@pgarbe/cdk-ecr-sync 0.5.22 → 0.5.26

package/node_modules/aws-sdk/clients/fis.d.ts

@@ -12,11 +12,11 @@ declare class Fis extends Service {
   constructor(options?: Fis.Types.ClientConfiguration)
   config: Config & Fis.Types.ClientConfiguration;
   /**
-   * Creates an experiment template.  To create a template, specify the following information:     Targets: A target can be a specific resource in your AWS environment, or one or more resources that match criteria that you specify, for example, resources that have specific tags.    Actions: The actions to carry out on the target. You can specify multiple actions, the duration of each action, and when to start each action during an experiment.    Stop conditions: If a stop condition is triggered while an experiment is running, the experiment is automatically stopped. You can define a stop condition as a CloudWatch alarm.   For more information, see the AWS Fault Injection Simulator User Guide.
+   * Creates an experiment template.  An experiment template includes the following components:    Targets: A target can be a specific resource in your Amazon Web Services environment, or one or more resources that match criteria that you specify, for example, resources that have specific tags.    Actions: The actions to carry out on the target. You can specify multiple actions, the duration of each action, and when to start each action during an experiment.    Stop conditions: If a stop condition is triggered while an experiment is running, the experiment is automatically stopped. You can define a stop condition as a CloudWatch alarm.   For more information, see Experiment templates in the Fault Injection Simulator User Guide.
    */
   createExperimentTemplate(params: Fis.Types.CreateExperimentTemplateRequest, callback?: (err: AWSError, data: Fis.Types.CreateExperimentTemplateResponse) => void): Request<Fis.Types.CreateExperimentTemplateResponse, AWSError>;
   /**
-   * Creates an experiment template.  To create a template, specify the following information:     Targets: A target can be a specific resource in your AWS environment, or one or more resources that match criteria that you specify, for example, resources that have specific tags.    Actions: The actions to carry out on the target. You can specify multiple actions, the duration of each action, and when to start each action during an experiment.    Stop conditions: If a stop condition is triggered while an experiment is running, the experiment is automatically stopped. You can define a stop condition as a CloudWatch alarm.   For more information, see the AWS Fault Injection Simulator User Guide.
+   * Creates an experiment template.  An experiment template includes the following components:    Targets: A target can be a specific resource in your Amazon Web Services environment, or one or more resources that match criteria that you specify, for example, resources that have specific tags.    Actions: The actions to carry out on the target. You can specify multiple actions, the duration of each action, and when to start each action during an experiment.    Stop conditions: If a stop condition is triggered while an experiment is running, the experiment is automatically stopped. You can define a stop condition as a CloudWatch alarm.   For more information, see Experiment templates in the Fault Injection Simulator User Guide.
    */
   createExperimentTemplate(callback?: (err: AWSError, data: Fis.Types.CreateExperimentTemplateResponse) => void): Request<Fis.Types.CreateExperimentTemplateResponse, AWSError>;
   /**
@@ -28,11 +28,11 @@ declare class Fis extends Service {
    */
   deleteExperimentTemplate(callback?: (err: AWSError, data: Fis.Types.DeleteExperimentTemplateResponse) => void): Request<Fis.Types.DeleteExperimentTemplateResponse, AWSError>;
   /**
-   * Gets information about the specified AWS FIS action.
+   * Gets information about the specified FIS action.
    */
   getAction(params: Fis.Types.GetActionRequest, callback?: (err: AWSError, data: Fis.Types.GetActionResponse) => void): Request<Fis.Types.GetActionResponse, AWSError>;
   /**
-   * Gets information about the specified AWS FIS action.
+   * Gets information about the specified FIS action.
    */
   getAction(callback?: (err: AWSError, data: Fis.Types.GetActionResponse) => void): Request<Fis.Types.GetActionResponse, AWSError>;
   /**
@@ -52,11 +52,19 @@ declare class Fis extends Service {
    */
   getExperimentTemplate(callback?: (err: AWSError, data: Fis.Types.GetExperimentTemplateResponse) => void): Request<Fis.Types.GetExperimentTemplateResponse, AWSError>;
   /**
-   * Lists the available AWS FIS actions.
+   * Gets information about the specified resource type.
+   */
+  getTargetResourceType(params: Fis.Types.GetTargetResourceTypeRequest, callback?: (err: AWSError, data: Fis.Types.GetTargetResourceTypeResponse) => void): Request<Fis.Types.GetTargetResourceTypeResponse, AWSError>;
+  /**
+   * Gets information about the specified resource type.
