@pulumi/aws 4.28.0-alpha.1637005539 → 4.29.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (94) hide show
  1. package/alb/targetGroupAttachment.d.ts +3 -3
  2. package/applicationloadbalancing/targetGroupAttachment.d.ts +3 -3
  3. package/appstream/directoryConfig.d.ts +108 -0
  4. package/appstream/directoryConfig.js +93 -0
  5. package/appstream/directoryConfig.js.map +1 -0
  6. package/appstream/index.d.ts +1 -0
  7. package/appstream/index.js +5 -0
  8. package/appstream/index.js.map +1 -1
  9. package/autoscaling/group.d.ts +3 -3
  10. package/cloudfront/responseHeadersPolicy.d.ts +28 -4
  11. package/cloudfront/responseHeadersPolicy.js +25 -1
  12. package/cloudfront/responseHeadersPolicy.js.map +1 -1
  13. package/ec2/getInstanceType.d.ts +4 -0
  14. package/ec2/getInstanceType.js.map +1 -1
  15. package/elasticloadbalancingv2/targetGroupAttachment.d.ts +3 -3
  16. package/emr/cluster.d.ts +12 -0
  17. package/emr/cluster.js +2 -0
  18. package/emr/cluster.js.map +1 -1
  19. package/emr/getReleaseLabels.d.ts +53 -0
  20. package/emr/getReleaseLabels.js +42 -0
  21. package/emr/getReleaseLabels.js.map +1 -0
  22. package/emr/index.d.ts +1 -0
  23. package/emr/index.js +1 -0
  24. package/emr/index.js.map +1 -1
  25. package/iot/index.d.ts +2 -0
  26. package/iot/index.js +10 -0
  27. package/iot/index.js.map +1 -1
  28. package/iot/thingGroup.d.ts +153 -0
  29. package/iot/thingGroup.js +100 -0
  30. package/iot/thingGroup.js.map +1 -0
  31. package/iot/thingGroupMembership.d.ts +96 -0
  32. package/iot/thingGroupMembership.js +85 -0
  33. package/iot/thingGroupMembership.js.map +1 -0
  34. package/iot/thingType.d.ts +36 -0
  35. package/iot/thingType.js +4 -0
  36. package/iot/thingType.js.map +1 -1
  37. package/lambda/index.d.ts +1 -0
  38. package/lambda/index.js +5 -0
  39. package/lambda/index.js.map +1 -1
  40. package/lambda/layerVersion.d.ts +41 -83
  41. package/lambda/layerVersion.js +2 -45
  42. package/lambda/layerVersion.js.map +1 -1
  43. package/lambda/layerVersionPermission.d.ts +154 -0
  44. package/lambda/layerVersionPermission.js +110 -0
  45. package/lambda/layerVersionPermission.js.map +1 -0
  46. package/lb/targetGroupAttachment.d.ts +3 -3
  47. package/package.json +2 -2
  48. package/package.json.dev +1 -1
  49. package/quicksight/user.d.ts +1 -1
  50. package/quicksight/user.js +1 -1
  51. package/s3/accessPoint.d.ts +20 -28
  52. package/s3/accessPoint.js +4 -28
  53. package/s3/accessPoint.js.map +1 -1
  54. package/s3/bucket.d.ts +2 -0
  55. package/s3/bucket.js +2 -0
  56. package/s3/bucket.js.map +1 -1
  57. package/s3/bucketReplicationConfig.d.ts +190 -0
  58. package/s3/bucketReplicationConfig.js +181 -0
  59. package/s3/bucketReplicationConfig.js.map +1 -0
  60. package/s3/index.d.ts +1 -0
  61. package/s3/index.js +5 -0
  62. package/s3/index.js.map +1 -1
  63. package/s3control/accessPointPolicy.d.ts +77 -0
  64. package/s3control/accessPointPolicy.js +70 -0
  65. package/s3control/accessPointPolicy.js.map +1 -0
  66. package/s3control/index.d.ts +5 -0
  67. package/s3control/index.js +25 -0
  68. package/s3control/index.js.map +1 -1
  69. package/s3control/multiRegionAccessPoint.d.ts +123 -0
  70. package/s3control/multiRegionAccessPoint.js +103 -0
  71. package/s3control/multiRegionAccessPoint.js.map +1 -0
  72. package/s3control/multiRegionAccessPointPolicy.d.ts +115 -0
  73. package/s3control/multiRegionAccessPointPolicy.js +107 -0
  74. package/s3control/multiRegionAccessPointPolicy.js.map +1 -0
  75. package/s3control/objectLambdaAccessPoint.d.ts +105 -0
  76. package/s3control/objectLambdaAccessPoint.js +93 -0
  77. package/s3control/objectLambdaAccessPoint.js.map +1 -0
  78. package/s3control/objectLambdaAccessPointPolicy.d.ts +114 -0
  79. package/s3control/objectLambdaAccessPointPolicy.js +103 -0
  80. package/s3control/objectLambdaAccessPointPolicy.js.map +1 -0
  81. package/sagemaker/endpoint.d.ts +19 -6
  82. package/sagemaker/endpoint.js +2 -0
  83. package/sagemaker/endpoint.js.map +1 -1
  84. package/securityhub/findingAggregator.d.ts +124 -0
  85. package/securityhub/findingAggregator.js +120 -0
  86. package/securityhub/findingAggregator.js.map +1 -0
  87. package/securityhub/index.d.ts +1 -0
  88. package/securityhub/index.js +5 -0
  89. package/securityhub/index.js.map +1 -1
  90. package/types/enums/iam/index.d.ts +1 -0
  91. package/types/enums/iam/index.js +1 -0
  92. package/types/enums/iam/index.js.map +1 -1
  93. package/types/input.d.ts +463 -29
  94. package/types/output.d.ts +455 -28
package/types/input.d.ts CHANGED
@@ -4170,6 +4170,16 @@ export declare namespace apprunner {
4170
4170
  }
4171
4171
  }
4172
4172
  export declare namespace appstream {
4173
+ interface DirectoryConfigServiceAccountCredentials {
4174
+ /**
4175
+ * User name of the account. This account must have the following privileges: create computer objects, join computers to the domain, and change/reset the password on descendant computer objects for the organizational units specified.
