@pulumi/aws 5.2.0-alpha.1650047579 → 5.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (324) hide show
  1. package/apigateway/stage.d.ts +18 -6
  2. package/apigateway/stage.js +2 -0
  3. package/apigateway/stage.js.map +1 -1
  4. package/athena/database.d.ts +42 -0
  5. package/athena/database.js +26 -0
  6. package/athena/database.js.map +1 -1
  7. package/autoscaling/attachment.d.ts +1 -1
  8. package/autoscaling/attachment.js +1 -1
  9. package/autoscaling/group.d.ts +19 -10
  10. package/autoscaling/group.js +4 -1
  11. package/autoscaling/group.js.map +1 -1
  12. package/backup/plan.d.ts +3 -0
  13. package/backup/plan.js +3 -0
  14. package/backup/plan.js.map +1 -1
  15. package/cfg/rule.d.ts +39 -12
  16. package/cfg/rule.js +27 -0
  17. package/cfg/rule.js.map +1 -1
  18. package/cloudformation/stackSet.d.ts +12 -0
  19. package/cloudformation/stackSet.js +2 -0
  20. package/cloudformation/stackSet.js.map +1 -1
  21. package/cloudformation/stackSetInstance.d.ts +19 -1
  22. package/cloudformation/stackSetInstance.js +9 -1
  23. package/cloudformation/stackSetInstance.js.map +1 -1
  24. package/cloudtrail/trail.d.ts +31 -30
  25. package/cloudtrail/trail.js +31 -30
  26. package/cloudtrail/trail.js.map +1 -1
  27. package/cloudwatch/getEventBus.d.ts +51 -0
  28. package/cloudwatch/getEventBus.js +38 -0
  29. package/cloudwatch/getEventBus.js.map +1 -0
  30. package/cloudwatch/index.d.ts +1 -0
  31. package/cloudwatch/index.js +1 -0
  32. package/cloudwatch/index.js.map +1 -1
  33. package/cognito/index.d.ts +1 -0
  34. package/cognito/index.js +5 -0
  35. package/cognito/index.js.map +1 -1
  36. package/cognito/userInGroup.d.ts +100 -0
  37. package/cognito/userInGroup.js +90 -0
  38. package/cognito/userInGroup.js.map +1 -0
  39. package/cognito/userPoolClient.d.ts +22 -0
  40. package/cognito/userPoolClient.js +22 -0
  41. package/cognito/userPoolClient.js.map +1 -1
  42. package/datasync/fsxOpenZfsFileSystem.d.ts +175 -0
  43. package/datasync/fsxOpenZfsFileSystem.js +104 -0
  44. package/datasync/fsxOpenZfsFileSystem.js.map +1 -0
  45. package/datasync/index.d.ts +1 -0
  46. package/datasync/index.js +5 -0
  47. package/datasync/index.js.map +1 -1
  48. package/dynamodb/contributorInsights.d.ts +82 -0
  49. package/dynamodb/contributorInsights.js +76 -0
  50. package/dynamodb/contributorInsights.js.map +1 -0
  51. package/dynamodb/index.d.ts +1 -0
  52. package/dynamodb/index.js +5 -0
  53. package/dynamodb/index.js.map +1 -1
  54. package/dynamodb/tableItem.d.ts +6 -9
  55. package/dynamodb/tableItem.js.map +1 -1
  56. package/ec2/amiLaunchPermission.d.ts +70 -10
  57. package/ec2/amiLaunchPermission.js +32 -5
  58. package/ec2/amiLaunchPermission.js.map +1 -1
  59. package/ec2/defaultNetworkAcl.d.ts +1 -1
  60. package/ec2/defaultNetworkAcl.js +1 -1
  61. package/ec2/getEips.d.ts +1 -1
  62. package/ec2/getNatGateways.d.ts +65 -0
  63. package/ec2/getNatGateways.js +28 -0
  64. package/ec2/getNatGateways.js.map +1 -0
  65. package/ec2/getRoute.d.ts +9 -0
  66. package/ec2/getRoute.js +1 -0
  67. package/ec2/getRoute.js.map +1 -1
  68. package/ec2/index.d.ts +1 -0
  69. package/ec2/index.js +1 -0
  70. package/ec2/index.js.map +1 -1
  71. package/ec2/instance.d.ts +18 -6
  72. package/ec2/instance.js +2 -0
  73. package/ec2/instance.js.map +1 -1
  74. package/ec2/keyPair.d.ts +3 -12
