@propulsionworks/cloudformation 0.1.8 → 0.1.10

package/out/exports/resources.generated/aws-medialive-input.d.ts

@@ -51,6 +51,14 @@ export type MediaLiveInputProps = {
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-medialive-input.html#cfn-medialive-input-rolearn}
      */
     RoleArn?: string | undefined;
+    /**
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-medialive-input.html#cfn-medialive-input-sdisources}
+     */
+    SdiSources?: string[] | undefined;
+    /**
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-medialive-input.html#cfn-medialive-input-smpte2110receivergroupsettings}
+     */
+    Smpte2110ReceiverGroupSettings?: Smpte2110ReceiverGroupSettings | undefined;
     /**
      * Settings that apply only if the input is a pull type of input.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-medialive-input.html#cfn-medialive-input-sources}
@@ -142,6 +150,19 @@ export type InputRequestDestinationRoute = {
      */
     Gateway?: string | undefined;
 };
+/**
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-input-inputsdplocation.html}
+ */
+export type InputSdpLocation = {
+    /**
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-input-inputsdplocation.html#cfn-medialive-input-inputsdplocation-mediaindex}
+     */
+    MediaIndex?: number | undefined;
+    /**
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-input-inputsdplocation.html#cfn-medialive-input-inputsdplocation-sdpurl}
+     */
+    SdpUrl?: string | undefined;
+};
 /**
  * Settings that apply only if the input is a pull type of input.
  *
@@ -218,6 +239,41 @@ export type MulticastSourceCreateRequest = {
      */
     Url?: string | undefined;
 };
+/**
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-input-smpte2110receivergroup.html}
+ */
+export type Smpte2110ReceiverGroup = {
+    /**
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-input-smpte2110receivergroup.html#cfn-medialive-input-smpte2110receivergroup-sdpsettings}
+     */
+    SdpSettings?: Smpte2110ReceiverGroupSdpSettings | undefined;
+};
+/**
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-input-smpte2110receivergroupsdpsettings.html}
+ */
+export type Smpte2110ReceiverGroupSdpSettings = {
+    /**
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-input-smpte2110receivergroupsdpsettings.html#cfn-medialive-input-smpte2110receivergroupsdpsettings-ancillarysdps}
+     */
+    AncillarySdps?: InputSdpLocation[] | undefined;
+    /**
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-input-smpte2110receivergroupsdpsettings.html#cfn-medialive-input-smpte2110receivergroupsdpsettings-audiosdps}
+     */
+    AudioSdps?: InputSdpLocation[] | undefined;
+    /**
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-input-smpte2110receivergroupsdpsettings.html#cfn-medialive-input-smpte2110receivergroupsdpsettings-videosdp}
+     */
+    VideoSdp?: InputSdpLocation | undefined;
+};
+/**
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-input-smpte2110receivergroupsettings.html}
+ */
+export type Smpte2110ReceiverGroupSettings = {
+    /**
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-input-smpte2110receivergroupsettings.html#cfn-medialive-input-smpte2110receivergroupsettings-smpte2110receivergroups}
+     */
+    Smpte2110ReceiverGroups?: Smpte2110ReceiverGroup[] | undefined;
+};
 /**
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-medialive-input-srtcallerdecryptionrequest.html}
  */

package/out/exports/resources.generated/aws-msk-configuration.d.ts

@@ -49,7 +49,7 @@ export type MSKConfigurationProps = {
      */
     Name: string;
     /**
-     * Contents of the `server.properties` file. When using this property, you must ensure that the contents of the file are base64 encoded. When using the console, the SDK, or the AWS CLI , the contents of `server.properties` can be in plaintext.
+     * Contents of the `server.properties` file. When using the console, the SDK, or the AWS CLI , the contents of `server.properties` can be in plaintext.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-msk-configuration.html#cfn-msk-configuration-serverproperties}
      */
     ServerProperties: string;