4176
+ */
4177
+ accountName: pulumi.Input<string>;
4178
+ /**
4179
+ * Password for the account.
4180
+ */
4181
+ accountPassword: pulumi.Input<string>;
4182
+ }
4173
4183
  interface FleetComputeCapacity {
4174
4184
  /**
4175
4185
  * Number of currently available instances that can be used to stream sessions.
@@ -6401,27 +6411,27 @@ export declare namespace cloudfront {
6401
6411
  }
6402
6412
  interface ResponseHeadersPolicyCorsConfig {
6403
6413
  /**
6404
- * A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
6414
+ * A Boolean value that CloudFront uses as the value for the `Access-Control-Allow-Credentials` HTTP response header.
6405
6415
  */
6406
6416
  accessControlAllowCredentials: pulumi.Input<boolean>;
6407
6417
  /**
6408
- * Object that contains an attribute `items` that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
6418
+ * Object that contains an attribute `items` that contains a list of HTTP header names that CloudFront includes as values for the `Access-Control-Allow-Headers` HTTP response header.
6409
6419
  */
6410
6420
  accessControlAllowHeaders: pulumi.Input<inputs.cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders>;
6411
6421
  /**
6412
- * Object that contains an attribute `items` that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: `GET` | `POST` | `OPTIONS` | `PUT` | `DELETE` | `HEAD` | `ALL`
6422
+ * Object that contains an attribute `items` that contains a list of HTTP methods that CloudFront includes as values for the `Access-Control-Allow-Methods` HTTP response header. Valid values: `GET` | `POST` | `OPTIONS` | `PUT` | `DELETE` | `HEAD` | `ALL`
6413
6423
  */
6414
6424
  accessControlAllowMethods: pulumi.Input<inputs.cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowMethods>;
6415
6425
  /**
6416
- * Object that contains an attribute `items` that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
6426
+ * Object that contains an attribute `items` that contains a list of origins that CloudFront can use as the value for the `Access-Control-Allow-Origin` HTTP response header.
6417
6427
  */
6418
6428
  accessControlAllowOrigins: pulumi.Input<inputs.cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins>;
6419
6429
  /**
6420
- * Object that contains an attribute `items` that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
6430
+ * Object that contains an attribute `items` that contains a list of HTTP headers that CloudFront includes as values for the `Access-Control-Expose-Headers` HTTP response header.
6421
6431
  */
6422
6432
  accessControlExposeHeaders?: pulumi.Input<inputs.cloudfront.ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders>;
6423
6433
  /**
6424
- * A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
6434
+ * A number that CloudFront uses as the value for the `max-age` directive in the `Strict-Transport-Security` HTTP response header.
6425
6435
  */
6426
6436
  accessControlMaxAgeSec?: pulumi.Input<number>;
6427
6437
  originOverride: pulumi.Input<boolean>;
@@ -6447,7 +6457,7 @@ export declare namespace cloudfront {
6447
6457
  */
6448
6458
  header: pulumi.Input<string>;
6449
6459
  /**
6450
- * A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
6460
+ * A Boolean value that determines whether CloudFront overrides the `X-XSS-Protection` HTTP response header received from the origin with the one specified in this response headers policy.
6451
6461
  */
6452
6462
  override: pulumi.Input<boolean>;
6453
6463
  /**
@@ -6457,96 +6467,99 @@ export declare namespace cloudfront {
6457
6467
  }
6458
6468
  interface ResponseHeadersPolicySecurityHeadersConfig {
6459
6469
  /**
6460
- * TThe policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
6470
+ * The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.
6461
6471
  */
6462
6472
  contentSecurityPolicy?: pulumi.Input<inputs.cloudfront.ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy>;
6463
6473
  /**
6464
- * TA setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
6474
+ * Determines whether CloudFront includes the `X-Content-Type-Options` HTTP response header with its value set to `nosniff`. See Content Type Options for more information.
6465
6475
  */
6466
6476
  contentTypeOptions?: pulumi.Input<inputs.cloudfront.ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions>;
6467
6477
  /**
6468
- * TA setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
6478
+ * Determines whether CloudFront includes the `X-Frame-Options` HTTP response header and the header’s value. See Frame Options for more information.
6469
6479
  */
6470
6480
  frameOptions?: pulumi.Input<inputs.cloudfront.ResponseHeadersPolicySecurityHeadersConfigFrameOptions>;
6471
6481
  /**
6472
- * The value of the Referrer-Policy HTTP response header. Valid Values: `no-referrer` | `no-referrer-when-downgrade` | `origin` | `origin-when-cross-origin` | `same-origin` | `strict-origin` | `strict-origin-when-cross-origin` | `unsafe-url`
6482
+ * The value of the `Referrer-Policy` HTTP response header. Valid Values: `no-referrer` | `no-referrer-when-downgrade` | `origin` | `origin-when-cross-origin` | `same-origin` | `strict-origin` | `strict-origin-when-cross-origin` | `unsafe-url`
6473
6483
  */
6474
6484
  referrerPolicy?: pulumi.Input<inputs.cloudfront.ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy>;
6485
+ /**
6486
+ * Determines whether CloudFront includes the `Strict-Transport-Security` HTTP response header and the header’s value. See Strict Transport Security for more information.
