@propulsionworks/cloudformation 0.1.10 → 0.1.12

package/out/exports/resources.generated/aws-datasync-locationazureblob.d.ts

@@ -1,22 +1,24 @@
 import type { ResourceDefinitionWithAttributes, Tag } from "../main.ts";
 /**
- * Creates a transfer *location* for a Microsoft Azure Blob Storage container. AWS DataSync can use this location as a transfer source or destination.
+ * Creates a transfer *location* for a Microsoft Azure Blob Storage container. AWS DataSync can use this location as a transfer source or destination. You can make transfers with or without a [DataSync agent](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-creating-agent) that connects to your container.
  *
- * Before you begin, make sure you know [how DataSync accesses Azure Blob Storage](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access) and works with [access tiers](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access-tiers) and [blob types](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#blob-types) . You also need a [DataSync agent](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-creating-agent) that can connect to your container.
+ * Before you begin, make sure you know [how DataSync accesses Azure Blob Storage](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access) and works with [access tiers](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access-tiers) and [blob types](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#blob-types) .
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationazureblob.html}
  */
 export type DataSyncLocationAzureBlob = ResourceDefinitionWithAttributes<"AWS::DataSync::LocationAzureBlob", DataSyncLocationAzureBlobProps, DataSyncLocationAzureBlobAttribs>;
 /**
- * Creates a transfer *location* for a Microsoft Azure Blob Storage container. AWS DataSync can use this location as a transfer source or destination.
+ * Creates a transfer *location* for a Microsoft Azure Blob Storage container. AWS DataSync can use this location as a transfer source or destination. You can make transfers with or without a [DataSync agent](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-creating-agent) that connects to your container.
  *
- * Before you begin, make sure you know [how DataSync accesses Azure Blob Storage](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access) and works with [access tiers](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access-tiers) and [blob types](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#blob-types) . You also need a [DataSync agent](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-creating-agent) that can connect to your container.
+ * Before you begin, make sure you know [how DataSync accesses Azure Blob Storage](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access) and works with [access tiers](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access-tiers) and [blob types](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#blob-types) .
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationazureblob.html}
  */
 export type DataSyncLocationAzureBlobProps = {
     /**
-     * Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect with your Azure Blob Storage container.
+     * (Optional) Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect with your Azure Blob Storage container. If you are setting up an agentless cross-cloud transfer, you do not need to specify a value for this parameter.
      *
      * You can specify more than one agent. For more information, see [Using multiple agents for your transfer](https://docs.aws.amazon.com/datasync/latest/userguide/multiple-agents.html) .
+     *
+     * > Make sure you configure this parameter correctly when you first create your storage location. You cannot add or remove agents from a storage location after you create it.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationazureblob.html#cfn-datasync-locationazureblob-agentarns}
      */
     AgentArns?: string[] | undefined;
@@ -41,6 +43,8 @@ export type DataSyncLocationAzureBlobProps = {
     AzureBlobContainerUrl?: string | undefined;
     /**
      * Specifies the SAS configuration that allows DataSync to access your Azure Blob Storage.
+     *
+     * > If you provide an authentication token using `SasConfiguration` , but do not provide secret configuration details using `CmkSecretConfig` or `CustomSecretConfig` , then DataSync stores the token using your AWS account's secrets manager secret.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationazureblob.html#cfn-datasync-locationazureblob-azureblobsasconfiguration}
      */
     AzureBlobSasConfiguration?: AzureBlobSasConfiguration | undefined;
@@ -51,12 +55,16 @@ export type DataSyncLocationAzureBlobProps = {
      */
     AzureBlobType?: "BLOCK" | undefined;
     /**
-     * Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed AWS KMS key.
+     * Specifies configuration information for a DataSync-managed secret, such as an authentication token or secret key that DataSync uses to access a specific storage location, with a customer-managed AWS KMS key .
+     *
+     * > You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationazureblob.html#cfn-datasync-locationazureblob-cmksecretconfig}
      */
     CmkSecretConfig?: CmkSecretConfig | undefined;
     /**
-     * Specifies configuration information for a customer-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and an IAM role that DataSync can assume and access the customer-managed secret.