package/out/exports/resources.generated/aws-networkfirewall-firewall.d.ts

@@ -56,7 +56,11 @@ export type NetworkFirewallFirewallProps = {
      */
     SubnetChangeProtection?: boolean | undefined;
     /**
-     * The public subnets that Network Firewall is using for the firewall. Each subnet must belong to a different Availability Zone.
+     * The primary public subnets that Network Firewall is using for the firewall. Network Firewall creates a firewall endpoint in each subnet. Create a subnet mapping for each Availability Zone where you want to use the firewall.
+     *
+     * These subnets are all defined for a single, primary VPC, and each must belong to a different Availability Zone. Each of these subnets establishes the availability of the firewall in its Availability Zone.
+     *
+     * In addition to these subnets, you can define other endpoints for the firewall in `VpcEndpointAssociation` resources. You can define these additional endpoints for any VPC, and for any of the Availability Zones where the firewall resource already has a subnet mapping. VPC endpoint associations give you the ability to protect multiple VPCs using a single firewall, and to define multiple firewall endpoints for a VPC in a single Availability Zone.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.html#cfn-networkfirewall-firewall-subnetmappings}
      */
     SubnetMappings: SubnetMapping[];

package/out/exports/resources.generated/aws-panorama-applicationinstance.d.ts

@@ -1,10 +1,16 @@
 import type { ResourceDefinitionWithAttributes, Tag } from "../main.ts";
 /**
+ * > End of support notice: On May 31, 2026, AWS will end support for AWS Panorama . After May 31, 2026,
+ * > you will no longer be able to access the AWS Panorama console or AWS Panorama resources. For more information, see [AWS Panorama end of support](https://docs.aws.amazon.com/panorama/latest/dev/panorama-end-of-support.html) .
+ *
  * Creates an application instance and deploys it to a device.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-panorama-applicationinstance.html}
  */
 export type PanoramaApplicationInstance = ResourceDefinitionWithAttributes<"AWS::Panorama::ApplicationInstance", PanoramaApplicationInstanceProps, PanoramaApplicationInstanceAttribs>;
 /**
+ * > End of support notice: On May 31, 2026, AWS will end support for AWS Panorama . After May 31, 2026,
+ * > you will no longer be able to access the AWS Panorama console or AWS Panorama resources. For more information, see [AWS Panorama end of support](https://docs.aws.amazon.com/panorama/latest/dev/panorama-end-of-support.html) .
+ *
  * Creates an application instance and deploys it to a device.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-panorama-applicationinstance.html}
  */

package/out/exports/resources.generated/aws-panorama-package.d.ts

@@ -1,10 +1,16 @@
 import type { ResourceDefinitionWithAttributes, Tag } from "../main.ts";
 /**
+ * > End of support notice: On May 31, 2026, AWS will end support for AWS Panorama . After May 31, 2026,
+ * > you will no longer be able to access the AWS Panorama console or AWS Panorama resources. For more information, see [AWS Panorama end of support](https://docs.aws.amazon.com/panorama/latest/dev/panorama-end-of-support.html) .
+ *
  * Creates a package and storage location in an Amazon S3 access point.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-panorama-package.html}
  */
 export type PanoramaPackage = ResourceDefinitionWithAttributes<"AWS::Panorama::Package", PanoramaPackageProps, PanoramaPackageAttribs>;
 /**
+ * > End of support notice: On May 31, 2026, AWS will end support for AWS Panorama . After May 31, 2026,
+ * > you will no longer be able to access the AWS Panorama console or AWS Panorama resources. For more information, see [AWS Panorama end of support](https://docs.aws.amazon.com/panorama/latest/dev/panorama-end-of-support.html) .
+ *
  * Creates a package and storage location in an Amazon S3 access point.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-panorama-package.html}
  */

package/out/exports/resources.generated/aws-panorama-packageversion.d.ts

@@ -1,10 +1,16 @@
 import type { ResourceDefinitionWithAttributes } from "../main.ts";
 /**
+ * > End of support notice: On May 31, 2026, AWS will end support for AWS Panorama . After May 31, 2026,
+ * > you will no longer be able to access the AWS Panorama console or AWS Panorama resources. For more information, see [AWS Panorama end of support](https://docs.aws.amazon.com/panorama/latest/dev/panorama-end-of-support.html) .
+ *
  * Registers a package version.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-panorama-packageversion.html}
  */
 export type PanoramaPackageVersion = ResourceDefinitionWithAttributes<"AWS::Panorama::PackageVersion", PanoramaPackageVersionProps, PanoramaPackageVersionAttribs>;
 /**
+ * > End of support notice: On May 31, 2026, AWS will end support for AWS Panorama . After May 31, 2026,
+ * > you will no longer be able to access the AWS Panorama console or AWS Panorama resources. For more information, see [AWS Panorama end of support](https://docs.aws.amazon.com/panorama/latest/dev/panorama-end-of-support.html) .
+ *
  * Registers a package version.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-panorama-packageversion.html}
  */