6487
+ */
6475
6488
  strictTransportSecurity?: pulumi.Input<inputs.cloudfront.ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity>;
6476
6489
  /**
6477
- * TSettings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.
6490
+ * Determine whether CloudFront includes the `X-XSS-Protection` HTTP response header and the header’s value. See XSS Protection for more information.
6478
6491
  */
6479
6492
  xssProtection?: pulumi.Input<inputs.cloudfront.ResponseHeadersPolicySecurityHeadersConfigXssProtection>;
6480
6493
  }
6481
6494
  interface ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy {
6482
6495
  /**
6483
- * TThe policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
6496
+ * The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.
6484
6497
  */
6485
6498
  contentSecurityPolicy: pulumi.Input<string>;
6486
6499
  /**
6487
- * A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
6500
+ * A Boolean value that determines whether CloudFront overrides the `X-XSS-Protection` HTTP response header received from the origin with the one specified in this response headers policy.
6488
6501
  */
6489
6502
  override: pulumi.Input<boolean>;
6490
6503
  }
6491
6504
  interface ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions {
6492
6505
  /**
6493
- * A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
6506
+ * A Boolean value that determines whether CloudFront overrides the `X-XSS-Protection` HTTP response header received from the origin with the one specified in this response headers policy.
6494
6507
  */
6495
6508
  override: pulumi.Input<boolean>;
6496
6509
  }
6497
6510
  interface ResponseHeadersPolicySecurityHeadersConfigFrameOptions {
6498
6511
  /**
6499
- * The value of the X-Frame-Options HTTP response header. Valid values: `DENY` | `SAMEORIGIN`
6512
+ * The value of the `X-Frame-Options` HTTP response header. Valid values: `DENY` | `SAMEORIGIN`
6500
6513
  */
6501
6514
  frameOption: pulumi.Input<string>;
6502
6515
  /**
6503
- * A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
6516
+ * A Boolean value that determines whether CloudFront overrides the `X-XSS-Protection` HTTP response header received from the origin with the one specified in this response headers policy.
6504
6517
  */
6505
6518
  override: pulumi.Input<boolean>;
6506
6519
  }
6507
6520
  interface ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy {
6508
6521
  /**
6509
- * A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
6522
+ * A Boolean value that determines whether CloudFront overrides the `X-XSS-Protection` HTTP response header received from the origin with the one specified in this response headers policy.
6510
6523
  */
6511
6524
  override: pulumi.Input<boolean>;
6512
6525
  /**
6513
- * The value of the Referrer-Policy HTTP response header. Valid Values: `no-referrer` | `no-referrer-when-downgrade` | `origin` | `origin-when-cross-origin` | `same-origin` | `strict-origin` | `strict-origin-when-cross-origin` | `unsafe-url`
6526
+ * The value of the `Referrer-Policy` HTTP response header. Valid Values: `no-referrer` | `no-referrer-when-downgrade` | `origin` | `origin-when-cross-origin` | `same-origin` | `strict-origin` | `strict-origin-when-cross-origin` | `unsafe-url`
6514
6527
  */
6515
6528
  referrerPolicy: pulumi.Input<string>;
6516
6529
  }
6517
6530
  interface ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity {
6518
6531
  /**
6519
- * A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
6532
+ * A number that CloudFront uses as the value for the `max-age` directive in the `Strict-Transport-Security` HTTP response header.
6520
6533
  */
6521
6534
  accessControlMaxAgeSec: pulumi.Input<number>;
6522
6535
  /**
6523
- * A Boolean value that determines whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
6536
+ * A Boolean value that determines whether CloudFront includes the `includeSubDomains` directive in the `Strict-Transport-Security` HTTP response header.
6524
6537
  */
6525
6538
  includeSubdomains?: pulumi.Input<boolean>;
6526
6539
  /**
6527
- * A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
6540
+ * A Boolean value that determines whether CloudFront overrides the `X-XSS-Protection` HTTP response header received from the origin with the one specified in this response headers policy.
6528
6541
  */
6529
6542
  override: pulumi.Input<boolean>;
6530
6543
  /**
6531
- * A Boolean value that determines whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
6544
+ * A Boolean value that determines whether CloudFront includes the `preload` directive in the `Strict-Transport-Security` HTTP response header.
6532
6545
  */
6533
6546
  preload?: pulumi.Input<boolean>;
6534
6547
  }
6535
6548
  interface ResponseHeadersPolicySecurityHeadersConfigXssProtection {
6536
6549
  /**
6537
- * A Boolean value that determines whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
6550
+ * A Boolean value that determines whether CloudFront includes the `mode=block` directive in the `X-XSS-Protection` header.
6538
6551
  */
6539
6552
  modeBlock?: pulumi.Input<boolean>;
6540
6553
  /**
6541
- * A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
6554
+ * A Boolean value that determines whether CloudFront overrides the `X-XSS-Protection` HTTP response header received from the origin with the one specified in this response headers policy.
6542
6555
  */
6543
6556
  override: pulumi.Input<boolean>;
6544
6557
  /**
6545
- * A Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
6558
+ * A Boolean value that determines the value of the `X-XSS-Protection` HTTP response header. When this setting is `true`, the value of the `X-XSS-Protection` header is `1`. When this setting is `false`, the value of the `X-XSS-Protection` header is `0`.
6546
6559
  */
6547
6560
  protection: pulumi.Input<boolean>;
6548
6561
  /**
6549
- * A Boolean value that determines whether CloudFront sets a reporting URI in the X-XSS-Protection header.
