@propulsionworks/cloudformation 0.1.22 → 0.1.23

package/out/exports/resources.generated/aws-ivs-stage.d.ts

@@ -38,7 +38,6 @@ export type IVSStageAttribs = {
      * ID of the active session within the stage. For example: `st-a1b2c3d4e5f6g`
      * @minLength 0
      * @maxLength 128
-     * @default ""
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ivs-stage.html#cfn-ivs-stage-activesessionid}
      */
     ActiveSessionId: string;

package/out/exports/resources.generated/aws-kinesisanalyticsv2-application.d.ts

@@ -87,6 +87,11 @@ export type ApplicationConfiguration = {
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalyticsv2-application-applicationconfiguration.html#cfn-kinesisanalyticsv2-application-applicationconfiguration-applicationcodeconfiguration}
      */
     ApplicationCodeConfiguration?: ApplicationCodeConfiguration | undefined;
+    /**
+     * Describes whether customer managed key is enabled and key details for customer data encryption
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalyticsv2-application-applicationconfiguration.html#cfn-kinesisanalyticsv2-application-applicationconfiguration-applicationencryptionconfiguration}
+     */
+    ApplicationEncryptionConfiguration?: ApplicationEncryptionConfiguration | undefined;
     /**
      * Describes whether snapshots are enabled for a Managed Service for Apache Flink application.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalyticsv2-application-applicationconfiguration.html#cfn-kinesisanalyticsv2-application-applicationconfiguration-applicationsnapshotconfiguration}
@@ -123,6 +128,25 @@ export type ApplicationConfiguration = {
      */
     ZeppelinApplicationConfiguration?: ZeppelinApplicationConfiguration | undefined;
 };
+/**
+ * Describes whether customer managed key is enabled and key details for customer data encryption
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalyticsv2-application-applicationencryptionconfiguration.html}
+ */
+export type ApplicationEncryptionConfiguration = {
+    /**
+     * KMS KeyId. Can be either key uuid or full key arn or key alias arn or short key alias
+     * @minLength 1
+     * @maxLength 2048
+     * @pattern ^(?:arn:.*:kms:.*:.*:(?:key\/.*|alias\/.*)|alias\/.*|(?i)[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})$
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalyticsv2-application-applicationencryptionconfiguration.html#cfn-kinesisanalyticsv2-application-applicationencryptionconfiguration-keyid}
+     */
+    KeyId?: string | undefined;
+    /**
+     * Specifies whether application data is encrypted using service key: AWS_OWNED_KEY or customer key: CUSTOMER_MANAGED_KEY
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalyticsv2-application-applicationencryptionconfiguration.html#cfn-kinesisanalyticsv2-application-applicationencryptionconfiguration-keytype}
+     */
+    KeyType: "AWS_OWNED_KEY" | "CUSTOMER_MANAGED_KEY";
+};
 /**
  * Describes the maintenance configuration for the application.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalyticsv2-application-applicationmaintenanceconfiguration.html}

package/out/exports/resources.generated/aws-lambda-eventinvokeconfig.d.ts

@@ -34,7 +34,7 @@ export type LambdaEventInvokeConfigProps = {
      * *Maximum* : `64`
      *
      * *Pattern* : `([a-zA-Z0-9-_]+)`
-     * @pattern ^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?(-iso([a-z])?)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$
+     * @pattern ^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]+(-[a-z]+)+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventinvokeconfig.html#cfn-lambda-eventinvokeconfig-functionname}
      */
     FunctionName: string;
@@ -96,7 +96,7 @@ export type OnFailure = {
      * To retain records of failed invocations from [Kinesis](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html) , [DynamoDB](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html) , [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination) , you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.
      * @minLength 0
      * @maxLength 350
-     * @pattern ^$|arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\-])+:([a-z]{2}(-gov)?(-iso([a-z])?)?-[a-z]+-\d{1})?:(\d{12})?:(.*)
+     * @pattern ^$|arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\-])+:([a-z]+(-[a-z]+)+-\d{1})?:(\d{12})?:(.*)
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventinvokeconfig-onfailure.html#cfn-lambda-eventinvokeconfig-onfailure-destination}
      */
     Destination: string;
@@ -114,7 +114,7 @@ export type OnSuccess = {
      * The Amazon Resource Name (ARN) of the destination resource.
      * @minLength 0
      * @maxLength 350
-     * @pattern ^$|arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\-])+:([a-z]{2}(-gov)?(-iso([a-z])?)?-[a-z]+-\d{1})?:(\d{12})?:(.*)
+     * @pattern ^$|arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\-])+:([a-z]+(-[a-z]+)+-\d{1})?:(\d{12})?:(.*)
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventinvokeconfig-onsuccess.html#cfn-lambda-eventinvokeconfig-onsuccess-destination}
      */
     Destination: string;