+   */
+  getTargetResourceType(callback?: (err: AWSError, data: Fis.Types.GetTargetResourceTypeResponse) => void): Request<Fis.Types.GetTargetResourceTypeResponse, AWSError>;
+  /**
+   * Lists the available FIS actions.
    */
   listActions(params: Fis.Types.ListActionsRequest, callback?: (err: AWSError, data: Fis.Types.ListActionsResponse) => void): Request<Fis.Types.ListActionsResponse, AWSError>;
   /**
-   * Lists the available AWS FIS actions.
+   * Lists the available FIS actions.
    */
   listActions(callback?: (err: AWSError, data: Fis.Types.ListActionsResponse) => void): Request<Fis.Types.ListActionsResponse, AWSError>;
   /**
@@ -83,6 +91,14 @@ declare class Fis extends Service {
    * Lists the tags for the specified resource.
    */
   listTagsForResource(callback?: (err: AWSError, data: Fis.Types.ListTagsForResourceResponse) => void): Request<Fis.Types.ListTagsForResourceResponse, AWSError>;
+  /**
+   * Lists the target resource types.
+   */
+  listTargetResourceTypes(params: Fis.Types.ListTargetResourceTypesRequest, callback?: (err: AWSError, data: Fis.Types.ListTargetResourceTypesResponse) => void): Request<Fis.Types.ListTargetResourceTypesResponse, AWSError>;
+  /**
+   * Lists the target resource types.
+   */
+  listTargetResourceTypes(callback?: (err: AWSError, data: Fis.Types.ListTargetResourceTypesResponse) => void): Request<Fis.Types.ListTargetResourceTypesResponse, AWSError>;
   /**
    * Starts running an experiment from the specified experiment template.
    */
@@ -186,14 +202,14 @@ declare namespace Fis {
     /**
      * The resource type of the target.
      */
-    resourceType?: TargetResourceType;
+    resourceType?: TargetResourceTypeId;
   }
   export type ActionTargetMap = {[key: string]: ActionTarget};
   export type ActionTargetName = string;
   export type ClientToken = string;
   export interface CreateExperimentTemplateActionInput {
     /**
-     * The ID of the action.
+     * The ID of the action. The format of the action ID is: aws:service-name:action-type.
      */
     actionId: ActionId;
     /**
@@ -220,7 +236,7 @@ declare namespace Fis {
      */
     clientToken: ClientToken;
     /**
-     * A description for the experiment template. Can contain up to 64 letters (A-Z and a-z).
+     * A description for the experiment template.
      */
     description: ExperimentTemplateDescription;
     /**
@@ -236,7 +252,7 @@ declare namespace Fis {
      */
     actions: CreateExperimentTemplateActionInputMap;
     /**
-     * The Amazon Resource Name (ARN) of an IAM role that grants the AWS FIS service permission to perform service actions on your behalf.
+     * The Amazon Resource Name (ARN) of an IAM role that grants the FIS service permission to perform service actions on your behalf.
      */
     roleArn: RoleArn;
     /**
@@ -263,9 +279,9 @@ declare namespace Fis {
   export type CreateExperimentTemplateStopConditionInputList = CreateExperimentTemplateStopConditionInput[];
   export interface CreateExperimentTemplateTargetInput {
     /**
-     * The AWS resource type. The resource type must be supported for the specified action.
+     * The resource type. The resource type must be supported for the specified action.
      */
-    resourceType: ResourceType;
+    resourceType: TargetResourceTypeId;
     /**
      * The Amazon Resource Names (ARNs) of the resources.
      */
@@ -282,6 +298,10 @@ declare namespace Fis {
      * Scopes the identified resources to a specific count of the resources at random, or a percentage of the resources. All identified resources are included in the target.   ALL - Run the action on all identified targets. This is the default.   COUNT(n) - Run the action on the specified number of targets, chosen from the identified targets at random. For example, COUNT(1) selects one of the targets.   PERCENT(n) - Run the action on the specified percentage of targets, chosen from the identified targets at random. For example, PERCENT(25) selects 25% of the targets.  
      */
     selectionMode: ExperimentTemplateTargetSelectionMode;
+    /**
+     * The resource type parameters.
+     */
+    parameters?: ExperimentTemplateTargetParameterMap;
   }
   export type CreateExperimentTemplateTargetInputMap = {[key: string]: CreateExperimentTemplateTargetInput};
   export type CreationTime = Date;
@@ -307,7 +327,7 @@ declare namespace Fis {
      */
     experimentTemplateId?: ExperimentTemplateId;
     /**
-     * The Amazon Resource Name (ARN) of an IAM role that grants the AWS FIS service permission to perform service actions on your behalf.