6562
+ * A reporting URI, which CloudFront uses as the value of the report directive in the `X-XSS-Protection` header. You cannot specify a `reportUri` when `modeBlock` is `true`.
6550
6563
  */
6551
6564
  reportUri?: pulumi.Input<string>;
6552
6565
  }
@@ -11797,7 +11810,7 @@ export declare namespace ec2transitgateway {
11797
11810
  }
11798
11811
  interface GetTransitGatewayFilter {
11799
11812
  /**
11800
- * Name of the filter.
11813
+ * The name of the field to filter by, as defined by the [underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGateways.html).
11801
11814
  */
11802
11815
  name: string;
11803
11816
  /**
@@ -11807,7 +11820,7 @@ export declare namespace ec2transitgateway {
11807
11820
  }
11808
11821
  interface GetTransitGatewayFilterArgs {
11809
11822
  /**
11810
- * Name of the filter.
11823
+ * The name of the field to filter by, as defined by the [underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGateways.html).
11811
11824
  */
11812
11825
  name: pulumi.Input<string>;
11813
11826
  /**
@@ -13791,6 +13804,12 @@ export declare namespace elb {
13791
13804
  }
13792
13805
  }
13793
13806
  export declare namespace emr {
13807
+ interface ClusterAutoTerminationPolicy {
13808
+ /**
13809
+ * Specifies the amount of idle time in seconds after which the cluster automatically terminates. You can specify a minimum of `60` seconds and a maximum of `604800` seconds (seven days).
13810
+ */
13811
+ idleTimeout?: pulumi.Input<number>;
13812
+ }
13794
13813
  interface ClusterBootstrapAction {
13795
13814
  /**
13796
13815
  * List of command line arguments passed to the JAR file's main function when executed.
@@ -14227,6 +14246,26 @@ export declare namespace emr {
14227
14246
  [key: string]: pulumi.Input<string>;
14228
14247
  }>;
14229
14248
  }
14249
+ interface GetReleaseLabelsFilters {
14250
+ /**
14251
+ * Optional release label application filter. For example, `Spark@2.1.0` or `Spark`.
14252
+ */
14253
+ application?: string;
14254
+ /**
14255
+ * Optional release label version prefix filter. For example, `emr-5`.
14256
+ */
14257
+ prefix?: string;
14258
+ }
14259
+ interface GetReleaseLabelsFiltersArgs {
14260
+ /**
14261
+ * Optional release label application filter. For example, `Spark@2.1.0` or `Spark`.
14262
+ */
14263
+ application?: pulumi.Input<string>;
14264
+ /**
14265
+ * Optional release label version prefix filter. For example, `emr-5`.
14266
+ */
14267
+ prefix?: pulumi.Input<string>;
14268
+ }
14230
14269
  interface InstanceFleetInstanceTypeConfig {
14231
14270
  /**
14232
14271
  * The bid price for each EC2 Spot instance type as defined by `instanceType`. Expressed in USD. If neither `bidPrice` nor `bidPriceAsPercentageOfOnDemandPrice` is provided, `bidPriceAsPercentageOfOnDemandPrice` defaults to 100%.
@@ -15885,6 +15924,36 @@ export declare namespace imagebuilder {
15885
15924
  }
15886
15925
  }
15887
15926
  export declare namespace iot {
15927
+ interface ThingGroupMetadata {
15928
+ creationDate?: pulumi.Input<string>;
15929
+ /**
15930
+ * The name of the parent Thing Group.
15931
+ */
15932
+ parentGroupName?: pulumi.Input<string>;
15933
+ rootToParentGroups?: pulumi.Input<pulumi.Input<inputs.iot.ThingGroupMetadataRootToParentGroup>[]>;
15934
+ }
15935
+ interface ThingGroupMetadataRootToParentGroup {
15936
+ groupArn?: pulumi.Input<string>;
15937
+ groupName?: pulumi.Input<string>;
15938
+ }
15939
+ interface ThingGroupProperties {
15940
+ /**
15941
+ * The Thing Group attributes. Defined below.
15942
+ */
15943
+ attributePayload?: pulumi.Input<inputs.iot.ThingGroupPropertiesAttributePayload>;
15944
+ /**
15945
+ * A description of the Thing Group.
15946
+ */
15947
+ description?: pulumi.Input<string>;
15948
+ }
15949
+ interface ThingGroupPropertiesAttributePayload {
15950
+ /**
15951
+ * Key-value map.
15952
+ */
15953
+ attributes?: pulumi.Input<{
15954
+ [key: string]: pulumi.Input<string>;
15955
+ }>;
15956
+ }
15888
15957
  interface ThingTypeProperties {
15889
15958
  /**
15890
15959
  * The description of the thing type.
@@ -16893,6 +16962,7 @@ export declare namespace kinesis {
16893
16962
  * Nested argument for the serializer, deserializer, and schema for converting data from the JSON format to the Parquet or ORC format before writing it to Amazon S3. More details given below.
16894
16963
  */
16895
16964
  dataFormatConversionConfiguration?: pulumi.Input<inputs.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationDataFormatConversionConfiguration>;
16965
+ dynamicPartitioningConfiguration?: pulumi.Input<inputs.kinesis.FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfiguration>;
16896
16966
  /**
16897
16967
  * Prefix added to failed records before writing them to S3. This prefix appears immediately following the bucket name.