package/out/exports/resources.generated/aws-logs-loggroup.d.ts

@@ -23,8 +23,6 @@ export type LogsLogGroup = ResourceDefinitionWithAttributes<"AWS::Logs::LogGroup
 export type LogsLogGroupProps = {
     /**
      * Creates a data protection policy and assigns it to the log group. A data protection policy can help safeguard sensitive data that's ingested by the log group by auditing and masking the sensitive log data. When a user who does not have permission to view masked data views a log event that includes masked data, the sensitive data is replaced by asterisks.
-     *
-     * For more information, including a list of types of data that can be audited and masked, see [Protect sensitive log data with masking](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html) .
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html#cfn-logs-loggroup-dataprotectionpolicy}
      */
     DataProtectionPolicy?: Record<string, unknown> | undefined;
@@ -70,13 +68,14 @@ export type LogsLogGroupProps = {
      */
     LogGroupName?: string | undefined;
     /**
+     * Creates or updates a resource policy for the specified log group that allows other services to put log events to this account. A LogGroup can have 1 resource policy.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html#cfn-logs-loggroup-resourcepolicydocument}
      */
     ResourcePolicyDocument?: Record<string, unknown> | undefined;
     /**
      * The number of days to retain the log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1096, 1827, 2192, 2557, 2922, 3288, and 3653.
      *
-     * To set a log group so that its log events do not expire, use [DeleteRetentionPolicy](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteRetentionPolicy.html) .
+     * To set a log group so that its log events do not expire, do not specify this property.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html#cfn-logs-loggroup-retentionindays}
      */
     RetentionInDays?: 1 | 3 | 5 | 7 | 14 | 30 | 60 | 90 | 120 | 150 | 180 | 365 | 400 | 545 | 731 | 1096 | 1827 | 2192 | 2557 | 2922 | 3288 | 3653 | undefined;

package/out/exports/resources.generated/aws-mediapackagev2-channel.d.ts

@@ -94,7 +94,7 @@ export type MediaPackageV2ChannelAttribs = {
  */
 export type InputSwitchConfiguration = {
     /**
-     * When true, AWS Elemental MediaPackage performs input switching based on the MQCS. Default is true. This setting is valid only when `InputType` is `CMAF` .
+     * When true, AWS Elemental MediaPackage performs input switching based on the MQCS. Default is false. This setting is valid only when `InputType` is `CMAF` .
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-mediapackagev2-channel-inputswitchconfiguration.html#cfn-mediapackagev2-channel-inputswitchconfiguration-mqcsinputswitching}
      */
     MQCSInputSwitching?: boolean | undefined;

package/out/exports/resources.generated/aws-networkfirewall-tlsinspectionconfiguration.d.ts