+     * The Amazon Resource Name (ARN) of an IAM role that grants the FIS service permission to perform service actions on your behalf.
      */
     roleArn?: RoleArn;
     /**
@@ -327,11 +347,11 @@ declare namespace Fis {
      */
     stopConditions?: ExperimentStopConditionList;
     /**
-     * The time the experiment was created.
+     * The time that the experiment was created.
      */
     creationTime?: CreationTime;
     /**
-     * The time that the experiment was started.
+     * The time that the experiment started.
      */
     startTime?: ExperimentStartTime;
     /**
@@ -368,8 +388,17 @@ declare namespace Fis {
      * The state of the action.
      */
     state?: ExperimentActionState;
+    /**
+     * The time that the action started.
+     */
+    startTime?: ExperimentActionStartTime;
+    /**
+     * The time that the action ended.
+     */
+    endTime?: ExperimentActionEndTime;
   }
   export type ExperimentActionDescription = string;
+  export type ExperimentActionEndTime = Date;
   export type ExperimentActionMap = {[key: string]: ExperimentAction};
   export type ExperimentActionName = string;
   export type ExperimentActionParameter = string;
@@ -377,6 +406,7 @@ declare namespace Fis {
   export type ExperimentActionParameterName = string;
   export type ExperimentActionStartAfter = string;
   export type ExperimentActionStartAfterList = ExperimentActionStartAfter[];
+  export type ExperimentActionStartTime = Date;
   export interface ExperimentActionState {
     /**
      * The state of the action.
@@ -444,7 +474,7 @@ declare namespace Fis {
     /**
      * The resource type.
      */
-    resourceType?: ResourceType;
+    resourceType?: TargetResourceTypeId;
     /**
      * The Amazon Resource Names (ARNs) of the resources.
      */
@@ -461,6 +491,10 @@ declare namespace Fis {
      * Scopes the identified resources to a specific count or percentage.
      */
     selectionMode?: ExperimentTargetSelectionMode;
+    /**
+     * The resource type parameters.
+     */
+    parameters?: ExperimentTargetParameterMap;
   }
   export interface ExperimentTargetFilter {
     /**
@@ -478,6 +512,9 @@ declare namespace Fis {
   export type ExperimentTargetFilterValues = ExperimentTargetFilterValue[];
   export type ExperimentTargetMap = {[key: string]: ExperimentTarget};
   export type ExperimentTargetName = string;
+  export type ExperimentTargetParameterMap = {[key: string]: ExperimentTargetParameterValue};
+  export type ExperimentTargetParameterName = string;
+  export type ExperimentTargetParameterValue = string;
   export type ExperimentTargetSelectionMode = string;
   export interface ExperimentTemplate {
     /**
@@ -589,7 +626,7 @@ declare namespace Fis {
     /**
      * The resource type.
      */
-    resourceType?: ResourceType;
+    resourceType?: TargetResourceTypeId;
     /**
      * The Amazon Resource Names (ARNs) of the targets.
      */
@@ -606,6 +643,10 @@ declare namespace Fis {
      * Scopes the identified resources to a specific count or percentage.
      */
     selectionMode?: ExperimentTemplateTargetSelectionMode;
+    /**
+     * The resource type parameters.
+     */
+    parameters?: ExperimentTemplateTargetParameterMap;
   }
   export interface ExperimentTemplateTargetFilter {
     /**
@@ -634,6 +675,9 @@ declare namespace Fis {
   }
   export type ExperimentTemplateTargetMap = {[key: string]: ExperimentTemplateTarget};
   export type ExperimentTemplateTargetName = string;
+  export type ExperimentTemplateTargetParameterMap = {[key: string]: ExperimentTemplateTargetParameterValue};
+  export type ExperimentTemplateTargetParameterName = string;
+  export type ExperimentTemplateTargetParameterValue = string;
   export type ExperimentTemplateTargetSelectionMode = string;
   export interface GetActionRequest {
     /**
@@ -671,6 +715,18 @@ declare namespace Fis {
      */
     experimentTemplate?: ExperimentTemplate;
   }
+  export interface GetTargetResourceTypeRequest {
+    /**
+     * The resource type.
+     */
+    resourceType: TargetResourceTypeId;
+  }
+  export interface GetTargetResourceTypeResponse {
+    /**
+     * Information about the resource type.