package/out/exports/resources.generated/aws-pcs-cluster.d.ts

@@ -92,12 +92,16 @@ export type PCSClusterAttribs = {
     Status: "CREATING" | "ACTIVE" | "UPDATING" | "DELETING" | "CREATE_FAILED" | "DELETE_FAILED" | "UPDATE_FAILED";
 };
 /**
- * The accounting configuration includes configurable settings for Slurm accounting.
+ * The accounting configuration includes configurable settings for Slurm accounting. It's a property of the `ClusterSlurmConfiguration` object.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-pcs-cluster-accounting.html}
  */
 export type Accounting = {
     /**
-     * The default value for all purge settings for `slurmdbd.conf`. For more information, see the [slurmdbd.conf documentation at SchedMD](https://slurm.schedmd.com/slurmdbd.conf.html). The default value is `-1`. A value of `-1` means there is no purge time and records persist as long as the cluster exists.
+     * The default value for all purge settings for `slurmdbd.conf` . For more information, see the [slurmdbd.conf documentation at SchedMD](https://docs.aws.amazon.com/https://slurm.schedmd.com/slurmdbd.conf.html) .
+     *
+     * The default value `-1` means there is no purge time and records persist as long as the cluster exists.
+     *
+     * > `0` isn't a valid value.
      * @min -1
      * @max 10000
      * @default -1
@@ -105,7 +109,7 @@ export type Accounting = {
      */
     DefaultPurgeTimeInDays?: number | undefined;
     /**
-     * The default value is `STANDARD`. A value of `STANDARD` means that Slurm accounting is enabled.
+     * The default value for `mode` is `STANDARD` . A value of `STANDARD` means Slurm accounting is enabled.
      * @default "NONE"
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-pcs-cluster-accounting.html#cfn-pcs-cluster-accounting-mode}
      */

package/out/exports/resources.generated/aws-rds-dbcluster.d.ts

@@ -323,8 +323,8 @@ export type RDSDBClusterProps = {
      *
      * You can use this setting to enroll your DB cluster into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your DB cluster past the end of standard support for that engine version. For more information, see the following sections:
      *
-     * - Amazon Aurora - [Using Amazon RDS Extended Support](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/extended-support.html) in the *Amazon Aurora User Guide*
-     * - Amazon RDS - [Using Amazon RDS Extended Support](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html) in the *Amazon RDS User Guide*
+     * - Amazon Aurora - [Amazon RDS Extended Support with Amazon Aurora](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/extended-support.html) in the *Amazon Aurora User Guide*
+     * - Amazon RDS - [Amazon RDS Extended Support with Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html) in the *Amazon RDS User Guide*
      *
      * Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters
      *

package/out/exports/resources.generated/aws-rds-dbinstance.d.ts

@@ -644,7 +644,7 @@ export type RDSDBInstanceProps = {
      *
      * This setting applies only to RDS for MySQL and RDS for PostgreSQL. For Amazon Aurora DB instances, the life cycle type is managed by the DB cluster.
      *
-     * You can use this setting to enroll your DB instance into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your DB instance past the end of standard support for that engine version. For more information, see [Using Amazon RDS Extended Support](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html) in the *Amazon RDS User Guide* .
+     * You can use this setting to enroll your DB instance into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your DB instance past the end of standard support for that engine version. For more information, see [Amazon RDS Extended Support with Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html) in the *Amazon RDS User Guide* .
      *
      * Valid Values: `open-source-rds-extended-support | open-source-rds-extended-support-disabled`
      *

package/out/exports/resources.generated/aws-rds-globalcluster.d.ts

@@ -44,7 +44,7 @@ export type RDSGlobalClusterProps = {
      *
      * This setting only applies to Aurora PostgreSQL-based global databases.
      *
-     * You can use this setting to enroll your global cluster into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your global cluster past the end of standard support for that engine version. For more information, see [Using Amazon RDS Extended Support](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/extended-support.html) in the *Amazon Aurora User Guide* .
+     * You can use this setting to enroll your global cluster into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your global cluster past the end of standard support for that engine version. For more information, see [Amazon RDS Extended Support with Amazon Aurora](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/extended-support.html) in the *Amazon Aurora User Guide* .
      *
      * Valid Values: `open-source-rds-extended-support | open-source-rds-extended-support-disabled`
      *
@@ -123,7 +123,7 @@ export type RDSGlobalClusterProps = {
      *
      * This setting only applies to Aurora PostgreSQL-based global databases.
      *
-     * You can use this setting to enroll your global cluster into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your global cluster past the end of standard support for that engine version. For more information, see [Using Amazon RDS Extended Support](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/extended-support.html) in the *Amazon Aurora User Guide* .
+     * You can use this setting to enroll your global cluster into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your global cluster past the end of standard support for that engine version. For more information, see [Amazon RDS Extended Support with Amazon Aurora](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/extended-support.html) in the *Amazon Aurora User Guide* .
      *
      * Valid Values: `open-source-rds-extended-support | open-source-rds-extended-support-disabled`
      *