@@ -106,7 +106,7 @@ export type PortRange = {
  */
 export type RevokedStatusAction = "PASS" | "DROP" | "REJECT";
 /**
- * Any AWS Certificate Manager (ACM) Secure Sockets Layer/Transport Layer Security (SSL/TLS) server certificate that's associated with a [ServerCertificateConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-tlsinspectionconfiguration-servercertificateconfiguration.html) . Used in a [TLSInspectionConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-tlsinspectionconfiguration.html) for inspection of inbound traffic to your firewall. You must request or import a SSL/TLS certificate into ACM for each domain Network Firewall needs to decrypt and inspect. AWS Network Firewall uses the SSL/TLS certificates to decrypt specified inbound SSL/TLS traffic going to your firewall. For information about working with certificates in AWS Certificate Manager , see [Request a public certificate](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html) or [Importing certificates](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .
+ * Any AWS Certificate Manager (ACM) Secure Sockets Layer/Transport Layer Security (SSL/TLS) server certificate that's associated with a [ServerCertificateConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-tlsinspectionconfiguration-servercertificateconfiguration.html) . Used in a [TLSInspectionConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-networkfirewall-tlsinspectionconfiguration.html) for inspection of inbound traffic to your firewall. You must request or import a SSL/TLS certificate into ACM for each domain Network Firewall needs to decrypt and inspect. AWS Network Firewall uses the SSL/TLS certificates to decrypt specified inbound SSL/TLS traffic going to your firewall. For information about working with certificates in AWS Certificate Manager , see [Request a public certificate](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html) or [Importing certificates](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-tlsinspectionconfiguration-servercertificate.html}
  */
 export type ServerCertificate = {
@@ -117,9 +117,9 @@ export type ServerCertificate = {
     ResourceArn?: string | undefined;
 };
 /**
- * Configures the AWS Certificate Manager certificates and scope that Network Firewall uses to decrypt and re-encrypt traffic using a [TLSInspectionConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-tlsinspectionconfiguration.html) . You can configure `ServerCertificates` for inbound SSL/TLS inspection, a `CertificateAuthorityArn` for outbound SSL/TLS inspection, or both. For information about working with certificates for TLS inspection, see [Using SSL/TLS server certficiates with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html) in the *AWS Network Firewall Developer Guide* .
+ * Configures the AWS Certificate Manager certificates and scope that Network Firewall uses to decrypt and re-encrypt traffic using a [TLSInspectionConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-networkfirewall-tlsinspectionconfiguration.html) . You can configure `ServerCertificates` for inbound SSL/TLS inspection, a `CertificateAuthorityArn` for outbound SSL/TLS inspection, or both. For information about working with certificates for TLS inspection, see [Using SSL/TLS server certficiates with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html) in the *AWS Network Firewall Developer Guide* .
  *
- * > If a server certificate that's associated with your [TLSInspectionConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-tlsinspectionconfiguration.html) is revoked, deleted, or expired it can result in client-side TLS errors.
+ * > If a server certificate that's associated with your [TLSInspectionConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-networkfirewall-tlsinspectionconfiguration.html) is revoked, deleted, or expired it can result in client-side TLS errors.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-tlsinspectionconfiguration-servercertificateconfiguration.html}
  */
 export type ServerCertificateConfiguration = {
@@ -138,7 +138,7 @@ export type ServerCertificateConfiguration = {
      */
     CertificateAuthorityArn?: string | undefined;
     /**
-     * When enabled, Network Firewall checks if the server certificate presented by the server in the SSL/TLS connection has a revoked or unkown status. If the certificate has an unknown or revoked status, you must specify the actions that Network Firewall takes on outbound traffic. To check the certificate revocation status, you must also specify a `CertificateAuthorityArn` in [ServerCertificateConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-servercertificateconfiguration.html) .
+     * When enabled, Network Firewall checks if the server certificate presented by the server in the SSL/TLS connection has a revoked or unkown status. If the certificate has an unknown or revoked status, you must specify the actions that Network Firewall takes on outbound traffic. To check the certificate revocation status, you must also specify a `CertificateAuthorityArn` in [ServerCertificateConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-networkfirewall-servercertificateconfiguration.html) .
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-tlsinspectionconfiguration-servercertificateconfiguration.html#cfn-networkfirewall-tlsinspectionconfiguration-servercertificateconfiguration-checkcertificaterevocationstatus}
      */
     CheckCertificateRevocationStatus?: {

package/out/exports/resources.generated/aws-quicksight-analysis.d.ts

@@ -10753,7 +10753,7 @@ export type ResourcePermission = {
 /**
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-quicksight-analysis-resourcestatus.html}
  */
-export type ResourceStatus = "CREATION_IN_PROGRESS" | "CREATION_SUCCESSFUL" | "CREATION_FAILED" | "UPDATE_IN_PROGRESS" | "UPDATE_SUCCESSFUL" | "UPDATE_FAILED" | "DELETED";
+export type ResourceStatus = "CREATION_IN_PROGRESS" | "CREATION_SUCCESSFUL" | "CREATION_FAILED" | "UPDATE_IN_PROGRESS" | "UPDATE_SUCCESSFUL" | "UPDATE_FAILED" | "PENDING_UPDATE" | "DELETED";
 /**
  * The rolling date configuration of a date time filter.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-quicksight-analysis-rollingdateconfiguration.html}

package/out/exports/resources.generated/aws-s3-bucket.d.ts

@@ -102,7 +102,7 @@ export type S3BucketProps = {
      *
      * > - The `DefaultRetention` settings require both a mode and a period.
      * > - The `DefaultRetention` period can be either `Days` or `Years` but you must select one. You cannot specify `Days` and `Years` at the same time.
-     * > - You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html) .
+     * > - You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html) . > You must URL encode any signed header values that contain spaces. For example, if your header value is `my file.txt` , containing two spaces after `my` , you must URL encode this value to `my%20%20file.txt` .
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3-bucket.html#cfn-s3-bucket-objectlockconfiguration}
      */
     ObjectLockConfiguration?: ObjectLockConfiguration | undefined;