+     */
+    targetResourceType?: TargetResourceType;
+  }
   export type LastUpdateTime = Date;
   export type ListActionsMaxResults = number;
   export interface ListActionsRequest {
@@ -747,10 +803,30 @@ declare namespace Fis {
      */
     tags?: TagMap;
   }
+  export type ListTargetResourceTypesMaxResults = number;
+  export interface ListTargetResourceTypesRequest {
+    /**
+     * The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned nextToken value.
+     */
+    maxResults?: ListTargetResourceTypesMaxResults;
+    /**
+     * The token for the next page of results.
+     */
+    nextToken?: NextToken;
+  }
+  export interface ListTargetResourceTypesResponse {
+    /**
+     * The target resource types.
+     */
+    targetResourceTypes?: TargetResourceTypeSummaryList;
+    /**
+     * The token to use to retrieve the next page of results. This value is null when there are no more results to return.
+     */
+    nextToken?: NextToken;
+  }
   export type NextToken = string;
   export type ResourceArn = string;
   export type ResourceArnList = ResourceArn[];
-  export type ResourceType = string;
   export type RoleArn = string;
   export interface StartExperimentRequest {
     /**
@@ -802,7 +878,47 @@ declare namespace Fis {
   export interface TagResourceResponse {
   }
   export type TagValue = string;
-  export type TargetResourceType = string;
+  export interface TargetResourceType {
+    /**
+     * The resource type.
+     */
+    resourceType?: TargetResourceTypeId;
+    /**
+     * A description of the resource type.
+     */
+    description?: TargetResourceTypeDescription;
+    /**
+     * The parameters for the resource type.
+     */
+    parameters?: TargetResourceTypeParameterMap;
+  }
+  export type TargetResourceTypeDescription = string;
+  export type TargetResourceTypeId = string;
+  export interface TargetResourceTypeParameter {
+    /**
+     * A description of the parameter.
+     */
+    description?: TargetResourceTypeParameterDescription;
+    /**
+     * Indicates whether the parameter is required.
+     */
+    required?: TargetResourceTypeParameterRequired;
+  }
+  export type TargetResourceTypeParameterDescription = string;
+  export type TargetResourceTypeParameterMap = {[key: string]: TargetResourceTypeParameter};
+  export type TargetResourceTypeParameterName = string;
+  export type TargetResourceTypeParameterRequired = boolean;
+  export interface TargetResourceTypeSummary {
+    /**
+     * The resource type.
+     */
+    resourceType?: TargetResourceTypeId;
+    /**
+     * A description of the resource type.
+     */
+    description?: TargetResourceTypeDescription;
+  }
+  export type TargetResourceTypeSummaryList = TargetResourceTypeSummary[];
   export interface UntagResourceRequest {
     /**
      * The Amazon Resource Name (ARN) of the resource.
@@ -860,7 +976,7 @@ declare namespace Fis {
      */
     actions?: UpdateExperimentTemplateActionInputMap;
     /**
-     * The Amazon Resource Name (ARN) of an IAM role that grants the AWS FIS service permission to perform service actions on your behalf.
+     * The Amazon Resource Name (ARN) of an IAM role that grants the FIS service permission to perform service actions on your behalf.
      */
     roleArn?: RoleArn;
   }
@@ -883,9 +999,9 @@ declare namespace Fis {
   export type UpdateExperimentTemplateStopConditionInputList = UpdateExperimentTemplateStopConditionInput[];
   export interface UpdateExperimentTemplateTargetInput {
     /**
-     * The AWS resource type. The resource type must be supported for the specified action.
+     * The resource type. The resource type must be supported for the specified action.
      */
-    resourceType: ResourceType;
+    resourceType: TargetResourceTypeId;
     /**
      * The Amazon Resource Names (ARNs) of the targets.
      */
@@ -902,6 +1018,10 @@ declare namespace Fis {
      * Scopes the identified resources to a specific count or percentage.
      */
     selectionMode: ExperimentTemplateTargetSelectionMode;
+    /**
+     * The resource type parameters.
+     */
+    parameters?: ExperimentTemplateTargetParameterMap;
   }
   export type UpdateExperimentTemplateTargetInputMap = {[key: string]: UpdateExperimentTemplateTargetInput};
   /**

package/node_modules/aws-sdk/clients/fms.d.ts

@@ -188,11 +188,11 @@ declare class FMS extends Service {
    */
   putNotificationChannel(callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
   /**
-   * Creates an Firewall Manager policy. Firewall Manager provides the following types of policies:    An WAF policy (type WAFV2), which defines rule groups to run first in the corresponding WAF web ACL and rule groups to run last in the web ACL.   An WAF Classic policy (type WAF), which defines a rule group.    A Shield Advanced policy, which applies Shield Advanced protection to specified accounts and resources.   A security group policy, which manages VPC security groups across your Amazon Web Services organization.    An Network Firewall policy, which provides firewall rules to filter network traffic in specified Amazon VPCs.   A DNS Firewall policy, which provides Route 53 Resolver DNS Firewall rules to filter DNS queries for specified VPCs.   Each policy is specific to one of the types. If you want to enforce more than one policy type across accounts, create multiple policies. You can create multiple policies for each type. You must be subscribed to Shield Advanced to create a Shield Advanced policy. For more information about subscribing to Shield Advanced, see CreateSubscription.