16898
16968
  */
@@ -17103,6 +17173,16 @@ export declare namespace kinesis {
17103
17173
  */
17104
17174
  versionId?: pulumi.Input<string>;
17105
17175
  }
17176
+ interface FirehoseDeliveryStreamExtendedS3ConfigurationDynamicPartitioningConfiguration {
17177
+ /**
17178
+ * Defaults to `true`. Set it to `false` if you want to disable format conversion while preserving the configuration details.
17179
+ */
17180
+ enabled?: pulumi.Input<boolean>;
17181
+ /**
17182
+ * The length of time during which Firehose retries delivery after a failure, starting from the initial request and including the first attempt. The default value is 3600 seconds (60 minutes). Firehose does not retry if the value of DurationInSeconds is 0 (zero) or if the first delivery attempt takes longer than the current value.
17183
+ */
17184
+ retryDuration?: pulumi.Input<number>;
17185
+ }
17106
17186
  interface FirehoseDeliveryStreamExtendedS3ConfigurationProcessingConfiguration {
17107
17187
  /**
17108
17188
  * Enables or disables data processing.
@@ -22314,6 +22394,188 @@ export declare namespace s3 {
22314
22394
  */
22315
22395
  objectOwnership: pulumi.Input<string>;
22316
22396
  }
22397
+ interface BucketReplicationConfigRule {
22398
+ /**
22399
+ * Whether delete markers are replicated. This argument is only valid with V2 replication configurations (i.e., when `filter` is used)documented below.
22400
+ */
22401
+ deleteMarkerReplication?: pulumi.Input<inputs.s3.BucketReplicationConfigRuleDeleteMarkerReplication>;
22402
+ /**
22403
+ * Specifies the destination for the rule documented below.
22404
+ */
22405
+ destination: pulumi.Input<inputs.s3.BucketReplicationConfigRuleDestination>;
22406
+ /**
22407
+ * Replicate existing objects in the source bucket according to the rule configurations documented below.
22408
+ */
22409
+ existingObjectReplication?: pulumi.Input<inputs.s3.BucketReplicationConfigRuleExistingObjectReplication>;
22410
+ /**
22411
+ * Filter that identifies subset of objects to which the replication rule applies documented below.
22412
+ */
22413
+ filter?: pulumi.Input<inputs.s3.BucketReplicationConfigRuleFilter>;
22414
+ /**
22415
+ * Unique identifier for the rule. Must be less than or equal to 255 characters in length.
22416
+ */
22417
+ id?: pulumi.Input<string>;
22418
+ /**
22419
+ * Object key name prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length.
22420
+ */
22421
+ prefix?: pulumi.Input<string>;
22422
+ /**
22423
+ * The priority associated with the rule. Priority should only be set if `filter` is configured. If not provided, defaults to `0`. Priority must be unique between multiple rules.
22424
+ */
22425
+ priority?: pulumi.Input<number>;
22426
+ /**
22427
+ * Specifies special object selection criteria documented below.
22428
+ */
22429
+ sourceSelectionCriteria?: pulumi.Input<inputs.s3.BucketReplicationConfigRuleSourceSelectionCriteria>;
22430
+ /**
22431
+ * The status of the rule. Either `"Enabled"` or `"Disabled"`. The rule is ignored if status is not "Enabled".
22432
+ */
22433
+ status: pulumi.Input<string>;
22434
+ }
22435
+ interface BucketReplicationConfigRuleDeleteMarkerReplication {
22436
+ /**
22437
+ * Whether delete markers should be replicated. Either `"Enabled"` or `"Disabled"`.
22438
+ */
22439
+ status: pulumi.Input<string>;
22440
+ }
22441
+ interface BucketReplicationConfigRuleDestination {
22442
+ /**
22443
+ * A configuration block that specifies the overrides to use for object owners on replication documented below. Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object. Must be used in conjunction with `account` owner override configuration.
22444
+ */
22445
+ accessControlTranslation?: pulumi.Input<inputs.s3.BucketReplicationConfigRuleDestinationAccessControlTranslation>;
22446
+ /**
22447
+ * The Account ID to specify the replica ownership. Must be used in conjunction with `accessControlTranslation` override configuration.
22448
+ */
22449
+ account?: pulumi.Input<string>;
22450
+ /**
22451
+ * The ARN of the S3 bucket where you want Amazon S3 to store replicas of the objects identified by the rule.
22452
+ */
22453
+ bucket: pulumi.Input<string>;
22454
+ /**
22455
+ * A configuration block that provides information about encryption documented below. If `sourceSelectionCriteria` is specified, you must specify this element.
22456
+ */
22457
+ encryptionConfiguration?: pulumi.Input<inputs.s3.BucketReplicationConfigRuleDestinationEncryptionConfiguration>;
22458
+ /**
22459
+ * A configuration block that specifies replication metrics-related settings enabling replication metrics and events documented below.
22460
+ */
22461
+ metrics?: pulumi.Input<inputs.s3.BucketReplicationConfigRuleDestinationMetrics>;
22462
+ /**
22463
+ * A configuration block that specifies S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated documented below. Replication Time Control must be used in conjunction with `metrics`.
22464
+ */
22465
+ replicationTime?: pulumi.Input<inputs.s3.BucketReplicationConfigRuleDestinationReplicationTime>;
22466
+ /**
22467
+ * The class of storage used to store the object. Can be `STANDARD`, `REDUCED_REDUNDANCY`, `STANDARD_IA`, `ONEZONE_IA`, `INTELLIGENT_TIERING`, `GLACIER`, or `DEEP_ARCHIVE`. By default, Amazon S3 uses the storage class of the source object to create the object replica.