package/out/exports/resources.generated/aws-route53resolver-resolverendpoint.d.ts

@@ -76,7 +76,7 @@ export type Route53ResolverResolverEndpointProps = {
      * The Resolver endpoint IP address type.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverendpoint.html#cfn-route53resolver-resolverendpoint-resolverendpointtype}
      */
-    ResolverEndpointType?: string | undefined;
+    ResolverEndpointType?: "IPV6" | "IPV4" | "DUALSTACK" | undefined;
     /**
      * The ID of one or more security groups that control access to this VPC. The security group must include one or more inbound rules (for inbound endpoints) or outbound rules (for outbound endpoints). Inbound and outbound rules must allow TCP and UDP access. For inbound access, open port 53. For outbound access, open the port that you're using for DNS queries on your network.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverendpoint.html#cfn-route53resolver-resolverendpoint-securitygroupids}

package/out/exports/resources.generated/aws-s3express-accesspoint.d.ts

@@ -0,0 +1,142 @@
+import type { ResourceDefinitionWithAttributes } from "../main.ts";
+/**
+ * Access points simplify managing data access at scale for shared datasets in Amazon S3 . Access points are unique hostnames you create to enforce distinct permissions and network controls for all requests made through an access point. You can create hundreds of access points per bucket, each with a distinct name and permissions customized for each application. Each access point works in conjunction with the bucket policy that is attached to the underlying bucket. For more information, see [Managing access to shared datasets in directory buckets with access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-directory-buckets.html) .
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3express-accesspoint.html}
+ */
+export type S3ExpressAccessPoint = ResourceDefinitionWithAttributes<"AWS::S3Express::AccessPoint", S3ExpressAccessPointProps, S3ExpressAccessPointAttribs>;
+/**
+ * Access points simplify managing data access at scale for shared datasets in Amazon S3 . Access points are unique hostnames you create to enforce distinct permissions and network controls for all requests made through an access point. You can create hundreds of access points per bucket, each with a distinct name and permissions customized for each application. Each access point works in conjunction with the bucket policy that is attached to the underlying bucket. For more information, see [Managing access to shared datasets in directory buckets with access points](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-directory-buckets.html) .
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3express-accesspoint.html}
+ */
+export type S3ExpressAccessPointProps = {
+    /**
+     * The name of the bucket that you want to associate the access point with.
+     * @minLength 3
+     * @maxLength 255
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3express-accesspoint.html#cfn-s3express-accesspoint-bucket}
+     */
+    Bucket: string;
+    /**
+     * The AWS account ID that owns the bucket associated with this access point.
+     * @maxLength 64
+     * @pattern ^\d{12}$
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3express-accesspoint.html#cfn-s3express-accesspoint-bucketaccountid}
+     */
+    BucketAccountId?: string | undefined;
+    /**
+     * An access point name consists of a base name you provide, followed by the zoneID ( AWS Local Zone) followed by the prefix `--xa-s3` . For example, accesspointname--zoneID--xa-s3.
+     * @minLength 3
+     * @maxLength 50
+     * @pattern ^[a-z0-9]([a-z0-9\-]*[a-z0-9])?$
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3express-accesspoint.html#cfn-s3express-accesspoint-name}
+     */
+    Name?: string | undefined;
+    /**
+     * The access point policy associated with the specified access point.
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3express-accesspoint.html#cfn-s3express-accesspoint-policy}
+     */
+    Policy?: Record<string, unknown> | undefined;
+    /**
+     * Public access is blocked by default to access points for directory buckets.
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3express-accesspoint.html#cfn-s3express-accesspoint-publicaccessblockconfiguration}
+     */
+    PublicAccessBlockConfiguration?: PublicAccessBlockConfiguration | undefined;
+    /**
+     * You can use the access point scope to restrict access to specific prefixes, API operations, or a combination of both.
+     *
+     * For more information, see [Manage the scope of your access points for directory buckets.](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-directory-buckets-manage-scope.html)
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3express-accesspoint.html#cfn-s3express-accesspoint-scope}