package/out/exports/resources.generated/aws-s3-bucketpolicy.d.ts

@@ -6,7 +6,7 @@ import type { ResourceDefinition, PolicyDocument } from "../main.ts";
  *
  * > As a security precaution, the root user of the AWS account that owns a bucket can always use this operation, even if the policy explicitly denies the root user the ability to perform this action.
  *
- * When using the `AWS::S3::BucketPolicy` resource, you can create, update, and delete bucket policies for S3 buckets located in regions different from the stack's region. This cross-region bucket policy modification functionality is supported for backward compatibility with existing workflows.
+ * When using the `AWS::S3::BucketPolicy` resource, you can create, update, and delete bucket policies for S3 buckets located in Regions that are different from the stack's Region. However, the CloudFormation stacks should be deployed in the US East (N. Virginia) or `us-east-1` Region. This cross-region bucket policy modification functionality is supported for backward compatibility with existing workflows.
  *
  * > If the [DeletionPolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html) is not specified or set to `Delete` , the bucket policy will be removed when the stack is deleted. If set to `Retain` , the bucket policy will be preserved even after the stack is deleted.
  *
@@ -28,7 +28,7 @@ export type S3BucketPolicy = ResourceDefinition<"AWS::S3::BucketPolicy", S3Bucke
  *
  * > As a security precaution, the root user of the AWS account that owns a bucket can always use this operation, even if the policy explicitly denies the root user the ability to perform this action.
  *
- * When using the `AWS::S3::BucketPolicy` resource, you can create, update, and delete bucket policies for S3 buckets located in regions different from the stack's region. This cross-region bucket policy modification functionality is supported for backward compatibility with existing workflows.
+ * When using the `AWS::S3::BucketPolicy` resource, you can create, update, and delete bucket policies for S3 buckets located in Regions that are different from the stack's Region. However, the CloudFormation stacks should be deployed in the US East (N. Virginia) or `us-east-1` Region. This cross-region bucket policy modification functionality is supported for backward compatibility with existing workflows.
  *
  * > If the [DeletionPolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html) is not specified or set to `Delete` , the bucket policy will be removed when the stack is deleted. If set to `Retain` , the bucket policy will be preserved even after the stack is deleted.
  *

package/out/exports/resources.generated/aws-sagemaker-cluster.d.ts

@@ -181,6 +181,7 @@ export type ClusterInstanceGroup = {
      */
     OverrideVpcConfig?: VpcConfig | undefined;
     /**
+     * The configuration object of the schedule that SageMaker follows when updating the AMI.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-cluster-clusterinstancegroup.html#cfn-sagemaker-cluster-clusterinstancegroup-scheduledupdateconfig}
      */
     ScheduledUpdateConfig?: ScheduledUpdateConfig | undefined;
@@ -309,15 +310,17 @@ export type ClusterRestrictedInstanceGroup = {
  */
 export type DeepHealthCheckType = "InstanceStress" | "InstanceConnectivity";
 /**
- * The configuration to use when updating the AMI versions.
+ * The deployment configuration for an endpoint, which contains the desired deployment strategy and rollback configurations.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-cluster-deploymentconfig.html}
  */
 export type DeploymentConfig = {
     /**
+     * Automatic rollback configuration for handling endpoint deployment failures and recovery.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-cluster-deploymentconfig.html#cfn-sagemaker-cluster-deploymentconfig-autorollbackconfiguration}
      */
     AutoRollbackConfiguration?: AlarmDetails[] | undefined;
     /**
+     * Specifies a rolling deployment strategy for updating a SageMaker endpoint.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-cluster-deploymentconfig.html#cfn-sagemaker-cluster-deploymentconfig-rollingupdatepolicy}
      */
     RollingUpdatePolicy?: RollingUpdatePolicy | undefined;
@@ -372,15 +375,17 @@ export type Orchestrator = {
     Eks: ClusterOrchestratorEksConfig;
 };
 /**
- * The policy that SageMaker uses when updating the AMI versions of the cluster.
+ * Specifies a rolling deployment strategy for updating a SageMaker endpoint.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-cluster-rollingupdatepolicy.html}
  */
 export type RollingUpdatePolicy = {
     /**
+     * Batch size for each rolling step to provision capacity and turn on traffic on the new endpoint fleet, and terminate capacity on the old endpoint fleet. Value must be between 5% to 50% of the variant's total instance count.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-cluster-rollingupdatepolicy.html#cfn-sagemaker-cluster-rollingupdatepolicy-maximumbatchsize}
      */
     MaximumBatchSize: CapacitySizeConfig;
     /**
+     * Batch size for rollback to the old endpoint fleet. Each rolling step to provision capacity and turn on traffic on the old endpoint fleet, and terminate capacity on the new endpoint fleet. If this field is absent, the default value will be set to 100% of total capacity which means to bring up the whole capacity of the old fleet at once during rollback.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-cluster-rollingupdatepolicy.html#cfn-sagemaker-cluster-rollingupdatepolicy-rollbackmaximumbatchsize}
      */
     RollbackMaximumBatchSize?: CapacitySizeConfig | undefined;
@@ -391,6 +396,7 @@ export type RollingUpdatePolicy = {
  */
 export type ScheduledUpdateConfig = {
     /**
+     * The configuration to use when updating the AMI versions.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-cluster-scheduledupdateconfig.html#cfn-sagemaker-cluster-scheduledupdateconfig-deploymentconfig}
      */
     DeploymentConfig?: DeploymentConfig | undefined;