+     * Specifies configuration information for a customer-managed Secrets Manager secret where a storage location authentication token or secret key is stored in plain text. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret.
+     *
+     * > You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationazureblob.html#cfn-datasync-locationazureblob-customsecretconfig}
      */
     CustomSecretConfig?: CustomSecretConfig | undefined;
@@ -78,7 +86,7 @@ export type DataSyncLocationAzureBlobProps = {
  */
 export type DataSyncLocationAzureBlobAttribs = {
     /**
-     * Specifies the ARN for an AWS Secrets Manager secret, managed by DataSync.
+     * Specifies the ARN for the DataSync-managed AWS Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for `KmsKeyArn` .
      * @maxLength 2048
      * @pattern ^(arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):secretsmanager:[a-z-0-9]+:[0-9]{12}:secret:.*|)$
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationazureblob-cmksecretconfig.html#cfn-datasync-locationazureblob-cmksecretconfig-secretarn}
@@ -120,12 +128,14 @@ export type AzureBlobSasConfiguration = {
     AzureBlobSasToken: string;
 };
 /**
- * Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed AWS KMS key.
+ * Specifies configuration information for a DataSync-managed secret, such as an authentication token or secret key that DataSync uses to access a specific storage location, with a customer-managed AWS KMS key .
+ *
+ * > You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationazureblob-cmksecretconfig.html}
  */
 export type CmkSecretConfig = {
     /**
-     * Specifies the ARN for the customer-managed AWS KMS key used to encrypt the secret specified for SecretArn. DataSync provides this key to AWS Secrets Manager.
+     * Specifies the ARN for the customer-managed AWS KMS key that DataSync uses to encrypt the DataSync-managed secret stored for `SecretArn` . DataSync provides this key to AWS Secrets Manager .
      * @maxLength 2048
      * @pattern ^(arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):kms:[a-z-0-9]+:[0-9]{12}:key/.*|)$
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationazureblob-cmksecretconfig.html#cfn-datasync-locationazureblob-cmksecretconfig-kmskeyarn}
@@ -133,19 +143,21 @@ export type CmkSecretConfig = {
     KmsKeyArn?: string | undefined;
 };
 /**
- * Specifies configuration information for a customer-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and an IAM role that DataSync can assume and access the customer-managed secret.
+ * Specifies configuration information for a customer-managed Secrets Manager secret where a storage location authentication token or secret key is stored in plain text. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret.
+ *
+ * > You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationazureblob-customsecretconfig.html}
  */
 export type CustomSecretConfig = {
     /**
-     * Specifies the ARN for the AWS Identity and Access Management role that DataSync uses to access the secret specified for SecretArn.
+     * Specifies the ARN for the AWS Identity and Access Management role that DataSync uses to access the secret specified for `SecretArn` .
      * @maxLength 2048
      * @pattern ^(arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):iam::[0-9]{12}:role/.*|)$
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationazureblob-customsecretconfig.html#cfn-datasync-locationazureblob-customsecretconfig-secretaccessrolearn}
      */
     SecretAccessRoleArn: string;
     /**
-     * Specifies the ARN for a customer created AWS Secrets Manager secret.
+     * Specifies the ARN for an AWS Secrets Manager secret.
      * @maxLength 2048
      * @pattern ^(arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):secretsmanager:[a-z-0-9]+:[0-9]{12}:secret:.*|)$
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationazureblob-customsecretconfig.html#cfn-datasync-locationazureblob-customsecretconfig-secretarn}

package/out/exports/resources.generated/aws-datasync-locationobjectstorage.d.ts

@@ -18,7 +18,9 @@ export type DataSyncLocationObjectStorageProps = {
      */
     AccessKey?: string | undefined;
     /**
-     * Specifies the Amazon Resource Names (ARNs) of the DataSync agents that can connect with your object storage system.
+     * (Optional) Specifies the Amazon Resource Names (ARNs) of the DataSync agents that can connect with your object storage system. If you are setting up an agentless cross-cloud transfer, you do not need to specify a value for this parameter.