  75. package/ec2/keyPair.js.map +1 -1
  76. package/ec2/route.d.ts +12 -0
  77. package/ec2/route.js +2 -0
  78. package/ec2/route.js.map +1 -1
  79. package/ec2/spotInstanceRequest.d.ts +18 -6
  80. package/ec2/spotInstanceRequest.js +2 -0
  81. package/ec2/spotInstanceRequest.js.map +1 -1
  82. package/ec2/vpc.d.ts +3 -3
  83. package/ec2/vpcEndpointService.d.ts +4 -4
  84. package/ec2/vpcIpam.d.ts +12 -0
  85. package/ec2/vpcIpam.js +2 -0
  86. package/ec2/vpcIpam.js.map +1 -1
  87. package/ec2/vpnConnection.d.ts +16 -0
  88. package/ec2/vpnConnection.js +4 -0
  89. package/ec2/vpnConnection.js.map +1 -1
  90. package/eks/addon.d.ts +18 -6
  91. package/eks/addon.js +2 -0
  92. package/eks/addon.js.map +1 -1
  93. package/eks/getAddonVersion.d.ts +82 -0
  94. package/eks/getAddonVersion.js +51 -0
  95. package/eks/getAddonVersion.js.map +1 -0
  96. package/eks/index.d.ts +1 -0
  97. package/eks/index.js +1 -0
  98. package/eks/index.js.map +1 -1
  99. package/elasticache/cluster.d.ts +64 -3
  100. package/elasticache/cluster.js +32 -0
  101. package/elasticache/cluster.js.map +1 -1
  102. package/elasticache/getCluster.d.ts +4 -0
  103. package/elasticache/getCluster.js.map +1 -1
  104. package/elasticache/getReplicationGroup.d.ts +5 -0
  105. package/elasticache/getReplicationGroup.js.map +1 -1
  106. package/elasticache/index.d.ts +1 -0
  107. package/elasticache/index.js +5 -0
  108. package/elasticache/index.js.map +1 -1
  109. package/elasticache/replicationGroup.d.ts +54 -6
  110. package/elasticache/replicationGroup.js +32 -0
  111. package/elasticache/replicationGroup.js.map +1 -1
  112. package/elasticache/userGroupAssociation.d.ts +100 -0
  113. package/elasticache/userGroupAssociation.js +97 -0
  114. package/elasticache/userGroupAssociation.js.map +1 -0
  115. package/emr/cluster.d.ts +6 -6
  116. package/gamelift/alias.d.ts +2 -2
  117. package/gamelift/alias.js +2 -2
  118. package/gamelift/build.d.ts +6 -6
  119. package/gamelift/build.js +2 -2
  120. package/gamelift/fleet.d.ts +10 -14
  121. package/gamelift/fleet.js +2 -2
  122. package/gamelift/fleet.js.map +1 -1
  123. package/gamelift/gameServerGroup.d.ts +5 -5
  124. package/gamelift/gameServerGroup.js +3 -3
  125. package/gamelift/gameSessionQueue.d.ts +2 -2
  126. package/gamelift/gameSessionQueue.js +2 -2
  127. package/gamelift/script.d.ts +4 -4
  128. package/gamelift/script.js +2 -2
  129. package/getCanonicalUserId.d.ts +2 -0
  130. package/getCanonicalUserId.js +2 -0
  131. package/getCanonicalUserId.js.map +1 -1
  132. package/glue/schema.d.ts +3 -3
  133. package/grafana/index.d.ts +1 -0
  134. package/grafana/index.js +5 -0
  135. package/grafana/index.js.map +1 -1
  136. package/grafana/roleAssociation.d.ts +121 -0
  137. package/grafana/roleAssociation.js +98 -0
  138. package/grafana/roleAssociation.js.map +1 -0
  139. package/guardduty/ipset.d.ts +0 -1
  140. package/guardduty/ipset.js +0 -1
  141. package/guardduty/ipset.js.map +1 -1
  142. package/iam/getSamlProvider.d.ts +81 -0
  143. package/iam/getSamlProvider.js +39 -0
  144. package/iam/getSamlProvider.js.map +1 -0
  145. package/iam/group.d.ts +0 -2
  146. package/iam/group.js +0 -2
  147. package/iam/group.js.map +1 -1
  148. package/iam/index.d.ts +1 -0
  149. package/iam/index.js +1 -0
  150. package/iam/index.js.map +1 -1