+   * Creates an Firewall Manager policy. Firewall Manager provides the following types of policies:    An WAF policy (type WAFV2), which defines rule groups to run first in the corresponding WAF web ACL and rule groups to run last in the web ACL.   An WAF Classic policy (type WAF), which defines a rule group.    A Shield Advanced policy, which applies Shield Advanced protection to specified accounts and resources.   A security group policy, which manages VPC security groups across your Amazon Web Services organization.    An Network Firewall policy, which provides firewall rules to filter network traffic in specified Amazon VPCs.   A DNS Firewall policy, which provides Route 53 Resolver DNS Firewall rules to filter DNS queries for specified VPCs.   Each policy is specific to one of the types. If you want to enforce more than one policy type across accounts, create multiple policies. You can create multiple policies for each type. You must be subscribed to Shield Advanced to create a Shield Advanced policy. For more information about subscribing to Shield Advanced, see CreateSubscription.
    */
   putPolicy(params: FMS.Types.PutPolicyRequest, callback?: (err: AWSError, data: FMS.Types.PutPolicyResponse) => void): Request<FMS.Types.PutPolicyResponse, AWSError>;
   /**
-   * Creates an Firewall Manager policy. Firewall Manager provides the following types of policies:    An WAF policy (type WAFV2), which defines rule groups to run first in the corresponding WAF web ACL and rule groups to run last in the web ACL.   An WAF Classic policy (type WAF), which defines a rule group.    A Shield Advanced policy, which applies Shield Advanced protection to specified accounts and resources.   A security group policy, which manages VPC security groups across your Amazon Web Services organization.    An Network Firewall policy, which provides firewall rules to filter network traffic in specified Amazon VPCs.   A DNS Firewall policy, which provides Route 53 Resolver DNS Firewall rules to filter DNS queries for specified VPCs.   Each policy is specific to one of the types. If you want to enforce more than one policy type across accounts, create multiple policies. You can create multiple policies for each type. You must be subscribed to Shield Advanced to create a Shield Advanced policy. For more information about subscribing to Shield Advanced, see CreateSubscription.
+   * Creates an Firewall Manager policy. Firewall Manager provides the following types of policies:    An WAF policy (type WAFV2), which defines rule groups to run first in the corresponding WAF web ACL and rule groups to run last in the web ACL.   An WAF Classic policy (type WAF), which defines a rule group.    A Shield Advanced policy, which applies Shield Advanced protection to specified accounts and resources.   A security group policy, which manages VPC security groups across your Amazon Web Services organization.    An Network Firewall policy, which provides firewall rules to filter network traffic in specified Amazon VPCs.   A DNS Firewall policy, which provides Route 53 Resolver DNS Firewall rules to filter DNS queries for specified VPCs.   Each policy is specific to one of the types. If you want to enforce more than one policy type across accounts, create multiple policies. You can create multiple policies for each type. You must be subscribed to Shield Advanced to create a Shield Advanced policy. For more information about subscribing to Shield Advanced, see CreateSubscription.
    */
   putPolicy(callback?: (err: AWSError, data: FMS.Types.PutPolicyResponse) => void): Request<FMS.Types.PutPolicyResponse, AWSError>;
   /**
@@ -1241,7 +1241,7 @@ declare namespace FMS {
      */
     SecurityServicePolicyData: SecurityServicePolicyData;
     /**
-     * The type of resource protected by or in scope of the policy. This is in the format shown in the Amazon Web Services Resource Types Reference. To apply this policy to multiple resource types, specify a resource type of ResourceTypeList and then specify the resource types in a ResourceTypeList. For WAF and Shield Advanced, example resource types include AWS::ElasticLoadBalancingV2::LoadBalancer and AWS::CloudFront::Distribution. For a security group common policy, valid values are AWS::EC2::NetworkInterface and AWS::EC2::Instance. For a security group content audit policy, valid values are AWS::EC2::SecurityGroup, AWS::EC2::NetworkInterface, and AWS::EC2::Instance. For a security group usage audit policy, the value is AWS::EC2::SecurityGroup. For an Network Firewall policy or DNS Firewall policy, the value is AWS::EC2::VPC.