22468
+ */
22469
+ storageClass?: pulumi.Input<string>;
22470
+ }
22471
+ interface BucketReplicationConfigRuleDestinationAccessControlTranslation {
22472
+ /**
22473
+ * Specifies the replica ownership. For default and valid values, see [PUT bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) in the Amazon S3 API Reference. Valid values: `Destination`.
22474
+ */
22475
+ owner: pulumi.Input<string>;
22476
+ }
22477
+ interface BucketReplicationConfigRuleDestinationEncryptionConfiguration {
22478
+ /**
22479
+ * The ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket.
22480
+ */
22481
+ replicaKmsKeyId: pulumi.Input<string>;
22482
+ }
22483
+ interface BucketReplicationConfigRuleDestinationMetrics {
22484
+ /**
22485
+ * A configuration block that specifies the time threshold for emitting the `s3:Replication:OperationMissedThreshold` event documented below.
22486
+ */
22487
+ eventThreshold: pulumi.Input<inputs.s3.BucketReplicationConfigRuleDestinationMetricsEventThreshold>;
22488
+ /**
22489
+ * The status of the Destination Metrics. Either `"Enabled"` or `"Disabled"`.
22490
+ */
22491
+ status: pulumi.Input<string>;
22492
+ }
22493
+ interface BucketReplicationConfigRuleDestinationMetricsEventThreshold {
22494
+ /**
22495
+ * Time in minutes. Valid values: `15`.
22496
+ */
22497
+ minutes: pulumi.Input<number>;
22498
+ }
22499
+ interface BucketReplicationConfigRuleDestinationReplicationTime {
22500
+ /**
22501
+ * The status of the Replication Time Control. Either `"Enabled"` or `"Disabled"`.
22502
+ */
22503
+ status: pulumi.Input<string>;
22504
+ /**
22505
+ * A configuration block specifying the time by which replication should be complete for all objects and operations on objects documented below.
22506
+ */
22507
+ time: pulumi.Input<inputs.s3.BucketReplicationConfigRuleDestinationReplicationTimeTime>;
22508
+ }
22509
+ interface BucketReplicationConfigRuleDestinationReplicationTimeTime {
22510
+ /**
22511
+ * Time in minutes. Valid values: `15`.
22512
+ */
22513
+ minutes: pulumi.Input<number>;
22514
+ }
22515
+ interface BucketReplicationConfigRuleExistingObjectReplication {
22516
+ /**
22517
+ * Whether the existing objects should be replicated. Either `"Enabled"` or `"Disabled"`.
22518
+ */
22519
+ status: pulumi.Input<string>;
22520
+ }
22521
+ interface BucketReplicationConfigRuleFilter {
22522
+ /**
22523
+ * A configuration block for specifying rule filters. This element is required only if you specify more than one filter. See and below for more details.
22524
+ */
22525
+ and?: pulumi.Input<inputs.s3.BucketReplicationConfigRuleFilterAnd>;
22526
+ /**
22527
+ * An object key name prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.
22528
+ */
22529
+ prefix?: pulumi.Input<string>;
22530
+ /**
22531
+ * A configuration block for specifying a tag key and value documented below.
22532
+ */
22533
+ tag?: pulumi.Input<inputs.s3.BucketReplicationConfigRuleFilterTag>;
22534
+ }
22535
+ interface BucketReplicationConfigRuleFilterAnd {
22536
+ /**
22537
+ * An object key name prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.
22538
+ */
22539
+ prefix?: pulumi.Input<string>;
22540
+ /**
22541
+ * A map of tags (key and value pairs) that identifies a subset of objects to which the rule applies. The rule applies only to objects having all the tags in its tagset.
22542
+ */
22543
+ tags?: pulumi.Input<{
22544
+ [key: string]: pulumi.Input<string>;
22545
+ }>;
22546
+ }
22547
+ interface BucketReplicationConfigRuleFilterTag {
22548
+ /**
22549
+ * Name of the object key.
22550
+ */
22551
+ key: pulumi.Input<string>;
22552
+ /**
22553
+ * Value of the tag.
22554
+ */
22555
+ value: pulumi.Input<string>;
22556
+ }
22557
+ interface BucketReplicationConfigRuleSourceSelectionCriteria {
22558
+ /**
22559
+ * A configuration block that you can specify for selections for modifications on replicas. Amazon S3 doesn't replicate replica modifications by default. In the latest version of replication configuration (when `filter` is specified), you can specify this element and set the status to `Enabled` to replicate modifications on replicas.
22560
+ */
22561
+ replicaModifications?: pulumi.Input<inputs.s3.BucketReplicationConfigRuleSourceSelectionCriteriaReplicaModifications>;
22562
+ /**
22563
+ * A configuration block for filter information for the selection of Amazon S3 objects encrypted with AWS KMS. If specified, `replicaKmsKeyId` in `destination` `encryptionConfiguration` must be specified as well.
22564
+ */
22565
+ sseKmsEncryptedObjects?: pulumi.Input<inputs.s3.BucketReplicationConfigRuleSourceSelectionCriteriaSseKmsEncryptedObjects>;
22566
+ }
22567
+ interface BucketReplicationConfigRuleSourceSelectionCriteriaReplicaModifications {
22568
+ /**
22569
+ * Whether the existing objects should be replicated. Either `"Enabled"` or `"Disabled"`.
22570
+ */
22571
+ status: pulumi.Input<string>;
22572
+ }
22573
+ interface BucketReplicationConfigRuleSourceSelectionCriteriaSseKmsEncryptedObjects {
22574
+ /**
22575
+ * Whether the existing objects should be replicated. Either `"Enabled"` or `"Disabled"`.
22576
+ */
22577
+ status: pulumi.Input<string>;
22578
+ }
22317
22579
  interface BucketReplicationConfiguration {
22318
22580
  /**
22319
22581
  * The ARN of the IAM role for Amazon S3 to assume when replicating the objects.
