@pulumi/aws-native 0.108.0 → 0.108.1

package/types/input.d.ts

@@ -19815,8 +19815,10 @@ export declare namespace ecr {
     interface RepositoryEncryptionConfigurationArgs {
         /**
          * The encryption type to use.
-         *  If you use the ``KMS`` encryption type, the contents of the repository will be encrypted using server-side encryption with KMSlong key stored in KMS. When you use KMS to encrypt your data, you can either use the default AWS managed KMS key for Amazon ECR, or specify your own KMS key, which you already created. For more information, see [Protecting data using server-side encryption with an key stored in (SSE-KMS)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide*.
-         *  If you use the ``AES256`` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES-256 encryption algorithm. For more information, see [Protecting data using server-side encryption with Amazon S3-managed encryption keys (SSE-S3)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) in the *Ama
+         *
+         * If you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created. For more information, see [Protecting data using server-side encryption with an AWS KMS key stored in AWS Key Management Service (SSE-KMS)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide* .
+         *
+         * If you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES-256 encryption algorithm. For more information, see [Protecting data using server-side encryption with Amazon S3-managed encryption keys (SSE-S3)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide* .
          */
         encryptionType: pulumi.Input<enums.ecr.RepositoryEncryptionType>;
         /**
@@ -21640,6 +21642,19 @@ export declare namespace eks {
          */
         type: pulumi.Input<enums.eks.AccessEntryAccessScopeType>;
     }
+    /**
+     * A pod identity to associate with an add-on.
+     */
+    interface AddonPodIdentityAssociationArgs {
+        /**
+         * The IAM role ARN that the pod identity association is created for.
+         */
+        roleArn: pulumi.Input<string>;
+        /**
+         * The Kubernetes service account that the pod identity association is created for.
+         */
+        serviceAccount: pulumi.Input<string>;
+    }
     /**
      * An object representing the Access Config to use for the cluster.
      */
@@ -39447,6 +39462,51 @@ export declare namespace mediapackage {
     }
 }
 export declare namespace mediapackagev2 {
+    /**
+     * <p>Retrieve the DASH manifest configuration.</p>
+     */
+    interface OriginEndpointDashManifestConfigurationArgs {
+        drmSignaling?: pulumi.Input<enums.mediapackagev2.OriginEndpointDashDrmSignaling>;
+        filterConfiguration?: pulumi.Input<inputs.mediapackagev2.OriginEndpointFilterConfigurationArgs>;
+        /**
+         * <p>A short string that's appended to the endpoint URL. The manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default manifest name, index. </p>
+         */
+        manifestName: pulumi.Input<string>;
+        /**
+         * <p>The total duration (in seconds) of the manifest's content.</p>
+         */
+        manifestWindowSeconds?: pulumi.Input<number>;
+        /**
+         * <p>Minimum amount of content (in seconds) that a player must keep available in the buffer.</p>
+         */
+        minBufferTimeSeconds?: pulumi.Input<number>;
+        /**
+         * <p>Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest.</p>
+         */
+        minUpdatePeriodSeconds?: pulumi.Input<number>;
+        /**
+         * <p>A list of triggers that controls when AWS Elemental MediaPackage separates the MPEG-DASH manifest into multiple periods. Leave this value empty to indicate that the manifest is contained all in one period.
+         *          For more information about periods in the DASH manifest, see <a href="https://docs.aws.amazon.com/mediapackage/latest/userguide/multi-period.html">Multi-period DASH in AWS Elemental MediaPackage</a>.</p>
+         */
+        periodTriggers?: pulumi.Input<pulumi.Input<enums.mediapackagev2.OriginEndpointDashPeriodTrigger>[]>;
+        scteDash?: pulumi.Input<inputs.mediapackagev2.OriginEndpointScteDashArgs>;
+        segmentTemplateFormat?: pulumi.Input<enums.mediapackagev2.OriginEndpointDashSegmentTemplateFormat>;
+        /**
+         * <p>The amount of time (in seconds) that the player should be from the end of the manifest.</p>
+         */
+        suggestedPresentationDelaySeconds?: pulumi.Input<number>;
+        utcTiming?: pulumi.Input<inputs.mediapackagev2.OriginEndpointDashUtcTimingArgs>;
+    }
+    /**
+     * <p>Determines the type of UTC timing included in the DASH Media Presentation Description (MPD).</p>
+     */
+    interface OriginEndpointDashUtcTimingArgs {
+        timingMode?: pulumi.Input<enums.mediapackagev2.OriginEndpointDashUtcTimingMode>;
+        /**
+         * <p>The the method that the player uses to synchronize to coordinated universal time (UTC) wall clock time.</p>
+         */
+        timingSource?: pulumi.Input<string>;
+    }
     /**
      * <p>The parameters for encrypting content.</p>
      */
@@ -39602,6 +39662,12 @@ export declare namespace mediapackagev2 {
          */
         scteFilter?: pulumi.Input<pulumi.Input<enums.mediapackagev2.OriginEndpointScteFilter>[]>;
     }
+    /**
+     * <p>The SCTE configuration.</p>
+     */
+    interface OriginEndpointScteDashArgs {
+        adMarkerDash?: pulumi.Input<enums.mediapackagev2.OriginEndpointAdMarkerDash>;
+    }
     /**
      * <p>The SCTE configuration.</p>
      */
@@ -70147,6 +70213,13 @@ export declare namespace robomaker {
     }
 }
 export declare namespace rolesanywhere {
+    interface ProfileAttributeMappingArgs {
+        certificateField: pulumi.Input<enums.rolesanywhere.ProfileCertificateField>;
+        mappingRules: pulumi.Input<pulumi.Input<inputs.rolesanywhere.ProfileMappingRuleArgs>[]>;
+    }
+    interface ProfileMappingRuleArgs {
+        specifier: pulumi.Input<string>;
+    }
     interface TrustAnchorNotificationSettingArgs {
         /**
          * The specified channel of notification. IAM Roles Anywhere uses CloudWatch metrics, EventBridge , and AWS Health Dashboard to notify for an event.