+     * The type of resource protected by or in scope of the policy. This is in the format shown in the Amazon Web Services Resource Types Reference. To apply this policy to multiple resource types, specify a resource type of ResourceTypeList and then specify the resource types in a ResourceTypeList. For WAF and Shield Advanced, resource types include AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::ElasticLoadBalancing::LoadBalancer, AWS::EC2::EIP, and AWS::CloudFront::Distribution. For a security group common policy, valid values are AWS::EC2::NetworkInterface and AWS::EC2::Instance. For a security group content audit policy, valid values are AWS::EC2::SecurityGroup, AWS::EC2::NetworkInterface, and AWS::EC2::Instance. For a security group usage audit policy, the value is AWS::EC2::SecurityGroup. For an Network Firewall policy or DNS Firewall policy, the value is AWS::EC2::VPC.
      */
     ResourceType: ResourceType;
     /**
@@ -1261,7 +1261,7 @@ declare namespace FMS {
      */
     RemediationEnabled: Boolean;
     /**
-     * Indicates whether Firewall Manager should delete Firewall Manager managed resources, such as web ACLs and security groups, when they are not in use by the Firewall Manager policy. By default, Firewall Manager doesn't delete unused Firewall Manager managed resources. This option is not available for Shield Advanced or WAF Classic policies.
+     * Indicates whether Firewall Manager should automatically remove protections from resources that leave the policy scope and clean up resources that Firewall Manager is managing for accounts when those accounts leave policy scope. For example, Firewall Manager will disassociate a Firewall Manager managed web ACL from a protected customer resource when the customer resource leaves policy scope.  By default, Firewall Manager doesn't remove protections or delete Firewall Manager managed resources.  This option is not available for Shield Advanced or WAF Classic policies.
      */
     DeleteUnusedFMManagedResources?: Boolean;
     /**
@@ -1362,7 +1362,7 @@ declare namespace FMS {
      */
     RemediationEnabled?: Boolean;
     /**
-     * Indicates whether Firewall Manager should delete Firewall Manager managed resources, such as web ACLs and security groups, when they are not in use by the Firewall Manager policy. By default, Firewall Manager doesn't delete unused Firewall Manager managed resources. This option is not available for Shield Advanced or WAF Classic policies.
+     * Indicates whether Firewall Manager should automatically remove protections from resources that leave the policy scope and clean up resources that Firewall Manager is managing for accounts when those accounts leave policy scope. For example, Firewall Manager will disassociate a Firewall Manager managed web ACL from a protected customer resource when the customer resource leaves policy scope.  By default, Firewall Manager doesn't remove protections or delete Firewall Manager managed resources.  This option is not available for Shield Advanced or WAF Classic policies.
      */
     DeleteUnusedFMManagedResources?: Boolean;
   }
@@ -1723,7 +1723,7 @@ declare namespace FMS {
      */
     Type: SecurityServiceType;
     /**
-     * Details about the service that are specific to the service type, in JSON format. For service type SHIELD_ADVANCED, this is an empty string.   Example: DNS_FIREWALL   "{\"type\":\"DNS_FIREWALL\",\"preProcessRuleGroups\":[{\"ruleGroupId\":\"rslvr-frg-1\",\"priority\":10}],\"postProcessRuleGroups\":[{\"ruleGroupId\":\"rslvr-frg-2\",\"priority\":9911}]}"   Valid values for preProcessRuleGroups are between 1 and 99. Valid values for postProcessRuleGroups are between 9901 and 10000.    