package/out/exports/resources.generated/aws-servicediscovery-httpnamespace.d.ts

@@ -1,15 +1,15 @@
 import type { ResourceDefinitionWithAttributes, Tag } from "../main.ts";
 /**
- * The `HttpNamespace` resource is an AWS Cloud Map resource type that contains information about an HTTP namespace. Service instances that you register using an HTTP namespace can be discovered using a `DiscoverInstances` request but can't be discovered using DNS.
+ * Creates an HTTP namespace. Service instances registered using an HTTP namespace can be discovered using a `DiscoverInstances` request but can't be discovered using DNS.
  *
- * For the current quota on the number of namespaces that you can create using the same AWS account, see [AWS Cloud Map quotas](https://docs.aws.amazon.com/cloud-map/latest/dg/cloud-map-limits.html) in the ** .
+ * For the current quota on the number of namespaces that you can create using the same AWS account , see [AWS Cloud Map quotas](https://docs.aws.amazon.com/cloud-map/latest/dg/cloud-map-limits.html) in the *AWS Cloud Map Developer Guide* .
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-httpnamespace.html}
  */
 export type ServiceDiscoveryHttpNamespace = ResourceDefinitionWithAttributes<"AWS::ServiceDiscovery::HttpNamespace", ServiceDiscoveryHttpNamespaceProps, ServiceDiscoveryHttpNamespaceAttribs>;
 /**
- * The `HttpNamespace` resource is an AWS Cloud Map resource type that contains information about an HTTP namespace. Service instances that you register using an HTTP namespace can be discovered using a `DiscoverInstances` request but can't be discovered using DNS.
+ * Creates an HTTP namespace. Service instances registered using an HTTP namespace can be discovered using a `DiscoverInstances` request but can't be discovered using DNS.
  *
- * For the current quota on the number of namespaces that you can create using the same AWS account, see [AWS Cloud Map quotas](https://docs.aws.amazon.com/cloud-map/latest/dg/cloud-map-limits.html) in the ** .
+ * For the current quota on the number of namespaces that you can create using the same AWS account , see [AWS Cloud Map quotas](https://docs.aws.amazon.com/cloud-map/latest/dg/cloud-map-limits.html) in the *AWS Cloud Map Developer Guide* .
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-httpnamespace.html}
  */
 export type ServiceDiscoveryHttpNamespaceProps = {

package/out/exports/resources.generated/aws-servicediscovery-instance.d.ts

@@ -46,7 +46,7 @@ export type ServiceDiscoveryInstanceProps = {
      */
     InstanceAttributes: Record<string, unknown>;
     /**
-     * The ID of the service that you want to use for settings for the instance.
+     * The ID or Amazon Resource Name (ARN) of the service that you want to use for settings for the instance. For services created in a shared namespace, specify the service ARN. For more information about shared namespaces, see [Cross-account AWS Cloud Map namespace sharing](https://docs.aws.amazon.com/cloud-map/latest/dg/sharing-namespaces.html) in the *AWS Cloud Map Developer Guide* .
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-instance.html#cfn-servicediscovery-instance-serviceid}
      */
     ServiceId: string;