+     */
+    Scope?: Scope | undefined;
+    /**
+     * If you include this field, Amazon S3 restricts access to this access point to requests from the specified virtual private cloud (VPC).
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3express-accesspoint.html#cfn-s3express-accesspoint-vpcconfiguration}
+     */
+    VpcConfiguration?: VpcConfiguration | undefined;
+};
+/**
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3express-accesspoint.html#aws-resource-s3express-accesspoint-return-values}
+ */
+export type S3ExpressAccessPointAttribs = {
+    /**
+     * The ARN of the access point.
+     * @example "arn:aws:s3express:us-west-2:123456789012:accesspoint/my-accesspoint--usw2-az1--xa-s3"
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3express-accesspoint.html#cfn-s3express-accesspoint-arn}
+     */
+    Arn: string;
+    /**
+     * The network configuration of the access point.
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3express-accesspoint.html#cfn-s3express-accesspoint-networkorigin}
+     */
+    NetworkOrigin: "Internet" | "VPC";
+};
+/**
+ * Public access is blocked by default to access points for directory buckets.
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3express-accesspoint-publicaccessblockconfiguration.html}
+ */
+export type PublicAccessBlockConfiguration = {
+    /**
+     * Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:
+     *
+     * - PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.
+     * - PUT Object calls fail if the request includes a public ACL.
+     * - PUT Bucket calls fail if the request includes a public ACL.
+     *
+     * Enabling this setting doesn't affect existing policies or ACLs.
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3express-accesspoint-publicaccessblockconfiguration.html#cfn-s3express-accesspoint-publicaccessblockconfiguration-blockpublicacls}
+     */
+    BlockPublicAcls?: boolean | undefined;
+    /**
+     * Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.
+     *
+     * Enabling this setting doesn't affect existing bucket policies.
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3express-accesspoint-publicaccessblockconfiguration.html#cfn-s3express-accesspoint-publicaccessblockconfiguration-blockpublicpolicy}
+     */
+    BlockPublicPolicy?: boolean | undefined;
+    /**
+     * Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.
+     *
+     * Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3express-accesspoint-publicaccessblockconfiguration.html#cfn-s3express-accesspoint-publicaccessblockconfiguration-ignorepublicacls}
+     */
+    IgnorePublicAcls?: boolean | undefined;
+    /**
+     * Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.
+     *
+     * Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3express-accesspoint-publicaccessblockconfiguration.html#cfn-s3express-accesspoint-publicaccessblockconfiguration-restrictpublicbuckets}
+     */
+    RestrictPublicBuckets?: boolean | undefined;
+};
+/**
+ * You can use the access point scope to restrict access to specific prefixes, API operations, or a combination of both.
+ *
+ * For more information, see [Manage the scope of your access points for directory buckets.](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-directory-buckets-manage-scope.html)
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3express-accesspoint-scope.html}
+ */
+export type Scope = {
+    /**
+     * You can include one or more API operations as permissions.
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3express-accesspoint-scope.html#cfn-s3express-accesspoint-scope-permissions}
+     */
+    Permissions?: ("GetObject" | "GetObjectAttributes" | "ListMultipartUploadParts" | "ListBucket" | "ListBucketMultipartUploads" | "PutObject" | "DeleteObject" | "AbortMultipartUpload")[] | undefined;
+    /**
+     * You can specify any amount of prefixes, but the total length of characters of all prefixes must be less than 256 bytes in size.
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3express-accesspoint-scope.html#cfn-s3express-accesspoint-scope-prefixes}
+     */
+    Prefixes?: string[] | undefined;
+};
+/**
+ * The Virtual Private Cloud (VPC) configuration for a bucket access point.
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3express-accesspoint-vpcconfiguration.html}
+ */
+export type VpcConfiguration = {
+    /**
+     * If this field is specified, this access point will only allow connections from the specified VPC ID.
+     * @minLength 1
+     * @maxLength 1024
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3express-accesspoint-vpcconfiguration.html#cfn-s3express-accesspoint-vpcconfiguration-vpcid}
+     */
+    VpcId?: string | undefined;
+};
+//# sourceMappingURL=aws-s3express-accesspoint.d.ts.map