Example: NETWORK_FIREWALL   "{\"type\":\"NETWORK_FIREWALL\",\"networkFirewallStatelessRuleGroupReferences\":[{\"resourceARN\":\"arn:aws:network-firewall:us-west-1:1234567891011:stateless-rulegroup/rulegroup2\",\"priority\":10}],\"networkFirewallStatelessDefaultActions\":[\"aws:pass\",\"custom1\"],\"networkFirewallStatelessFragmentDefaultActions\":[\"custom2\",\"aws:pass\"],\"networkFirewallStatelessCustomActions\":[{\"actionName\":\"custom1\",\"actionDefinition\":{\"publishMetricAction\":{\"dimensions\":[{\"value\":\"dimension1\"}]}}},{\"actionName\":\"custom2\",\"actionDefinition\":{\"publishMetricAction\":{\"dimensions\":[{\"value\":\"dimension2\"}]}}}],\"networkFirewallStatefulRuleGroupReferences\":[{\"resourceARN\":\"arn:aws:network-firewall:us-west-1:1234567891011:stateful-rulegroup/rulegroup1\"}],\"networkFirewallOrchestrationConfig\":{\"singleFirewallEndpointPerVPC\":true,\"allowedIPV4CidrList\":[\"10.24.34.0/28\"]} }"    Example: WAFV2   "{\"type\":\"WAFV2\",\"preProcessRuleGroups\":[{\"ruleGroupArn\":null,\"overrideAction\":{\"type\":\"NONE\"},\"managedRuleGroupIdentifier\":{\"version\":null,\"vendorName\":\"AWS\",\"managedRuleGroupName\":\"AWSManagedRulesAmazonIpReputationList\"},\"ruleGroupType\":\"ManagedRuleGroup\",\"excludeRules\":[{\"name\":\"NoUserAgent_HEADER\"}]}],\"postProcessRuleGroups\":[],\"defaultAction\":{\"type\":\"ALLOW\"},\"overrideCustomerWebACLAssociation\":false,\"loggingConfiguration\":{\"logDestinationConfigs\":[\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\"],\"redactedFields\":[{\"redactedFieldType\":\"SingleHeader\",\"redactedFieldValue\":\"Cookies\"},{\"redactedFieldType\":\"Method\"}]}}"  In the loggingConfiguration, you can specify one logDestinationConfigs, you can optionally provide up to 20 redactedFields, and the RedactedFieldType must be one of URI, QUERY_STRING, HEADER, or METHOD.   Example: WAF Classic   "{\"type\": \"WAF\", \"ruleGroups\": [{\"id\":\"12345678-1bcd-9012-efga-0987654321ab\", \"overrideAction\" : {\"type\": \"COUNT\"}}], \"defaultAction\": {\"type\": \"BLOCK\"}}"    Example: SECURITY_GROUPS_COMMON   "{\"type\":\"SECURITY_GROUPS_COMMON\",\"revertManualSecurityGroupChanges\":false,\"exclusiveResourceSecurityGroupManagement\":false, \"applyToAllEC2InstanceENIs\":false,\"securityGroups\":[{\"id\":\" sg-000e55995d61a06bd\"}]}"    Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns   "{\"type\":\"SECURITY_GROUPS_COMMON\",\"revertManualSecurityGroupChanges\":false,\"exclusiveResourceSecurityGroupManagement\":false, \"applyToAllEC2InstanceENIs\":false,\"includeSharedVPC\":true,\"securityGroups\":[{\"id\":\" sg-000e55995d61a06bd\"}]}"    Example: SECURITY_GROUPS_CONTENT_AUDIT   "{\"type\":\"SECURITY_GROUPS_CONTENT_AUDIT\",\"securityGroups\":[{\"id\":\"sg-000e55995d61a06bd\"}],\"securityGroupAction\":{\"type\":\"ALLOW\"}}"  The security group action for content audit can be ALLOW or DENY. For ALLOW, all in-scope security group rules must be within the allowed range of the policy's security group rules. For DENY, all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.   Example: SECURITY_GROUPS_USAGE_AUDIT   "{\"type\":\"SECURITY_GROUPS_USAGE_AUDIT\",\"deleteUnusedSecurityGroups\":true,\"coalesceRedundantSecurityGroups\":true}"   
+     * Details about the service that are specific to the service type, in JSON format.    Example: DNS_FIREWALL   "{\"type\":\"DNS_FIREWALL\",\"preProcessRuleGroups\":[{\"ruleGroupId\":\"rslvr-frg-1\",\"priority\":10}],\"postProcessRuleGroups\":[{\"ruleGroupId\":\"rslvr-frg-2\",\"priority\":9911}]}"   Valid values for preProcessRuleGroups are between 1 and 99. Valid values for postProcessRuleGroups are between 9901 and 10000.    