@@ -76878,6 +76951,105 @@ export declare namespace securityhub {
          */
         workflowStatus?: pulumi.Input<pulumi.Input<inputs.securityhub.AutomationRuleStringFilterArgs>[]>;
     }
+    /**
+     * An object that provides the current value of a security control parameter and identifies whether it has been customized.
+     */
+    interface ConfigurationPolicyParameterConfigurationArgs {
+        value?: pulumi.Input<inputs.securityhub.ConfigurationPolicyParameterValueArgs>;
+        /**
+         * Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.
+         */
+        valueType: pulumi.Input<enums.securityhub.ConfigurationPolicyParameterConfigurationValueType>;
+    }
+    /**
+     * An object that includes the data type of a security control parameter and its current value.
+     */
+    interface ConfigurationPolicyParameterValueArgs {
+        /**
+         * A control parameter that is a boolean.
+         */
+        boolean?: pulumi.Input<boolean>;
+        /**
+         * A control parameter that is a double.
+         */
+        double?: pulumi.Input<number>;
+        /**
+         * A control parameter that is an enum.
+         */
+        enum?: pulumi.Input<string>;
+        /**
+         * A control parameter that is a list of enums.
+         */
+        enumList?: pulumi.Input<pulumi.Input<string>[]>;
+        /**
+         * A control parameter that is an integer.
+         */
+        integer?: pulumi.Input<number>;
+        /**
+         * A control parameter that is a list of integers.
+         */
+        integerList?: pulumi.Input<pulumi.Input<number>[]>;
+        /**
+         * A control parameter that is a string.
+         */
+        string?: pulumi.Input<string>;
+        /**
+         * A control parameter that is a list of strings.
+         */
+        stringList?: pulumi.Input<pulumi.Input<string>[]>;
+    }
+    /**
+     * An object that defines how Security Hub is configured.
+     */
+    interface ConfigurationPolicyPolicyArgs {
+        securityHub?: pulumi.Input<inputs.securityhub.ConfigurationPolicySecurityHubPolicyArgs>;
+    }
+    /**
+     * An object of security control and control parameter value that are included in a configuration policy.
+     */
+    interface ConfigurationPolicySecurityControlCustomParameterArgs {
+        /**
+         * An object that specifies parameter values for a control in a configuration policy.
+         */
+        parameters?: pulumi.Input<{
+            [key: string]: pulumi.Input<inputs.securityhub.ConfigurationPolicyParameterConfigurationArgs>;
+        }>;
+        /**
+         * The ID of the security control.
+         */
+        securityControlId?: pulumi.Input<string>;
+    }
+    /**
+     * An object that defines which security controls are enabled in an AWS Security Hub configuration policy.
+     */
+    interface ConfigurationPolicySecurityControlsConfigurationArgs {
+        /**
+         * A list of security controls that are disabled in the configuration policy
+         */
+        disabledSecurityControlIdentifiers?: pulumi.Input<pulumi.Input<string>[]>;
+        /**
+         * A list of security controls that are enabled in the configuration policy.
+         */
+        enabledSecurityControlIdentifiers?: pulumi.Input<pulumi.Input<string>[]>;
+        /**
+         * A list of security controls and control parameter values that are included in a configuration policy.
+         */
+        securityControlCustomParameters?: pulumi.Input<pulumi.Input<inputs.securityhub.ConfigurationPolicySecurityControlCustomParameterArgs>[]>;
+    }
+    /**
+     * An object that defines how AWS Security Hub is configured.