package/out/exports/resources.generated/aws-ses-mailmanagerruleset.d.ts

@@ -266,6 +266,10 @@ export type RuleAction = {
 } | {
     PublishToSns: SnsAction;
 };
+/**
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-mailmanagerruleset-ruleaddresslistemailattribute.html}
+ */
+export type RuleAddressListEmailAttribute = "RECIPIENT" | "MAIL_FROM" | "SENDER" | "FROM" | "TO" | "CC";
 /**
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-mailmanagerruleset-rulebooleanemailattribute.html}
  */
@@ -298,6 +302,8 @@ export type RuleBooleanToEvaluate = {
     Attribute: RuleBooleanEmailAttribute;
 } | {
     Analysis: Analysis;
+} | {
+    IsInAddressList: RuleIsInAddressList;
 };
 /**
  * The conditional expression used to evaluate an email for determining if a rule action should be taken.
@@ -378,6 +384,22 @@ export type RuleIpOperator = "CIDR_MATCHES" | "NOT_CIDR_MATCHES";
 export type RuleIpToEvaluate = {
     Attribute: RuleIpEmailAttribute;
 };
+/**
+ * The structure type for a boolean condition that provides the address lists and address list attribute to evaluate.
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-mailmanagerruleset-ruleisinaddresslist.html}
+ */
+export type RuleIsInAddressList = {
+    /**
+     * The address lists that will be used for evaluation.
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-mailmanagerruleset-ruleisinaddresslist.html#cfn-ses-mailmanagerruleset-ruleisinaddresslist-addresslists}
+     */
+    AddressLists: string[];
+    /**
+     * The email attribute that needs to be evaluated against the address list.
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-mailmanagerruleset-ruleisinaddresslist.html#cfn-ses-mailmanagerruleset-ruleisinaddresslist-attribute}
+     */
+    Attribute: RuleAddressListEmailAttribute;
+};
 /**
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-mailmanagerruleset-rulenumberemailattribute.html}
  */
@@ -566,22 +588,27 @@ export type SendAction = {
     RoleArn: string;
 };
 /**
+ * The action to publish the email content to an Amazon SNS topic. When executed, this action will send the email as a notification to the specified SNS topic.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-mailmanagerruleset-snsaction.html}
  */
 export type SnsAction = {
     /**
+     * A policy that states what to do in the case of failure. The action will fail if there are configuration errors. For example, specified SNS topic has been deleted or the role lacks necessary permissions to call the `sns:Publish` API.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-mailmanagerruleset-snsaction.html#cfn-ses-mailmanagerruleset-snsaction-actionfailurepolicy}
      */
     ActionFailurePolicy?: ActionFailurePolicy | undefined;
     /**
+     * The encoding to use for the email within the Amazon SNS notification. The default value is `UTF-8` . Use `BASE64` if you need to preserve all special characters, especially when the original message uses a different encoding format.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-mailmanagerruleset-snsaction.html#cfn-ses-mailmanagerruleset-snsaction-encoding}
      */
     Encoding?: SnsNotificationEncoding | undefined;
     /**
+     * The expected payload type within the Amazon SNS notification. `CONTENT` attempts to publish the full email content with 20KB of headers content. `HEADERS` extracts up to 100KB of header content to include in the notification, email content will not be included to the notification. The default value is `CONTENT` .
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-mailmanagerruleset-snsaction.html#cfn-ses-mailmanagerruleset-snsaction-payloadtype}
      */
     PayloadType?: SnsNotificationPayloadType | undefined;
     /**
+     * The Amazon Resource Name (ARN) of the IAM Role to use while writing to Amazon SNS. This role must have access to the `sns:Publish` API for the given topic.
      * @minLength 20
      * @maxLength 2048
      * @pattern ^[a-zA-Z0-9:_/+=,@.#-]+$
@@ -589,6 +616,7 @@ export type SnsAction = {
      */
     RoleArn: string;
     /**
+     * The Amazon Resource Name (ARN) of the Amazon SNS Topic to which notification for the email received will be published.
      * @minLength 20
      * @maxLength 2048
      * @pattern ^arn:(aws|aws-cn|aws-us-gov):sns:[a-z]{2}-[a-z]+-\d{1}:\d{12}:[\w\-]{1,256}$