+     *
+     * > Make sure you configure this parameter correctly when you first create your storage location. You cannot add or remove agents from a storage location after you create it.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationobjectstorage.html#cfn-datasync-locationobjectstorage-agentarns}
      */
     AgentArns?: string[] | undefined;
@@ -31,17 +33,27 @@ export type DataSyncLocationObjectStorageProps = {
      */
     BucketName?: string | undefined;
     /**
-     * Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed AWS KMS key.
+     * Specifies configuration information for a DataSync-managed secret, which includes the `SecretKey` that DataSync uses to access a specific object storage location, with a customer-managed AWS KMS key .
+     *
+     * When you include this paramater as part of a `CreateLocationObjectStorage` request, you provide only the KMS key ARN. DataSync uses this KMS key together with the value you specify for the `SecretKey` parameter to create a DataSync-managed secret to store the location access credentials.
+     *
+     * Make sure the DataSync has permission to access the KMS key that you specify.
+     *
+     * > You can use either `CmkSecretConfig` (with `SecretKey` ) or `CustomSecretConfig` (without `SecretKey` ) to provide credentials for a `CreateLocationObjectStorage` request. Do not provide both parameters for the same request.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationobjectstorage.html#cfn-datasync-locationobjectstorage-cmksecretconfig}
      */
     CmkSecretConfig?: CmkSecretConfig | undefined;
     /**
-     * Specifies configuration information for a customer-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and an IAM role that DataSync can assume and access the customer-managed secret.
+     * Specifies configuration information for a customer-managed Secrets Manager secret where the secret key for a specific object storage location is stored in plain text. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret.
+     *
+     * > You can use either `CmkSecretConfig` (with `SecretKey` ) or `CustomSecretConfig` (without `SecretKey` ) to provide credentials for a `CreateLocationObjectStorage` request. Do not provide both parameters for the same request.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationobjectstorage.html#cfn-datasync-locationobjectstorage-customsecretconfig}
      */
     CustomSecretConfig?: CustomSecretConfig | undefined;
     /**
      * Specifies the secret key (for example, a password) if credentials are required to authenticate with the object storage server.
+     *
+     * > If you provide a secret using `SecretKey` , but do not provide secret configuration details using `CmkSecretConfig` or `CustomSecretConfig` , then DataSync stores the token using your AWS account's Secrets Manager secret.
      * @minLength 8
      * @maxLength 200
      * @pattern ^.+$
@@ -81,7 +93,7 @@ export type DataSyncLocationObjectStorageProps = {
      */
     ServerPort?: number | undefined;
     /**
-     * Specifies the protocol that your object storage server uses to communicate.
+     * Specifies the protocol that your object storage server uses to communicate. If not specified, the default value is `HTTPS` .
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationobjectstorage.html#cfn-datasync-locationobjectstorage-serverprotocol}
      */
     ServerProtocol?: "HTTPS" | "HTTP" | undefined;
@@ -103,7 +115,7 @@ export type DataSyncLocationObjectStorageProps = {
  */
 export type DataSyncLocationObjectStorageAttribs = {
     /**
-     * Specifies the ARN for an AWS Secrets Manager secret, managed by DataSync.
+     * Specifies the ARN for the DataSync-managed AWS Secrets Manager secret that that is used to access a specific storage location. This property is generated by DataSync and is read-only. DataSync encrypts this secret with the KMS key that you specify for `KmsKeyArn` .
      * @maxLength 2048
      * @pattern ^(arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):secretsmanager:[a-z-0-9]+:[0-9]{12}:secret:.*|)$
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationobjectstorage-cmksecretconfig.html#cfn-datasync-locationobjectstorage-cmksecretconfig-secretarn}
@@ -125,12 +137,14 @@ export type DataSyncLocationObjectStorageAttribs = {
     LocationUri: string;
 };
 /**
- * Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed AWS KMS key.
+ * Specifies configuration information for a DataSync-managed secret, such as an authentication token or secret key that DataSync uses to access a specific storage location, with a customer-managed AWS KMS key .
+ *
+ * > You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationobjectstorage-cmksecretconfig.html}
  */
 export type CmkSecretConfig = {
     /**
-     * Specifies the ARN for the customer-managed AWS KMS key used to encrypt the secret specified for SecretArn. DataSync provides this key to AWS Secrets Manager.