package/out/exports/resources.generated/aws-servicediscovery-service.d.ts

@@ -1,29 +1,11 @@
 import type { ResourceDefinitionWithAttributes, Tag } from "../main.ts";
 /**
- * A complex type that contains information about a service, which defines the configuration of the following entities:
- *
- * - For public and private DNS namespaces, one of the following combinations of DNS records in Amazon Route 53:
- *
- * - A
- * - AAAA
- * - A and AAAA
- * - SRV
- * - CNAME
- * - Optionally, a health check
+ * A complex type that contains information about the specified service.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-service.html}
  */
 export type ServiceDiscoveryService = ResourceDefinitionWithAttributes<"AWS::ServiceDiscovery::Service", ServiceDiscoveryServiceProps, ServiceDiscoveryServiceAttribs>;
 /**
- * A complex type that contains information about a service, which defines the configuration of the following entities:
- *
- * - For public and private DNS namespaces, one of the following combinations of DNS records in Amazon Route 53:
- *
- * - A
- * - AAAA
- * - A and AAAA
- * - SRV
- * - CNAME
- * - Optionally, a health check
+ * A complex type that contains information about the specified service.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-service.html}
  */
 export type ServiceDiscoveryServiceProps = {
@@ -59,19 +41,12 @@ export type ServiceDiscoveryServiceProps = {
      */
     Name?: string | undefined;
     /**
-     * The ID of the namespace that was used to create the service.
-     *
-     * > You must specify a value for `NamespaceId` either for the service properties or for [DnsConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-servicediscovery-service-dnsconfig.html) . Don't specify a value in both places.
+     * The ID or Amazon Resource Name (ARN) of the namespace that you want to use to create the service. For namespaces shared with your AWS account, specify the namespace ARN. For more information about shared namespaces, see [Cross-account AWS Cloud Map namespace sharing](https://docs.aws.amazon.com/cloud-map/latest/dg/sharing-namespaces.html) in the *AWS Cloud Map Developer Guide* .
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-service.html#cfn-servicediscovery-service-namespaceid}
      */
     NamespaceId?: string | undefined;
     /**
-     * A string map that contains the following information for the service:
-     *
-     * - The attributes that apply to the service
-     * - For each attribute, the applicable value.
-     *
-     * You can specify a total of 30 attributes.
+     * A complex type that contains information about attributes associated with a specific service.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-service.html#cfn-servicediscovery-service-serviceattributes}
      */
     ServiceAttributes?: Record<string, unknown> | undefined;
@@ -119,9 +94,9 @@ export type DnsConfig = {
      */
     DnsRecords: DnsRecord[];
     /**
-     * The ID of the namespace to use for DNS configuration.
+     * *Use NamespaceId in [Service](https://docs.aws.amazon.com/cloud-map/latest/api/API_Service.html) instead.*
      *
-     * > You must specify a value for `NamespaceId` either for `DnsConfig` or for the [service properties](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-service.html) . Don't specify a value in both places.
+     * The ID of the namespace to use for DNS configuration.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-servicediscovery-service-dnsconfig.html#cfn-servicediscovery-service-dnsconfig-namespaceid}
      */
     NamespaceId?: string | undefined;

package/out/exports/resources.generated/aws-ssm-patchbaseline.d.ts

@@ -98,7 +98,12 @@ export type SSMPatchBaselineProps = {
      * - **ALLOW_AS_DEPENDENCY** - *Linux and macOS* : A package in the rejected patches list is installed only if it is a dependency of another package. It is considered compliant with the patch baseline, and its status is reported as `INSTALLED_OTHER` . This is the default action if no option is specified.
      *
      * *Windows Server* : Windows Server doesn't support the concept of package dependencies. If a package in the rejected patches list and already installed on the node, its status is reported as `INSTALLED_OTHER` . Any package not already installed on the node is skipped. This is the default action if no option is specified.
-     * - **BLOCK** - *All OSs* : Packages in the rejected patches list, and packages that include them as dependencies, aren't installed by Patch Manager under any circumstances. If a package was installed before it was added to the rejected patches list, or is installed outside of Patch Manager afterward, it's considered noncompliant with the patch baseline and its status is reported as `INSTALLED_REJECTED` .
+     * - **BLOCK** - *All OSs* : Packages in the rejected patches list, and packages that include them as dependencies, aren't installed by Patch Manager under any circumstances.
+     *
+     * State value assignment for patch compliance:
+     *
+     * - If a package was installed before it was added to the rejected patches list, or is installed outside of Patch Manager afterward, it's considered noncompliant with the patch baseline and its status is reported as `INSTALLED_REJECTED` .
+     * - If an update attempts to install a dependency package that is now rejected by the baseline, when previous versions of the package were not rejected, the package being updated is reported as `MISSING` for `SCAN` operations and as `FAILED` for `INSTALL` operations.
      * @default "ALLOW_AS_DEPENDENCY"
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-patchbaseline.html#cfn-ssm-patchbaseline-rejectedpatchesaction}
      */

package/out/exports/resources.generated/aws-ssmquicksetup-configurationmanager.d.ts