  151. package/imagebuilder/getImagePipelines.d.ts +57 -0
  152. package/imagebuilder/getImagePipelines.js +40 -0
  153. package/imagebuilder/getImagePipelines.js.map +1 -0
  154. package/imagebuilder/index.d.ts +1 -0
  155. package/imagebuilder/index.js +1 -0
  156. package/imagebuilder/index.js.map +1 -1
  157. package/index.d.ts +3 -1
  158. package/index.js +7 -3
  159. package/index.js.map +1 -1
  160. package/iot/authorizer.d.ts +12 -0
  161. package/iot/authorizer.js +2 -0
  162. package/iot/authorizer.js.map +1 -1
  163. package/iot/index.d.ts +3 -0
  164. package/iot/index.js +15 -0
  165. package/iot/index.js.map +1 -1
  166. package/iot/indexingConfiguration.d.ts +98 -0
  167. package/iot/indexingConfiguration.js +88 -0
  168. package/iot/indexingConfiguration.js.map +1 -0
  169. package/iot/loggingOptions.d.ts +87 -0
  170. package/iot/loggingOptions.js +74 -0
  171. package/iot/loggingOptions.js.map +1 -0
  172. package/iot/provisioningTemplate.d.ts +232 -0
  173. package/iot/provisioningTemplate.js +144 -0
  174. package/iot/provisioningTemplate.js.map +1 -0
  175. package/keyspaces/index.d.ts +1 -0
  176. package/keyspaces/index.js +37 -0
  177. package/keyspaces/index.js.map +1 -0
  178. package/keyspaces/keyspace.d.ts +114 -0
  179. package/keyspaces/keyspace.js +77 -0
  180. package/keyspaces/keyspace.js.map +1 -0
  181. package/lambda/function.d.ts +44 -0
  182. package/lambda/function.js +34 -0
  183. package/lambda/function.js.map +1 -1
  184. package/lambda/functionUrl.d.ts +153 -0
  185. package/lambda/functionUrl.js +111 -0
  186. package/lambda/functionUrl.js.map +1 -0
  187. package/lambda/getFunction.d.ts +4 -0
  188. package/lambda/getFunction.js.map +1 -1
  189. package/lambda/getFunctionUrl.d.ts +85 -0
  190. package/lambda/getFunctionUrl.js +39 -0
  191. package/lambda/getFunctionUrl.js.map +1 -0
  192. package/lambda/index.d.ts +2 -0
  193. package/lambda/index.js +6 -0
  194. package/lambda/index.js.map +1 -1
  195. package/lambda/permission.d.ts +18 -6
  196. package/lambda/permission.js +2 -0
  197. package/lambda/permission.js.map +1 -1
  198. package/memorydb/getAcl.d.ts +75 -0
  199. package/memorydb/getAcl.js +37 -0
  200. package/memorydb/getAcl.js.map +1 -0
  201. package/memorydb/getCluster.d.ts +152 -0
  202. package/memorydb/getCluster.js +37 -0
  203. package/memorydb/getCluster.js.map +1 -0
  204. package/memorydb/getParameterGroup.d.ts +83 -0
  205. package/memorydb/getParameterGroup.js +37 -0
  206. package/memorydb/getParameterGroup.js.map +1 -0
  207. package/memorydb/getSnapshot.d.ts +87 -0
  208. package/memorydb/getSnapshot.js +37 -0
  209. package/memorydb/getSnapshot.js.map +1 -0
  210. package/memorydb/getSubnetGroup.d.ts +79 -0
  211. package/memorydb/getSubnetGroup.js +37 -0
  212. package/memorydb/getSubnetGroup.js.map +1 -0
  213. package/memorydb/getUser.d.ts +80 -0
  214. package/memorydb/getUser.js +37 -0
  215. package/memorydb/getUser.js.map +1 -0
  216. package/memorydb/index.d.ts +6 -0
  217. package/memorydb/index.js +6 -0
  218. package/memorydb/index.js.map +1 -1
  219. package/msk/getCluster.d.ts +4 -0
  220. package/msk/getCluster.js.map +1 -1
  221. package/mskconnect/connector.d.ts +270 -0
  222. package/mskconnect/connector.js +166 -0
  223. package/mskconnect/connector.js.map +1 -0