package/out/exports/resources.generated/aws-ses-mailmanagertrafficpolicy.d.ts

@@ -62,6 +62,10 @@ export type SESMailManagerTrafficPolicyAttribs = {
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-mailmanagertrafficpolicy-acceptaction.html}
  */
 export type AcceptAction = "ALLOW" | "DENY";
+/**
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-mailmanagertrafficpolicy-ingressaddresslistemailattribute.html}
+ */
+export type IngressAddressListEmailAttribute = "RECIPIENT";
 /**
  * The Add On ARN and its returned value that is evaluated in a policy statement's conditional expression to either deny or block the incoming email.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-mailmanagertrafficpolicy-ingressanalysis.html}
@@ -108,6 +112,8 @@ export type IngressBooleanOperator = "IS_TRUE" | "IS_FALSE";
  */
 export type IngressBooleanToEvaluate = {
     Analysis: IngressAnalysis;
+} | {
+    IsInAddressList: IngressIsInAddressList;
 };
 /**
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-mailmanagertrafficpolicy-ingressipoperator.html}
@@ -172,6 +178,19 @@ export type IngressIpv6Expression = {
 export type IngressIpv6ToEvaluate = {
     Attribute: IngressIpv6Attribute;
 };
+/**
+ * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-mailmanagertrafficpolicy-ingressisinaddresslist.html}
+ */
+export type IngressIsInAddressList = {
+    /**
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-mailmanagertrafficpolicy-ingressisinaddresslist.html#cfn-ses-mailmanagertrafficpolicy-ingressisinaddresslist-addresslists}
+     */
+    AddressLists: string[];
+    /**
+     * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-mailmanagertrafficpolicy-ingressisinaddresslist.html#cfn-ses-mailmanagertrafficpolicy-ingressisinaddresslist-attribute}
+     */
+    Attribute: IngressAddressListEmailAttribute;
+};
 /**
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-mailmanagertrafficpolicy-ingressstringemailattribute.html}
  */

package/out/exports/resources.generated/aws-synthetics-canary.d.ts

@@ -43,7 +43,11 @@ export type SyntheticsCanaryProps = {
      */
     DeleteLambdaResourcesOnCanaryDeletion?: boolean | undefined;
     /**
-     * Setting to control if UpdateCanary will perform a DryRun and validate it is PASSING before performing the Update. Default is FALSE.
+     * Specifies whether to perform a dry run before updating the canary. If set to `true` , CloudFormation will execute a dry run to validate the changes before applying them to the canary. If the dry run succeeds, the canary will be updated with the changes. If the dry run fails, the CloudFormation deployment will fail with the dry run’s failure reason.
+     *
+     * If set to `false` or omitted, the canary will be updated directly without first performing a dry run. The default value is `false` .
+     *
+     * For more information, see [Performing safe canary updates](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/performing-safe-canary-upgrades.html) .
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-synthetics-canary.html#cfn-synthetics-canary-dryrunandupdate}
      */
     DryRunAndUpdate?: boolean | undefined;
@@ -195,12 +199,12 @@ export type Code = {
      */
     S3Bucket: string;
     /**
-     * The S3 key of your script. For more information, see [Working with Amazon S3 Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingObjects.html) .
+     * The Amazon S3 key of your script. For more information, see [Working with Amazon S3 Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingObjects.html) .
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-synthetics-canary-code.html#cfn-synthetics-canary-code-s3key}
      */
     S3Key: string;
     /**
-     * The S3 version ID of your script.
+     * The Amazon S3 version ID of your script.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-synthetics-canary-code.html#cfn-synthetics-canary-code-s3objectversion}
      */
     S3ObjectVersion?: string | undefined;
@@ -221,12 +225,12 @@ export type Code = {
      */
     S3Bucket?: string | undefined;
     /**
-     * The S3 key of your script. For more information, see [Working with Amazon S3 Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingObjects.html) .
+     * The Amazon S3 key of your script. For more information, see [Working with Amazon S3 Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingObjects.html) .
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-synthetics-canary-code.html#cfn-synthetics-canary-code-s3key}
      */
     S3Key?: string | undefined;
     /**
-     * The S3 version ID of your script.
+     * The Amazon S3 version ID of your script.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-synthetics-canary-code.html#cfn-synthetics-canary-code-s3objectversion}
      */
     S3ObjectVersion?: string | undefined;
@@ -242,11 +246,12 @@ export type Code = {
  */
 export type ResourceToTag = "lambda-function";
 /**
+ * The canary's retry configuration information.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-synthetics-canary-retryconfig.html}
  */
 export type RetryConfig = {
     /**
-     * maximum times the canary will be retried upon the scheduled run failure
+     * The maximum number of retries. The value must be less than or equal to two.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-synthetics-canary-retryconfig.html#cfn-synthetics-canary-retryconfig-maxretries}
      */
     MaxRetries: number;
@@ -327,7 +332,7 @@ export type Schedule = {
      */
     Expression: string;
     /**
-     * Provide canary auto retry configuration
+     * The canary's retry configuration information.
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-synthetics-canary-schedule.html#cfn-synthetics-canary-schedule-retryconfig}
      */
     RetryConfig?: RetryConfig | undefined;
@@ -338,7 +343,7 @@ export type Schedule = {
  */
 export type VPCConfig = {
     /**
-     * Allow outbound IPv6 traffic on VPC canaries that are connected to dual-stack subnets if set to true
+     * Set this to `true` to allow outbound IPv6 traffic on VPC canaries that are connected to dual-stack subnets. The default is `false` .
      * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-synthetics-canary-vpcconfig.html#cfn-synthetics-canary-vpcconfig-ipv6allowedfordualstack}
      */
     Ipv6AllowedForDualStack?: boolean | undefined;