@@ -162,7 +162,7 @@ export type ConfigurationDefinition = {
      * - Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to.
      * - `TargetRegions`
      *
-     * - Description: (Required) The AWS Regions to deploy the configuration to. For this type, the parameter only accepts a value of `AllRegions` .
+     * - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.
      * - **DevOps Guru (Type: AWS QuickSetupType-DevOpsGuru)** - - `AnalyseAllResources`
      *
      * - Description: (Optional) A boolean value that determines whether DevOps Guru analyzes all AWS CloudFormation stacks in the account. The default value is " `false` ".

package/out/exports/resources.generated/aws-synthetics-canary.d.ts

@@ -251,11 +251,12 @@ export type Code = {
     Script: string;
 };
 /**
+ * A structure that contains information about a dependency for a canary.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-synthetics-canary-dependency.html}
  */
 export type Dependency = {
     /**
-     * ARN of the Lambda layer
+     * The dependency reference. For Lambda layers, this is the ARN of the Lambda layer. For more information about Lambda ARN format, see [Lambda](https://docs.aws.amazon.com/lambda/latest/api/API_Layer.html) .
      * @minLength 1
      * @maxLength 140
      * @pattern arn:[a-zA-Z0-9-]+:lambda:[a-zA-Z0-9-]+:\d{12}:layer:[a-zA-Z0-9-_]+:[0-9]+
@@ -263,7 +264,7 @@ export type Dependency = {
      */
     Reference: string;
     /**
-     * Type of dependency
+     * The type of dependency. Valid value is `LambdaLayer` .
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-synthetics-canary-dependency.html#cfn-synthetics-canary-dependency-type}
      */
     Type?: "LambdaLayer" | undefined;

package/out/exports/resources.generated/aws-vpclattice-resourcegateway.d.ts

@@ -14,6 +14,11 @@ export type VpcLatticeResourceGatewayProps = {
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-vpclattice-resourcegateway.html#cfn-vpclattice-resourcegateway-ipaddresstype}
      */
     IpAddressType?: "IPV4" | "IPV6" | "DUALSTACK" | undefined;
+    /**
+     * The number of IPv4 addresses to allocate per ENI for the resource gateway
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-vpclattice-resourcegateway.html#cfn-vpclattice-resourcegateway-ipv4addressespereni}
+     */
+    Ipv4AddressesPerEni?: number | undefined;
     /**
      * The name of the resource gateway.
      * @minLength 3

package/out/exports/resources.generated/aws-workspacesweb-portal.d.ts

@@ -98,6 +98,7 @@ export type WorkSpacesWebPortalProps = {
      */
     NetworkSettingsArn?: string | undefined;
     /**
+     * The ARN of the session logger that is assocaited with the portal.
      * @minLength 20
      * @maxLength 2048
      * @pattern ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$