@@ -22632,6 +22894,104 @@ export declare namespace s3control {
22632
22894
  [key: string]: pulumi.Input<string>;
22633
22895
  }>;
22634
22896
  }
22897
+ interface MultiRegionAccessPointDetails {
22898
+ /**
22899
+ * The name of the Multi-Region Access Point.
22900
+ */
22901
+ name: pulumi.Input<string>;
22902
+ /**
22903
+ * Configuration block to manage the `PublicAccessBlock` configuration that you want to apply to this Multi-Region Access Point. You can enable the configuration options in any combination. See Public Access Block Configuration below for more details.
22904
+ */
22905
+ publicAccessBlock?: pulumi.Input<inputs.s3control.MultiRegionAccessPointDetailsPublicAccessBlock>;
22906
+ /**
22907
+ * The Region configuration block to specify the bucket associated with the Multi-Region Access Point. See Region Configuration below for more details.
22908
+ */
22909
+ regions: pulumi.Input<pulumi.Input<inputs.s3control.MultiRegionAccessPointDetailsRegion>[]>;
22910
+ }
22911
+ interface MultiRegionAccessPointDetailsPublicAccessBlock {
22912
+ /**
22913
+ * Whether Amazon S3 should block public ACLs for buckets in this account. Defaults to `true`. Enabling this setting does not affect existing policies or ACLs. When set to `true` causes the following behavior:
22914
+ * * PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.
22915
+ * * PUT Object calls fail if the request includes a public ACL.
22916
+ * * PUT Bucket calls fail if the request includes a public ACL.
22917
+ */
22918
+ blockPublicAcls?: pulumi.Input<boolean>;
22919
+ /**
22920
+ * Whether Amazon S3 should block public bucket policies for buckets in this account. Defaults to `true`. Enabling this setting does not affect existing bucket policies. When set to `true` causes Amazon S3 to:
22921
+ * * Reject calls to PUT Bucket policy if the specified bucket policy allows public access.
22922
+ */
22923
+ blockPublicPolicy?: pulumi.Input<boolean>;
22924
+ /**
22925
+ * Whether Amazon S3 should ignore public ACLs for buckets in this account. Defaults to `true`. Enabling this setting does not affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. When set to `true` causes Amazon S3 to:
22926
+ * * Ignore all public ACLs on buckets in this account and any objects that they contain.
22927
+ */
22928
+ ignorePublicAcls?: pulumi.Input<boolean>;
22929
+ /**
22930
+ * Whether Amazon S3 should restrict public bucket policies for buckets in this account. Defaults to `true`. Enabling this setting does not affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked. When set to `true`:
22931
+ * * Only the bucket owner and AWS Services can access buckets with public policies.
22932
+ */
22933
+ restrictPublicBuckets?: pulumi.Input<boolean>;
22934
+ }
22935
+ interface MultiRegionAccessPointDetailsRegion {
22936
+ /**
22937
+ * The name of the associated bucket for the Region.
22938
+ */
22939
+ bucket: pulumi.Input<string>;
22940
+ }
22941
+ interface MultiRegionAccessPointPolicyDetails {
22942
+ /**
22943
+ * The name of the Multi-Region Access Point.
22944
+ */
22945
+ name: pulumi.Input<string>;
22946
+ /**
22947
+ * A valid JSON document that specifies the policy that you want to associate with this Multi-Region Access Point. Once applied, the policy can be edited, but not deleted. For more information, see the documentation on [Multi-Region Access Point Permissions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/MultiRegionAccessPointPermissions.html).
22948
+ */
22949
+ policy: pulumi.Input<string>;
22950
+ }
22951
+ interface ObjectLambdaAccessPointConfiguration {
22952
+ /**
22953
+ * Allowed features. Valid values: `GetObject-Range`, `GetObject-PartNumber`.
22954
+ */
22955
+ allowedFeatures?: pulumi.Input<pulumi.Input<string>[]>;
22956
+ /**
22957
+ * Whether or not the CloudWatch metrics configuration is enabled.
22958
+ */
22959
+ cloudWatchMetricsEnabled?: pulumi.Input<boolean>;
22960
+ /**
22961
+ * Standard access point associated with the Object Lambda Access Point.
22962
+ */
22963
+ supportingAccessPoint: pulumi.Input<string>;
22964
+ /**
22965
+ * List of transformation configurations for the Object Lambda Access Point. See Transformation Configuration below for more details.
22966
+ */
22967
+ transformationConfigurations: pulumi.Input<pulumi.Input<inputs.s3control.ObjectLambdaAccessPointConfigurationTransformationConfiguration>[]>;
22968
+ }
22969
+ interface ObjectLambdaAccessPointConfigurationTransformationConfiguration {
22970
+ /**
22971
+ * The actions of an Object Lambda Access Point configuration. Valid values: `GetObject`.
22972
+ */
22973
+ actions: pulumi.Input<pulumi.Input<string>[]>;
22974
+ /**
22975
+ * The content transformation of an Object Lambda Access Point configuration. See Content Transformation below for more details.
22976
+ */
22977
+ contentTransformation: pulumi.Input<inputs.s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformation>;
22978
+ }
22979
+ interface ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformation {
22980
+ /**
22981
+ * Configuration for an AWS Lambda function. See AWS Lambda below for more details.
22982
+ */
22983
+ awsLambda: pulumi.Input<inputs.s3control.ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationAwsLambda>;
22984
+ }
22985
+ interface ObjectLambdaAccessPointConfigurationTransformationConfigurationContentTransformationAwsLambda {
22986
+ /**
22987
+ * The Amazon Resource Name (ARN) of the AWS Lambda function.