package/out/exports/resources.generated/aws-voiceid-domain.d.ts

@@ -1,10 +1,14 @@
 import type { ResourceDefinitionWithAttributes, Tag } from "../main.ts";
 /**
+ * > End of support notice: On May 20, 2026, AWS will end support for Amazon Connect Voice ID. After May 20, 2026, you will no longer be able to access Voice ID on the Amazon Connect console, access Voice ID features on the Amazon Connect admin website or Contact Control Panel, or access Voice ID resources. For more information, visit [Amazon Connect Voice ID end of support](https://docs.aws.amazon.com/connect/latest/adminguide/amazonconnect-voiceid-end-of-support.html) .
+ *
  * Creates a domain that contains all Amazon Connect Voice ID data, such as speakers, fraudsters, customer audio, and voiceprints. Every domain is created with a default watchlist that fraudsters can be a part of.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-voiceid-domain.html}
  */
 export type VoiceIDDomain = ResourceDefinitionWithAttributes<"AWS::VoiceID::Domain", VoiceIDDomainProps, VoiceIDDomainAttribs>;
 /**
+ * > End of support notice: On May 20, 2026, AWS will end support for Amazon Connect Voice ID. After May 20, 2026, you will no longer be able to access Voice ID on the Amazon Connect console, access Voice ID features on the Amazon Connect admin website or Contact Control Panel, or access Voice ID resources. For more information, visit [Amazon Connect Voice ID end of support](https://docs.aws.amazon.com/connect/latest/adminguide/amazonconnect-voiceid-end-of-support.html) .
+ *
  * Creates a domain that contains all Amazon Connect Voice ID data, such as speakers, fraudsters, customer audio, and voiceprints. Every domain is created with a default watchlist that fraudsters can be a part of.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-voiceid-domain.html}
  */
@@ -50,6 +54,8 @@ export type VoiceIDDomainAttribs = {
     DomainId: string;
 };
 /**
+ * > End of support notice: On May 20, 2026, AWS will end support for Amazon Connect Voice ID. After May 20, 2026, you will no longer be able to access Voice ID on the Amazon Connect console, access Voice ID features on the Amazon Connect admin website or Contact Control Panel, or access Voice ID resources. For more information, visit [Amazon Connect Voice ID end of support](https://docs.aws.amazon.com/connect/latest/adminguide/amazonconnect-voiceid-end-of-support.html) .
+ *
  * The configuration containing information about the customer managed key used for encrypting customer data.
  * @see {@link https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-voiceid-domain-serversideencryptionconfiguration.html}
  */

package/out/lib/intrinsics.d.ts

@@ -407,7 +407,7 @@ export type FnSelect<Value> = {
     [IntrinsicValueType]?: Value;
     "Fn::Select": [
         index: number | Ref<number> | FnFindInMap<number>,
-        listOfObjects: Value[] | (Value extends string[] ? FnGetAZs | FnSplit : never) | FnFindInMap<Value[]> | FnGetAtt<Value[]> | Ref<Value[]>
+        listOfObjects: Value[] | (Value extends string ? FnGetAZs | FnSplit : never) | FnFindInMap<Value[]> | FnGetAtt<Value[]> | Ref<Value[]>
     ];
 };
 /**