+     * Specifies the ARN for the customer-managed AWS KMS key that DataSync uses to encrypt the DataSync-managed secret stored for `SecretArn` . DataSync provides this key to AWS Secrets Manager .
      * @maxLength 2048
      * @pattern ^(arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):kms:[a-z-0-9]+:[0-9]{12}:key/.*|)$
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationobjectstorage-cmksecretconfig.html#cfn-datasync-locationobjectstorage-cmksecretconfig-kmskeyarn}
@@ -138,19 +152,21 @@ export type CmkSecretConfig = {
     KmsKeyArn?: string | undefined;
 };
 /**
- * Specifies configuration information for a customer-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and an IAM role that DataSync can assume and access the customer-managed secret.
+ * Specifies configuration information for a customer-managed Secrets Manager secret where a storage location authentication token or secret key is stored in plain text. This configuration includes the secret ARN, and the ARN for an IAM role that provides access to the secret.
+ *
+ * > You can use either `CmkSecretConfig` or `CustomSecretConfig` to provide credentials for a `CreateLocation` request. Do not provide both parameters for the same request.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationobjectstorage-customsecretconfig.html}
  */
 export type CustomSecretConfig = {
     /**
-     * Specifies the ARN for the AWS Identity and Access Management role that DataSync uses to access the secret specified for SecretArn.
+     * Specifies the ARN for the AWS Identity and Access Management role that DataSync uses to access the secret specified for `SecretArn` .
      * @maxLength 2048
      * @pattern ^(arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):iam::[0-9]{12}:role/.*|)$
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationobjectstorage-customsecretconfig.html#cfn-datasync-locationobjectstorage-customsecretconfig-secretaccessrolearn}
      */
     SecretAccessRoleArn: string;
     /**
-     * Specifies the ARN for a customer created AWS Secrets Manager secret.
+     * Specifies the ARN for an AWS Secrets Manager secret.
      * @maxLength 2048
      * @pattern ^(arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):secretsmanager:[a-z-0-9]+:[0-9]{12}:secret:.*|)$
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-locationobjectstorage-customsecretconfig.html#cfn-datasync-locationobjectstorage-customsecretconfig-secretarn}

package/out/exports/resources.generated/aws-datasync-locationsmb.d.ts

@@ -15,16 +15,12 @@ export type DataSyncLocationSMBProps = {
      */
     AgentArns: string[];
     /**
-     * Specifies the authentication protocol that DataSync uses to connect to your SMB file server. DataSync supports `NTLM` (default) and `KERBEROS` authentication.
-     *
-     * For more information, see [Providing DataSync access to SMB file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#configuring-smb-permissions) .
+     * The authentication mode used to determine identity of user.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationsmb.html#cfn-datasync-locationsmb-authenticationtype}
      */
     AuthenticationType?: "NTLM" | "KERBEROS" | undefined;
     /**
-     * Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if `AuthenticationType` is set to `KERBEROS` .
-     *
-     * If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server.
+     * Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server.
      * @default null
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationsmb.html#cfn-datasync-locationsmb-dnsipaddresses}
      */
@@ -39,29 +35,19 @@ export type DataSyncLocationSMBProps = {
      */
     Domain?: string | undefined;
     /**
-     * Specifies your Kerberos key table (keytab) file, which includes mappings between your Kerberos principal and encryption keys.
-     *
-     * The file must be base64 encoded.
-     *
-     * To avoid task execution errors, make sure that the Kerberos principal that you use to create the keytab file matches exactly what you specify for `KerberosPrincipal` .
+     * The Base64 string representation of the Keytab file. Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys. To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for KerberosPrincipal and in your krb5.conf file.
      * @maxLength 87384
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationsmb.html#cfn-datasync-locationsmb-kerberoskeytab}
      */
     KerberosKeytab?: string | undefined;
     /**
-     * Specifies a Kerberos configuration file ( `krb5.conf` ) that defines your Kerberos realm configuration.
-     *
-     * The file must be base64 encoded.
+     * The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket. Specifies a Kerberos configuration file (krb5.conf) that defines your Kerberos realm configuration. To avoid task execution errors, make sure that the service principal name (SPN) in the krb5.conf file matches exactly what you specify for KerberosPrincipal and in your keytab file.