+     */
+    interface ConfigurationPolicySecurityHubPolicyArgs {
+        /**
+         * A list that defines which security standards are enabled in the configuration policy.
+         */
+        enabledStandardIdentifiers?: pulumi.Input<pulumi.Input<string>[]>;
+        securityControlsConfiguration?: pulumi.Input<inputs.securityhub.ConfigurationPolicySecurityControlsConfigurationArgs>;
+        /**
+         * Indicates whether Security Hub is enabled in the policy.
+         */
+        serviceEnabled?: pulumi.Input<boolean>;
+    }
     /**
      * A collection of filters that are applied to all active findings aggregated by AWS Security Hub.
      */

package/types/output.d.ts

@@ -20475,8 +20475,10 @@ export declare namespace ecr {
     interface RepositoryEncryptionConfiguration {
         /**
          * The encryption type to use.
-         *  If you use the ``KMS`` encryption type, the contents of the repository will be encrypted using server-side encryption with KMSlong key stored in KMS. When you use KMS to encrypt your data, you can either use the default AWS managed KMS key for Amazon ECR, or specify your own KMS key, which you already created. For more information, see [Protecting data using server-side encryption with an key stored in (SSE-KMS)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide*.
-         *  If you use the ``AES256`` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES-256 encryption algorithm. For more information, see [Protecting data using server-side encryption with Amazon S3-managed encryption keys (SSE-S3)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) in the *Ama
+         *
+         * If you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created. For more information, see [Protecting data using server-side encryption with an AWS KMS key stored in AWS Key Management Service (SSE-KMS)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide* .
+         *
+         * If you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES-256 encryption algorithm. For more information, see [Protecting data using server-side encryption with Amazon S3-managed encryption keys (SSE-S3)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide* .
          */
         encryptionType: enums.ecr.RepositoryEncryptionType;
         /**
@@ -22300,6 +22302,19 @@ export declare namespace eks {
          */
         type: enums.eks.AccessEntryAccessScopeType;
     }
+    /**
+     * A pod identity to associate with an add-on.
+     */
+    interface AddonPodIdentityAssociation {
+        /**
+         * The IAM role ARN that the pod identity association is created for.
+         */
+        roleArn: string;
+        /**
+         * The Kubernetes service account that the pod identity association is created for.
+         */
+        serviceAccount: string;
+    }
     /**
      * An object representing the Access Config to use for the cluster.
      */
@@ -40208,6 +40223,51 @@ export declare namespace mediapackagev2 {
          */
         url?: string;
     }
+    /**
+     * <p>Retrieve the DASH manifest configuration.</p>
+     */
+    interface OriginEndpointDashManifestConfiguration {
+        drmSignaling?: enums.mediapackagev2.OriginEndpointDashDrmSignaling;
+        filterConfiguration?: outputs.mediapackagev2.OriginEndpointFilterConfiguration;
+        /**
+         * <p>A short string that's appended to the endpoint URL. The manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default manifest name, index. </p>
+         */
+        manifestName: string;
+        /**
+         * <p>The total duration (in seconds) of the manifest's content.</p>
+         */
+        manifestWindowSeconds?: number;
+        /**
+         * <p>Minimum amount of content (in seconds) that a player must keep available in the buffer.</p>
+         */
+        minBufferTimeSeconds?: number;
+        /**
+         * <p>Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest.</p>
+         */
+        minUpdatePeriodSeconds?: number;
+        /**
+         * <p>A list of triggers that controls when AWS Elemental MediaPackage separates the MPEG-DASH manifest into multiple periods. Leave this value empty to indicate that the manifest is contained all in one period.