22988
+ */
22989
+ functionArn: pulumi.Input<string>;
22990
+ /**
22991
+ * Additional JSON that provides supplemental data to the Lambda function used to transform objects.
22992
+ */
22993
+ functionPayload?: pulumi.Input<string>;
22994
+ }
22635
22995
  }
22636
22996
  export declare namespace s3outposts {
22637
22997
  interface EndpointNetworkInterface {
@@ -22938,6 +23298,80 @@ export declare namespace sagemaker {
22938
23298
  */
22939
23299
  variantName?: pulumi.Input<string>;
22940
23300
  }
23301
+ interface EndpointDeploymentConfig {
23302
+ /**
23303
+ * Automatic rollback configuration for handling endpoint deployment failures and recovery. See Auto Rollback Configuration.
23304
+ */
23305
+ autoRollbackConfiguration?: pulumi.Input<inputs.sagemaker.EndpointDeploymentConfigAutoRollbackConfiguration>;
23306
+ /**
23307
+ * Update policy for a blue/green deployment. If this update policy is specified, SageMaker creates a new fleet during the deployment while maintaining the old fleet. See Blue Green Update Config.
23308
+ */
23309
+ blueGreenUpdatePolicy: pulumi.Input<inputs.sagemaker.EndpointDeploymentConfigBlueGreenUpdatePolicy>;
23310
+ }
23311
+ interface EndpointDeploymentConfigAutoRollbackConfiguration {
23312
+ /**
23313
+ * List of CloudWatch alarms in your account that are configured to monitor metrics on an endpoint. If any alarms are tripped during a deployment, SageMaker rolls back the deployment. See Alarms.
23314
+ */
23315
+ alarms?: pulumi.Input<pulumi.Input<inputs.sagemaker.EndpointDeploymentConfigAutoRollbackConfigurationAlarm>[]>;
23316
+ }
23317
+ interface EndpointDeploymentConfigAutoRollbackConfigurationAlarm {
23318
+ /**
23319
+ * The name of a CloudWatch alarm in your account.
23320
+ */
23321
+ alarmName: pulumi.Input<string>;
23322
+ }
23323
+ interface EndpointDeploymentConfigBlueGreenUpdatePolicy {
23324
+ /**
23325
+ * Maximum execution timeout for the deployment. Note that the timeout value should be larger than the total waiting time specified in `terminationWaitInSeconds` and `waitIntervalInSeconds`. Valid values are between `600` and `14400`.
23326
+ */
23327
+ maximumExecutionTimeoutInSeconds?: pulumi.Input<number>;
23328
+ /**
23329
+ * Additional waiting time in seconds after the completion of an endpoint deployment before terminating the old endpoint fleet. Default is `0`. Valid values are between `0` and `3600`.
23330
+ */
23331
+ terminationWaitInSeconds?: pulumi.Input<number>;
23332
+ /**
23333
+ * Defines the traffic routing strategy to shift traffic from the old fleet to the new fleet during an endpoint deployment. See Traffic Routing Configuration.
23334
+ */
23335
+ trafficRoutingConfiguration: pulumi.Input<inputs.sagemaker.EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfiguration>;
23336
+ }
23337
+ interface EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfiguration {
23338
+ /**
23339
+ * Batch size for the first step to turn on traffic on the new endpoint fleet. Value must be less than or equal to 50% of the variant's total instance count. See Canary Size.
23340
+ */
23341
+ canarySize?: pulumi.Input<inputs.sagemaker.EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfigurationCanarySize>;
23342
+ /**
23343
+ * Batch size for each step to turn on traffic on the new endpoint fleet. Value must be 10-50% of the variant's total instance count. See Linear Step Size.
23344
+ */
23345
+ linearStepSize?: pulumi.Input<inputs.sagemaker.EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfigurationLinearStepSize>;
23346
+ /**
23347
+ * Specifies the endpoint capacity type. Valid values are: `INSTANCE_COUNT`, or `CAPACITY_PERCENT`.
23348
+ */
23349
+ type: pulumi.Input<string>;
23350
+ /**
23351
+ * The waiting time (in seconds) between incremental steps to turn on traffic on the new endpoint fleet. Valid values are between `0` and `3600`.
23352
+ */
23353
+ waitIntervalInSeconds: pulumi.Input<number>;
23354
+ }
23355
+ interface EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfigurationCanarySize {
23356
+ /**
23357
+ * Specifies the endpoint capacity type. Valid values are: `INSTANCE_COUNT`, or `CAPACITY_PERCENT`.
23358
+ */
23359
+ type: pulumi.Input<string>;
23360
+ /**
23361
+ * Defines the capacity size, either as a number of instances or a capacity percentage.
23362
+ */
23363
+ value: pulumi.Input<number>;
23364
+ }
23365
+ interface EndpointDeploymentConfigBlueGreenUpdatePolicyTrafficRoutingConfigurationLinearStepSize {
23366
+ /**
23367
+ * Specifies the endpoint capacity type. Valid values are: `INSTANCE_COUNT`, or `CAPACITY_PERCENT`.
23368
+ */
23369
+ type: pulumi.Input<string>;
23370
+ /**
23371
+ * Defines the capacity size, either as a number of instances or a capacity percentage.
23372
+ */
23373
+ value: pulumi.Input<number>;
23374
+ }
22941
23375
  interface FeatureGroupFeatureDefinition {
22942
23376
  /**
22943
23377
  * The name of a feature. `featureName` cannot be any of the following: `isDeleted`, `writeTime`, `apiInvocationTime`.