      * @maxLength 174764
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-locationsmb.html#cfn-datasync-locationsmb-kerberoskrb5conf}
      */
     KerberosKrb5Conf?: string | undefined;
     /**
-     * Specifies a Kerberos prinicpal, which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server.
-     *
-     * A Kerberos principal might look like `HOST/kerberosuser@MYDOMAIN.ORG` .
-     *
-     * Principal names are case sensitive. Your DataSync task execution will fail if the principal that you specify for this parameter doesn’t exactly match the principal that you use to create the keytab file.
+     * Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files.
      * @minLength 1
      * @maxLength 256
      * @pattern ^.+$

package/out/exports/resources.generated/aws-datasync-task.d.ts

@@ -75,21 +75,12 @@ export type DataSyncTaskProps = {
      */
     Tags?: Tag[] | undefined;
     /**
-     * Specifies one of the following task modes for your data transfer:
-     *
-     * - `ENHANCED` - Transfer virtually unlimited numbers of objects with higher performance than Basic mode. Enhanced mode tasks optimize the data transfer process by listing, preparing, transferring, and verifying data in parallel. Enhanced mode is currently available for transfers between Amazon S3 locations.
-     *
-     * > To create an Enhanced mode task, the IAM role that you use to call the `CreateTask` operation must have the `iam:CreateServiceLinkedRole` permission.
-     * - `BASIC` (default) - Transfer files or objects between AWS storage and all other supported DataSync locations. Basic mode tasks are subject to [quotas](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-limits.html) on the number of files, objects, and directories in a dataset. Basic mode sequentially prepares, transfers, and verifies data, making it slower than Enhanced mode for most workloads.
-     *
-     * For more information, see [Understanding task mode differences](https://docs.aws.amazon.com/datasync/latest/userguide/choosing-task-mode.html#task-mode-differences) .
+     * The task mode that you're using. For more information, see [Choosing a task mode for your data transfer](https://docs.aws.amazon.com/datasync/latest/userguide/choosing-task-mode.html) .
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-task.html#cfn-datasync-task-taskmode}
      */
     TaskMode?: "BASIC" | "ENHANCED" | undefined;
     /**
-     * Specifies how you want to configure a task report, which provides detailed information about your DataSync transfer. For more information, see [Monitoring your DataSync transfers with task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html) .
-     *
-     * When using this parameter, your caller identity (the role that you're using DataSync with) must have the `iam:PassRole` permission. The [AWSDataSyncFullAccess](https://docs.aws.amazon.com/datasync/latest/userguide/security-iam-awsmanpol.html#security-iam-awsmanpol-awsdatasyncfullaccess) policy includes this permission.
+     * The configuration of your task report, which provides detailed information about your DataSync transfer. For more information, see [Monitoring your DataSync transfers with task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html) .
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datasync-task.html#cfn-datasync-task-taskreportconfig}
      */
     TaskReportConfig?: TaskReportConfig | undefined;
@@ -169,26 +160,26 @@ export type ManifestConfig = {
     };
 };
 /**
- * Specifies the S3 bucket where you're hosting the manifest that you want AWS DataSync to use. For more information and configuration examples, see [Specifying what DataSync transfers by using a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html) .
+ * Specifies the S3 bucket where you're hosting the manifest that you want AWS DataSync to use.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-manifestconfigsources3.html}
  */
 export type ManifestConfigSourceS3 = {
     /**
-     * Specifies the AWS Identity and Access Management (IAM) role that allows DataSync to access your manifest. For more information, see [Providing DataSync access to your manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html#transferring-with-manifest-access) .
+     * Specifies the AWS Identity and Access Management (IAM) role that allows DataSync to access your manifest.
      * @maxLength 2048
      * @pattern ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):iam::[0-9]{12}:role/.*$
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-manifestconfigsources3.html#cfn-datasync-task-manifestconfigsources3-bucketaccessrolearn}
      */
     BucketAccessRoleArn?: string | undefined;
     /**
-     * Specifies the Amazon S3 object key of your manifest. This can include a prefix (for example, `prefix/my-manifest.csv` ).
+     * Specifies the Amazon S3 object key of your manifest.
