btc-embedded/cdk-extensions.TcpKeepAliveExtension.modifyTaskDefinitionProps">modifyTaskDefinitionProps</a></code> | This is a hook which allows extensions to modify the settings of the task definition prior to it being created. |
@@ -17420,7 +17589,7 @@ route logs through Firelens.
 public addHooks(): void
 ```
 
-A hook that allows the extension to add hooks to other extensions that are registered.
+Registers a container mutating hook that sets TCP keepalive sysctls.
 
 ##### `connectToService` <a name="connectToService" id="@btc-embedded/cdk-extensions.TcpKeepAliveExtension.connectToService"></a>
 
@@ -17816,6 +17985,11 @@ public readonly userPool: IUserPool;
 
 - *Implemented By:* <a href="#@btc-embedded/cdk-extensions.DocumentDBBase">DocumentDBBase</a>, <a href="#@btc-embedded/cdk-extensions.IDocumentDB">IDocumentDB</a>
 
+Public interface for a DocumentDB component.
+
+The component exposes the connection secret and security group so application stacks
+can wire services to it while keeping the underlying implementation hidden.
+
 #### Methods <a name="Methods" id="Methods"></a>
 
 | **Name** | **Description** |
@@ -18071,6 +18245,8 @@ The AWS Route53 HostedZone instance.
 
 - *Implemented By:* <a href="#@btc-embedded/cdk-extensions.PrivateDnsNamespace">PrivateDnsNamespace</a>, <a href="#@btc-embedded/cdk-extensions.IPrivateDnsNamespace">IPrivateDnsNamespace</a>
 
+Public interface for the private DNS namespace platform component.
+
 
 #### Properties <a name="Properties" id="Properties"></a>