package/out/exports/resources.generated/aws-workspacesweb-sessionlogger.d.ts

@@ -1,19 +1,21 @@
 import type { ResourceDefinitionWithAttributes, Tag } from "../main.ts";
 /**
- * Definition of AWS::WorkSpacesWeb::SessionLogger Resource Type
+ * The session logger resource.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-sessionlogger.html}
  */
 export type WorkSpacesWebSessionLogger = ResourceDefinitionWithAttributes<"AWS::WorkSpacesWeb::SessionLogger", WorkSpacesWebSessionLoggerProps, WorkSpacesWebSessionLoggerAttribs>;
 /**
- * Definition of AWS::WorkSpacesWeb::SessionLogger Resource Type
+ * The session logger resource.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-sessionlogger.html}
  */
 export type WorkSpacesWebSessionLoggerProps = {
     /**
+     * The additional encryption context of the session logger.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-sessionlogger.html#cfn-workspacesweb-sessionlogger-additionalencryptioncontext}
      */
     AdditionalEncryptionContext?: Record<string, string> | undefined;
     /**
+     * The custom managed key of the session logger.
      * @minLength 20
      * @maxLength 2048
      * @pattern ^arn:[\w+=\/,.@-]+:kms:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:key\/[a-zA-Z0-9-]+$
@@ -21,6 +23,7 @@ export type WorkSpacesWebSessionLoggerProps = {
      */
     CustomerManagedKey?: string | undefined;
     /**
+     * The human-readable display name.
      * @minLength 1
      * @maxLength 64
      * @pattern ^[ _\-\d\w]+$
@@ -28,10 +31,12 @@ export type WorkSpacesWebSessionLoggerProps = {
      */
     DisplayName?: string | undefined;
     /**
+     * The filter that specifies which events to monitor.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-sessionlogger.html#cfn-workspacesweb-sessionlogger-eventfilter}
      */
     EventFilter: EventFilter;
     /**
+     * The configuration that specifies where logs are fowarded.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-sessionlogger.html#cfn-workspacesweb-sessionlogger-logconfiguration}
      */
     LogConfiguration: LogConfiguration;
@@ -45,15 +50,18 @@ export type WorkSpacesWebSessionLoggerProps = {
  */
 export type WorkSpacesWebSessionLoggerAttribs = {
     /**
+     * The associated portal ARN.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-sessionlogger.html#cfn-workspacesweb-sessionlogger-associatedportalarns}
      */
     AssociatedPortalArns: string[];
     /**
+     * The date the session logger resource was created.
      * @format date-time
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-workspacesweb-sessionlogger.html#cfn-workspacesweb-sessionlogger-creationdate}
      */
     CreationDate: string;
     /**
+     * The ARN of the session logger resource.
      * @minLength 20
      * @maxLength 2048
      * @pattern ^arn:[\w+=\/,.@-]+:[a-zA-Z0-9\-]+:[a-zA-Z0-9\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\/[a-fA-F0-9\-]{36})+$
@@ -66,6 +74,7 @@ export type WorkSpacesWebSessionLoggerAttribs = {
  */
 export type Event = "WebsiteInteract" | "FileDownloadFromSecureBrowserToRemoteDisk" | "FileTransferFromRemoteToLocalDisk" | "FileTransferFromLocalToRemoteDisk" | "FileUploadFromRemoteDiskToSecureBrowser" | "ContentPasteToWebsite" | "ContentTransferFromLocalToRemoteClipboard" | "ContentCopyFromWebsite" | "UrlLoad" | "TabOpen" | "TabClose" | "PrintJobSubmit" | "SessionConnect" | "SessionStart" | "SessionDisconnect" | "SessionEnd" | "UrlBlockByContentFilter";
 /**
+ * The filter that specifies the events to monitor.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-workspacesweb-sessionlogger-eventfilter.html}
  */
 export type EventFilter = {
@@ -78,10 +87,12 @@ export type EventFilter = {
  */
 export type FolderStructure = "Flat" | "NestedByDate";
 /**
+ * The configuration of the log.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-workspacesweb-sessionlogger-logconfiguration.html}
  */
 export type LogConfiguration = {
     /**
+     * The configuration for delivering the logs to S3.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-workspacesweb-sessionlogger-logconfiguration.html#cfn-workspacesweb-sessionlogger-logconfiguration-s3}
      */
     S3?: S3LogConfiguration | undefined;
@@ -91,10 +102,12 @@ export type LogConfiguration = {
  */
 export type LogFileFormat = "JSONLines" | "Json";
 /**
+ * The S3 log configuration.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-workspacesweb-sessionlogger-s3logconfiguration.html}
  */
 export type S3LogConfiguration = {
     /**
+     * The S3 bucket name where logs are delivered.
      * @minLength 1
      * @maxLength 256
      * @pattern ^[a-z0-9][\.\-a-z0-9]{1,61}[a-z0-9]$
@@ -102,15 +115,18 @@ export type S3LogConfiguration = {
      */
     Bucket: string;
     /**
+     * The expected bucket owner of the target S3 bucket. The caller must have permissions to write to the target bucket.
      * @pattern ^[0-9]{12}$
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-workspacesweb-sessionlogger-s3logconfiguration.html#cfn-workspacesweb-sessionlogger-s3logconfiguration-bucketowner}
      */
     BucketOwner?: string | undefined;
     /**
+     * The folder structure that defines the organizational structure for log files in S3.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-workspacesweb-sessionlogger-s3logconfiguration.html#cfn-workspacesweb-sessionlogger-s3logconfiguration-folderstructure}
      */
     FolderStructure: FolderStructure;
     /**
+     * The S3 path prefix that determines where log files are stored.
      * @minLength 1
      * @maxLength 256
      * @pattern ^[\d\w\-_/!().*']+$
@@ -118,6 +134,7 @@ export type S3LogConfiguration = {
      */
     KeyPrefix?: string | undefined;
     /**
+     * The format of the LogFile that is written to S3.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-workspacesweb-sessionlogger-s3logconfiguration.html#cfn-workspacesweb-sessionlogger-s3logconfiguration-logfileformat}
      */
     LogFileFormat: LogFileFormat;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@propulsionworks/cloudformation",
-  "version": "0.1.22",
+  "version": "0.1.23",
   "author": {
     "name": "Gordon Leigh"
   },