  224. package/mskconnect/getConnector.d.ts +57 -0
  225. package/mskconnect/getConnector.js +36 -0
  226. package/mskconnect/getConnector.js.map +1 -0
  227. package/mskconnect/index.d.ts +2 -0
  228. package/mskconnect/index.js +6 -0
  229. package/mskconnect/index.js.map +1 -1
  230. package/mwaa/environment.d.ts +12 -0
  231. package/mwaa/environment.js +2 -0
  232. package/mwaa/environment.js.map +1 -1
  233. package/neptune/clusterEndpoint.d.ts +9 -0
  234. package/neptune/clusterEndpoint.js.map +1 -1
  235. package/opensearch/domain.d.ts +445 -0
  236. package/opensearch/domain.js +273 -0
  237. package/opensearch/domain.js.map +1 -0
  238. package/opensearch/domainPolicy.d.ts +93 -0
  239. package/opensearch/domainPolicy.js +90 -0
  240. package/opensearch/domainPolicy.js.map +1 -0
  241. package/opensearch/domainSamlOptions.d.ts +105 -0
  242. package/opensearch/domainSamlOptions.js +98 -0
  243. package/opensearch/domainSamlOptions.js.map +1 -0
  244. package/opensearch/getDomain.d.ts +144 -0
  245. package/opensearch/getDomain.js +37 -0
  246. package/opensearch/getDomain.js.map +1 -0
  247. package/opensearch/index.d.ts +4 -0
  248. package/opensearch/index.js +48 -0
  249. package/opensearch/index.js.map +1 -0
  250. package/organizations/account.d.ts +17 -5
  251. package/organizations/account.js +4 -2
  252. package/organizations/account.js.map +1 -1
  253. package/package.json +2 -2
  254. package/package.json.dev +2 -2
  255. package/qldb/getLedger.d.ts +10 -0
  256. package/qldb/getLedger.js +1 -0
  257. package/qldb/getLedger.js.map +1 -1
  258. package/qldb/index.d.ts +1 -0
  259. package/qldb/index.js +5 -0
  260. package/qldb/index.js.map +1 -1
  261. package/qldb/ledger.d.ts +12 -0
  262. package/qldb/ledger.js +2 -0
  263. package/qldb/ledger.js.map +1 -1
  264. package/qldb/stream.d.ts +159 -0
  265. package/qldb/stream.js +104 -0
  266. package/qldb/stream.js.map +1 -0
  267. package/rds/cluster.d.ts +3 -3
  268. package/rds/clusterActivityStream.d.ts +138 -0
  269. package/rds/clusterActivityStream.js +112 -0
  270. package/rds/clusterActivityStream.js.map +1 -0
  271. package/rds/index.d.ts +2 -0
  272. package/rds/index.js +10 -0
  273. package/rds/index.js.map +1 -1
  274. package/rds/instance.d.ts +3 -3
  275. package/rds/instanceAutomatedBackupsReplication.d.ts +153 -0
  276. package/rds/instanceAutomatedBackupsReplication.js +127 -0
  277. package/rds/instanceAutomatedBackupsReplication.js.map +1 -0
  278. package/route53/getTrafficPolicyDocument.d.ts +125 -0
  279. package/route53/getTrafficPolicyDocument.js +72 -0
  280. package/route53/getTrafficPolicyDocument.js.map +1 -0
  281. package/route53/index.d.ts +3 -0
  282. package/route53/index.js +11 -0
  283. package/route53/index.js.map +1 -1
  284. package/route53/trafficPolicy.d.ts +122 -0
  285. package/route53/trafficPolicy.js +94 -0
  286. package/route53/trafficPolicy.js.map +1 -0
  287. package/route53/trafficPolicyInstance.d.ts +121 -0
  288. package/route53/trafficPolicyInstance.js +94 -0
  289. package/route53/trafficPolicyInstance.js.map +1 -0
  290. package/s3/bucketObject.d.ts +2 -12
  291. package/s3/bucketObject.js +2 -0
  292. package/s3/bucketObject.js.map +1 -1
  293. package/s3/bucketObjectLockConfigurationV2.d.ts +35 -2
  294. package/s3/bucketObjectLockConfigurationV2.js +35 -2