      * @maxLength 1024
      * @pattern ^[\p{L}\p{M}\p{Z}\p{S}\p{N}\p{P}\p{C}]*$
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-manifestconfigsources3.html#cfn-datasync-task-manifestconfigsources3-manifestobjectpath}
      */
     ManifestObjectPath?: string | undefined;
     /**
-     * Specifies the object version ID of the manifest that you want DataSync to use. If you don't set this, DataSync uses the latest version of the object.
+     * Specifies the object version ID of the manifest that you want DataSync to use.
      * @maxLength 100
      * @pattern ^.+$
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-manifestconfigsources3.html#cfn-datasync-task-manifestconfigsources3-manifestobjectversionid}
@@ -466,19 +457,19 @@ export type TaskReportConfig = {
     ReportLevel?: "ERRORS_ONLY" | "SUCCESSES_AND_ERRORS" | undefined;
 };
 /**
- * Specifies the Amazon S3 bucket where DataSync uploads your [task report](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html) .
+ * Specifies the Amazon S3 bucket where DataSync uploads your task report.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-taskreportconfigdestinations3.html}
  */
 export type TaskReportConfigDestinationS3 = {
     /**
-     * Specifies the Amazon Resource Name (ARN) of the IAM policy that allows DataSync to upload a task report to your S3 bucket. For more information, see [Allowing DataSync to upload a task report to an Amazon S3 bucket](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html) .
+     * Specifies the Amazon Resource Name (ARN) of the IAM policy that allows Datasync to upload a task report to your S3 bucket.
      * @maxLength 2048
      * @pattern ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):iam::[0-9]{12}:role/.*$
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-taskreportconfigdestinations3.html#cfn-datasync-task-taskreportconfigdestinations3-bucketaccessrolearn}
      */
     BucketAccessRoleArn?: string | undefined;
     /**
-     * Specifies the ARN of the S3 bucket where DataSync uploads your report.
+     * Specifies the ARN of the S3 bucket where Datasync uploads your report.
      * @maxLength 156
      * @pattern ^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):(s3|s3-outposts):[a-z\-0-9]*:[0-9]*:.*$
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-taskreportconfigdestinations3.html#cfn-datasync-task-taskreportconfigdestinations3-s3bucketarn}
@@ -515,9 +506,9 @@ export type TaskSchedule = {
      */
     ScheduleExpression?: string | undefined;
     /**
-     * Specifies whether to enable or disable your task schedule. Your schedule is enabled by default, but there can be situations where you need to disable it. For example, you might need to perform maintenance on a storage system before you can begin a recurring DataSync transfer.
+     * Specifies whether to enable or disable your task schedule. Your schedule is enabled by default, but there can be situations where you need to disable it. For example, you might need to pause a recurring transfer to fix an issue with your task or perform maintenance on your storage system.
      *
-     * DataSync might disable your schedule automatically if your task fails repeatedly with the same error. For more information, see the [*DataSync User Guide*](https://docs.aws.amazon.com/datasync/latest/userguide/task-scheduling.html#pause-task-schedule) .
+     * DataSync might disable your schedule automatically if your task fails repeatedly with the same error. For more information, see [TaskScheduleDetails](https://docs.aws.amazon.com/datasync/latest/userguide/API_TaskScheduleDetails.html) .
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-datasync-task-taskschedule.html#cfn-datasync-task-taskschedule-status}
      */
     Status?: "ENABLED" | "DISABLED" | undefined;

package/out/exports/resources.generated/aws-datazone-projectprofile.d.ts

@@ -10,6 +10,7 @@ export type DataZoneProjectProfile = ResourceDefinitionWithAttributes<"AWS::Data
  */
 export type DataZoneProjectProfileProps = {
     /**
+     * The description of the project profile.
      * @maxLength 2048
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datazone-projectprofile.html#cfn-datazone-projectprofile-description}
      */
@@ -27,6 +28,7 @@ export type DataZoneProjectProfileProps = {
      */
     DomainUnitIdentifier?: string | undefined;
     /**
+     * The name of a project profile.