Example: NETWORK_FIREWALL   "{\"type\":\"NETWORK_FIREWALL\",\"networkFirewallStatelessRuleGroupReferences\":[{\"resourceARN\":\"arn:aws:network-firewall:us-west-1:1234567891011:stateless-rulegroup/rulegroup2\",\"priority\":10}],\"networkFirewallStatelessDefaultActions\":[\"aws:pass\",\"custom1\"],\"networkFirewallStatelessFragmentDefaultActions\":[\"custom2\",\"aws:pass\"],\"networkFirewallStatelessCustomActions\":[{\"actionName\":\"custom1\",\"actionDefinition\":{\"publishMetricAction\":{\"dimensions\":[{\"value\":\"dimension1\"}]}}},{\"actionName\":\"custom2\",\"actionDefinition\":{\"publishMetricAction\":{\"dimensions\":[{\"value\":\"dimension2\"}]}}}],\"networkFirewallStatefulRuleGroupReferences\":[{\"resourceARN\":\"arn:aws:network-firewall:us-west-1:1234567891011:stateful-rulegroup/rulegroup1\"}],\"networkFirewallOrchestrationConfig\":{\"singleFirewallEndpointPerVPC\":true,\"allowedIPV4CidrList\":[\"10.24.34.0/28\"]} }"    Specification for SHIELD_ADVANCED for Amazon CloudFront distributions   "{\"type\":\"SHIELD_ADVANCED\",\"automaticResponseConfiguration\": {\"automaticResponseStatus\":\"ENABLED|IGNORED|DISABLED\", \"automaticResponseAction\":\"BLOCK|COUNT\"}, \"overrideCustomerWebaclClassic\":true|false}"  For example: "{\"type\":\"SHIELD_ADVANCED\",\"automaticResponseConfiguration\": {\"automaticResponseStatus\":\"ENABLED\", \"automaticResponseAction\":\"COUNT\"}}"  The default value for automaticResponseStatus is IGNORED. The value for automaticResponseAction is only required when automaticResponseStatus is set to ENABLED. The default value for overrideCustomerWebaclClassic is false. For other resource types that you can protect with a Shield Advanced policy, this ManagedServiceData configuration is an empty string.   Example: WAFV2   "{\"type\":\"WAFV2\",\"preProcessRuleGroups\":[{\"ruleGroupArn\":null,\"overrideAction\":{\"type\":\"NONE\"},\"managedRuleGroupIdentifier\":{\"version\":null,\"vendorName\":\"AWS\",\"managedRuleGroupName\":\"AWSManagedRulesAmazonIpReputationList\"},\"ruleGroupType\":\"ManagedRuleGroup\",\"excludeRules\":[{\"name\":\"NoUserAgent_HEADER\"}]}],\"postProcessRuleGroups\":[],\"defaultAction\":{\"type\":\"ALLOW\"},\"overrideCustomerWebACLAssociation\":false,\"loggingConfiguration\":{\"logDestinationConfigs\":[\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\"],\"redactedFields\":[{\"redactedFieldType\":\"SingleHeader\",\"redactedFieldValue\":\"Cookies\"},{\"redactedFieldType\":\"Method\"}]}}"  In the loggingConfiguration, you can specify one logDestinationConfigs, you can optionally provide up to 20 redactedFields, and the RedactedFieldType must be one of URI, QUERY_STRING, HEADER, or METHOD.   Example: WAF Classic   "{\"type\": \"WAF\", \"ruleGroups\": [{\"id\":\"12345678-1bcd-9012-efga-0987654321ab\", \"overrideAction\" : {\"type\": \"COUNT\"}}], \"defaultAction\": {\"type\": \"BLOCK\"}}"    Example: SECURITY_GROUPS_COMMON   "{\"type\":\"SECURITY_GROUPS_COMMON\",\"revertManualSecurityGroupChanges\":false,\"exclusiveResourceSecurityGroupManagement\":false, \"applyToAllEC2InstanceENIs\":false,\"securityGroups\":[{\"id\":\" sg-000e55995d61a06bd\"}]}"    Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns   "{\"type\":\"SECURITY_GROUPS_COMMON\",\"revertManualSecurityGroupChanges\":false,\"exclusiveResourceSecurityGroupManagement\":false, \"applyToAllEC2InstanceENIs\":false,\"includeSharedVPC\":true,\"securityGroups\":[{\"id\":\" sg-000e55995d61a06bd\"}]}"    Example: SECURITY_GROUPS_CONTENT_AUDIT   "{\"type\":\"SECURITY_GROUPS_CONTENT_AUDIT\",\"securityGroups\":[{\"id\":\"sg-000e55995d61a06bd\"}],\"securityGroupAction\":{\"type\":\"ALLOW\"}}"  The security group action for content audit can be ALLOW or DENY. For ALLOW, all in-scope security group rules must be within the allowed range of the policy's security group rules. For DENY, all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.   Example: SECURITY_GROUPS_USAGE_AUDIT   "{\"type\":\"SECURITY_GROUPS_USAGE_AUDIT\",\"deleteUnusedSecurityGroups\":true,\"coalesceRedundantSecurityGroups\":true}"   
      */
     ManagedServiceData?: ManagedServiceData;
   }