+         *          For more information about periods in the DASH manifest, see <a href="https://docs.aws.amazon.com/mediapackage/latest/userguide/multi-period.html">Multi-period DASH in AWS Elemental MediaPackage</a>.</p>
+         */
+        periodTriggers?: enums.mediapackagev2.OriginEndpointDashPeriodTrigger[];
+        scteDash?: outputs.mediapackagev2.OriginEndpointScteDash;
+        segmentTemplateFormat?: enums.mediapackagev2.OriginEndpointDashSegmentTemplateFormat;
+        /**
+         * <p>The amount of time (in seconds) that the player should be from the end of the manifest.</p>
+         */
+        suggestedPresentationDelaySeconds?: number;
+        utcTiming?: outputs.mediapackagev2.OriginEndpointDashUtcTiming;
+    }
+    /**
+     * <p>Determines the type of UTC timing included in the DASH Media Presentation Description (MPD).</p>
+     */
+    interface OriginEndpointDashUtcTiming {
+        timingMode?: enums.mediapackagev2.OriginEndpointDashUtcTimingMode;
+        /**
+         * <p>The the method that the player uses to synchronize to coordinated universal time (UTC) wall clock time.</p>
+         */
+        timingSource?: string;
+    }
     /**
      * <p>The parameters for encrypting content.</p>
      */
@@ -40363,6 +40423,12 @@ export declare namespace mediapackagev2 {
          */
         scteFilter?: enums.mediapackagev2.OriginEndpointScteFilter[];
     }
+    /**
+     * <p>The SCTE configuration.</p>
+     */
+    interface OriginEndpointScteDash {
+        adMarkerDash?: enums.mediapackagev2.OriginEndpointAdMarkerDash;
+    }
     /**
      * <p>The SCTE configuration.</p>
      */
@@ -71555,6 +71621,13 @@ export declare namespace robomaker {
     }
 }
 export declare namespace rolesanywhere {
+    interface ProfileAttributeMapping {
+        certificateField: enums.rolesanywhere.ProfileCertificateField;
+        mappingRules: outputs.rolesanywhere.ProfileMappingRule[];
+    }
+    interface ProfileMappingRule {
+        specifier: string;
+    }
     interface TrustAnchorNotificationSetting {
         /**
          * The specified channel of notification. IAM Roles Anywhere uses CloudWatch metrics, EventBridge , and AWS Health Dashboard to notify for an event.
@@ -78373,6 +78446,105 @@ export declare namespace securityhub {
          */
         workflowStatus?: outputs.securityhub.AutomationRuleStringFilter[];
     }
+    /**
+     * An object that provides the current value of a security control parameter and identifies whether it has been customized.
+     */
+    interface ConfigurationPolicyParameterConfiguration {
+        value?: outputs.securityhub.ConfigurationPolicyParameterValue;
+        /**
+         * Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.
+         */
+        valueType: enums.securityhub.ConfigurationPolicyParameterConfigurationValueType;
+    }
+    /**
+     * An object that includes the data type of a security control parameter and its current value.
+     */
+    interface ConfigurationPolicyParameterValue {
+        /**
+         * A control parameter that is a boolean.
+         */
+        boolean?: boolean;
+        /**
+         * A control parameter that is a double.
+         */
+        double?: number;
+        /**
+         * A control parameter that is an enum.
+         */
+        enum?: string;
+        /**
+         * A control parameter that is a list of enums.
+         */
+        enumList?: string[];
+        /**
+         * A control parameter that is an integer.
+         */
+        integer?: number;
+        /**
+         * A control parameter that is a list of integers.
+         */
+        integerList?: number[];
+        /**
+         * A control parameter that is a string.
+         */
+        string?: string;
+        /**
+         * A control parameter that is a list of strings.
+         */
+        stringList?: string[];
+    }
+    /**
+     * An object that defines how Security Hub is configured.
+     */
+    interface ConfigurationPolicyPolicy {
+        securityHub?: outputs.securityhub.ConfigurationPolicySecurityHubPolicy;
+    }
+    /**
+     * An object of security control and control parameter value that are included in a configuration policy.
+     */
+    interface ConfigurationPolicySecurityControlCustomParameter {
+        /**
+         * An object that specifies parameter values for a control in a configuration policy.
+         */
+        parameters?: {
+            [key: string]: outputs.securityhub.ConfigurationPolicyParameterConfiguration;
+        };
+        /**
+         * The ID of the security control.
+         */
+        securityControlId?: string;
+    }
+    /**
+     * An object that defines which security controls are enabled in an AWS Security Hub configuration policy.
+     */
+    interface ConfigurationPolicySecurityControlsConfiguration {
+        /**
+         * A list of security controls that are disabled in the configuration policy
+         */
+        disabledSecurityControlIdentifiers?: string[];
+        /**
+         * A list of security controls that are enabled in the configuration policy.
+         */
+        enabledSecurityControlIdentifiers?: string[];
+        /**
+         * A list of security controls and control parameter values that are included in a configuration policy.
+         */
+        securityControlCustomParameters?: outputs.securityhub.ConfigurationPolicySecurityControlCustomParameter[];
+    }
+    /**
+     * An object that defines how AWS Security Hub is configured.
+     */
+    interface ConfigurationPolicySecurityHubPolicy {
+        /**
+         * A list that defines which security standards are enabled in the configuration policy.
+         */
+        enabledStandardIdentifiers?: string[];
+        securityControlsConfiguration?: outputs.securityhub.ConfigurationPolicySecurityControlsConfiguration;
+        /**
+         * Indicates whether Security Hub is enabled in the policy.
+         */
+        serviceEnabled?: boolean;
+    }
     /**
      * A collection of filters that are applied to all active findings aggregated by AWS Security Hub.
      */