      * @minLength 1
      * @maxLength 64
      * @pattern ^[\w -]+$
@@ -34,6 +36,7 @@ export type DataZoneProjectProfileProps = {
      */
     Name: string;
     /**
+     * The status of a project profile.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datazone-projectprofile.html#cfn-datazone-projectprofile-status}
      */
     Status?: Status | undefined;
@@ -43,20 +46,24 @@ export type DataZoneProjectProfileProps = {
  */
 export type DataZoneProjectProfileAttribs = {
     /**
+     * The timestamp of when the project profile was created.
      * @format date-time
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datazone-projectprofile.html#cfn-datazone-projectprofile-createdat}
      */
     CreatedAt: string;
     /**
+     * The user who created the project profile.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datazone-projectprofile.html#cfn-datazone-projectprofile-createdby}
      */
     CreatedBy: string;
     /**
+     * The domain ID of the project profile.
      * @pattern ^dzd[_][a-zA-Z0-9_-]{1,36}$
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datazone-projectprofile.html#cfn-datazone-projectprofile-domainid}
      */
     DomainId: string;
     /**
+     * The domain unit ID of the project profile.
      * @minLength 1
      * @maxLength 256
      * @pattern ^[a-z0-9_\-]+$
@@ -64,6 +71,7 @@ export type DataZoneProjectProfileAttribs = {
      */
     DomainUnitId: string;
     /**
+     * The ID of the project profile.
      * @pattern ^[a-zA-Z0-9_-]{1,36}$
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datazone-projectprofile.html#cfn-datazone-projectprofile-id}
      */
@@ -74,6 +82,7 @@ export type DataZoneProjectProfileAttribs = {
      */
     Identifier: string;
     /**
+     * The timestamp at which a project profile was last updated.
      * @format date-time
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datazone-projectprofile.html#cfn-datazone-projectprofile-lastupdatedat}
      */

package/out/exports/resources.generated/aws-deadline-fleet.d.ts

@@ -443,6 +443,12 @@ export type ServiceManagedEc2FleetConfiguration = {
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-deadline-fleet-servicemanagedec2fleetconfiguration.html#cfn-deadline-fleet-servicemanagedec2fleetconfiguration-instancemarketoptions}
      */
     InstanceMarketOptions: ServiceManagedEc2InstanceMarketOptions;
+    /**
+     * The storage profile ID.
+     * @pattern ^sp-[0-9a-f]{32}$
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-deadline-fleet-servicemanagedec2fleetconfiguration.html#cfn-deadline-fleet-servicemanagedec2fleetconfiguration-storageprofileid}
+     */
+    StorageProfileId?: string | undefined;
 };
 /**
  * The Amazon EC2 instance capabilities.

package/out/exports/resources.generated/aws-dsql-cluster.d.ts

@@ -1,8 +1,10 @@
 import type { ResourceDefinitionWithAttributes, Tag } from "../main.ts";
 /**
- * The CreateCluster API allows you to create both single-region clusters and multi-Region clusters. With the addition of the *multiRegionProperties* parameter, you can create a cluster with witness Region support and establish peer relationships with clusters in other Regions during creation.
+ * The `AWS::DSQL::Cluster` resource specifies an cluster. You can use this resource to create, modify, and manage clusters.
  *
- * > Creating multi-Region clusters requires additional IAM permissions beyond those needed for single-Region clusters, as detailed in the *Required permissions* section below.
+ * This resource supports both single-Region clusters and multi-Region clusters through the `MultiRegionProperties` parameter.
+ *
+ * > Creating multi-Region clusters requires additional IAM permissions beyond those needed for single-Region clusters. > - The witness Region specified in `multiRegionProperties.witnessRegion` cannot be the same as the cluster's Region.
  *
  * *Required permissions*
  *
@@ -12,7 +14,7 @@ import type { ResourceDefinitionWithAttributes, Tag } from "../main.ts";
  * - **dsql:TagResource** - Permission to add tags to a resource.
  *
  * Resources: `arn:aws:dsql:region:account-id:cluster/*`
- * - **dsql:PutMultiRegionProperties** - Permission to configure multi-region properties for a cluster.
+ * - **dsql:PutMultiRegionProperties** - Permission to configure multi-Region properties for a cluster.
  *
  * Resources: `arn:aws:dsql:region:account-id:cluster/*`
  * - **dsql:AddPeerCluster** - When specifying `multiRegionProperties.clusters` , permission to add peer clusters.
@@ -26,15 +28,15 @@ import type { ResourceDefinitionWithAttributes, Tag } from "../main.ts";
  * Resources: `arn:aws:dsql:region:account-id:cluster/*`
  *
  * Condition Keys: `dsql:WitnessRegion` (matching the specified witness region)
- *
- * > - The witness Region specified in `multiRegionProperties.witnessRegion` cannot be the same as the cluster's Region.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dsql-cluster.html}
  */
 export type DSQLCluster = ResourceDefinitionWithAttributes<"AWS::DSQL::Cluster", DSQLClusterProps, DSQLClusterAttribs>;
 /**
- * The CreateCluster API allows you to create both single-region clusters and multi-Region clusters. With the addition of the *multiRegionProperties* parameter, you can create a cluster with witness Region support and establish peer relationships with clusters in other Regions during creation.
+ * The `AWS::DSQL::Cluster` resource specifies an cluster. You can use this resource to create, modify, and manage clusters.
+ *
+ * This resource supports both single-Region clusters and multi-Region clusters through the `MultiRegionProperties` parameter.
  *
- * > Creating multi-Region clusters requires additional IAM permissions beyond those needed for single-Region clusters, as detailed in the *Required permissions* section below.
+ * > Creating multi-Region clusters requires additional IAM permissions beyond those needed for single-Region clusters. > - The witness Region specified in `multiRegionProperties.witnessRegion` cannot be the same as the cluster's Region.
  *
  * *Required permissions*
  *
@@ -44,7 +46,7 @@ export type DSQLCluster = ResourceDefinitionWithAttributes<"AWS::DSQL::Cluster",
  * - **dsql:TagResource** - Permission to add tags to a resource.
  *
  * Resources: `arn:aws:dsql:region:account-id:cluster/*`
- * - **dsql:PutMultiRegionProperties** - Permission to configure multi-region properties for a cluster.
+ * - **dsql:PutMultiRegionProperties** - Permission to configure multi-Region properties for a cluster.
  *
  * Resources: `arn:aws:dsql:region:account-id:cluster/*`
  * - **dsql:AddPeerCluster** - When specifying `multiRegionProperties.clusters` , permission to add peer clusters.
@@ -58,8 +60,6 @@ export type DSQLCluster = ResourceDefinitionWithAttributes<"AWS::DSQL::Cluster",
  * Resources: `arn:aws:dsql:region:account-id:cluster/*`
  *
  * Condition Keys: `dsql:WitnessRegion` (matching the specified witness region)
- *
- * > - The witness Region specified in `multiRegionProperties.witnessRegion` cannot be the same as the cluster's Region.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dsql-cluster.html}
  */
 export type DSQLClusterProps = {
@@ -68,6 +68,17 @@ export type DSQLClusterProps = {
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dsql-cluster.html#cfn-dsql-cluster-deletionprotectionenabled}
      */
     DeletionProtectionEnabled?: boolean | undefined;
+    /**
+     * Defines the structure for multi-Region cluster configurations, containing the witness Region and peered cluster settings.
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dsql-cluster.html#cfn-dsql-cluster-multiregionproperties}
+     */
+    MultiRegionProperties?: {
+        Clusters?: string[] | undefined;
+        /**
+         * The witness region in a multi-region cluster.
+         */
+        WitnessRegion?: string | undefined;
+    } | undefined;
     /**
      * A map of key and value pairs this cluster is tagged with.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dsql-cluster.html#cfn-dsql-cluster-tags}
@@ -95,6 +106,14 @@ export type DSQLClusterAttribs = {
     ResourceArn: string;
     /**
      * The current status of the cluster. Possible values include: CREATING, ACTIVE, DELETING, FAILED.
+     *
+     * The cluster can have two additional status values when working with multi-Region clusters:
+     *
+     * `PENDING_SETUP` —Indicates the cluster is being configured
+     *
+     * `PENDING_DELETE` —Indicates the cluster is being deleted
+     *
+     * *Note:* These status values only appear for multi-Region cluster operations.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dsql-cluster.html#cfn-dsql-cluster-status}
      */
     Status: string;