  295. package/s3/bucketObjectLockConfigurationV2.js.map +1 -1
  296. package/s3/bucketV2.d.ts +518 -32
  297. package/s3/bucketV2.js +378 -12
  298. package/s3/bucketV2.js.map +1 -1
  299. package/s3/getCanonicalUserId.d.ts +2 -0
  300. package/s3/getCanonicalUserId.js +2 -0
  301. package/s3/getCanonicalUserId.js.map +1 -1
  302. package/ses/identityNotificationTopic.d.ts +10 -10
  303. package/ses/identityNotificationTopic.js +1 -1
  304. package/ssm/getDocument.d.ts +3 -3
  305. package/ssm/getMaintenanceWindows.d.ts +53 -0
  306. package/ssm/getMaintenanceWindows.js +40 -0
  307. package/ssm/getMaintenanceWindows.js.map +1 -0
  308. package/ssm/index.d.ts +1 -0
  309. package/ssm/index.js +1 -0
  310. package/ssm/index.js.map +1 -1
  311. package/ssm/maintenanceWindowTask.d.ts +30 -2
  312. package/ssm/maintenanceWindowTask.js +6 -6
  313. package/ssm/maintenanceWindowTask.js.map +1 -1
  314. package/storagegateway/gateway.d.ts +12 -0
  315. package/storagegateway/gateway.js +2 -0
  316. package/storagegateway/gateway.js.map +1 -1
  317. package/storagegateway/nfsFileShare.d.ts +24 -0
  318. package/storagegateway/nfsFileShare.js +4 -0
  319. package/storagegateway/nfsFileShare.js.map +1 -1
  320. package/types/input.d.ts +1658 -413
  321. package/types/output.d.ts +1672 -285
  322. package/xray/group.d.ts +17 -0
  323. package/xray/group.js +6 -0
  324. package/xray/group.js.map +1 -1
package/types/output.d.ts CHANGED
@@ -1091,6 +1091,22 @@ export declare namespace apigateway {
1091
1091
  */
1092
1092
  format: string;
1093
1093
  }
1094
+ interface StageCanarySettings {
1095
+ /**
1096
+ * The percent `0.0` - `100.0` of traffic to divert to the canary deployment.
1097
+ */
1098
+ percentTraffic?: number;
1099
+ /**
1100
+ * A map of overridden stage `variables` (including new variables) for the canary deployment.
1101
+ */
1102
+ stageVariableOverrides?: {
1103
+ [key: string]: any;
1104
+ };
1105
+ /**
1106
+ * Whether the canary deployment uses the stage cache. Defaults to false.
1107
+ */
1108
+ useStageCache?: boolean;
1109
+ }
1094
1110
  interface UsagePlanApiStage {
1095
1111
  /**
1096
1112
  * API Id of the associated API stage in a usage plan.
@@ -4505,7 +4521,7 @@ export declare namespace athena {
4505
4521
  */
4506
4522
  enforceWorkgroupConfiguration?: boolean;
4507
4523
  /**
4508
- * Configuration block for the Athena Engine Versioning. For more information, see [Athena Engine Versioning](https://docs.aws.amazon.com/athena/latest/ug/engine-versions.html). Documented below.
4524
+ * Configuration block for the Athena Engine Versioning. For more information, see [Athena Engine Versioning](https://docs.aws.amazon.com/athena/latest/ug/engine-versions.html). See Engine Version below.
4509
4525
  */
4510
4526
  engineVersion?: outputs.athena.WorkgroupConfigurationEngineVersion;
4511
4527
  /**
@@ -4517,7 +4533,7 @@ export declare namespace athena {
4517
4533
  */
4518
4534
  requesterPaysEnabled?: boolean;
4519
4535
  /**
4520
- * Configuration block with result settings. Documented below.
4536
+ * Configuration block with result settings. See Result Configuration below.
4521
4537
  */
4522
4538
  resultConfiguration?: outputs.athena.WorkgroupConfigurationResultConfiguration;
4523
4539
  }
@@ -4533,14 +4549,28 @@ export declare namespace athena {
4533
4549
  }
4534
4550
  interface WorkgroupConfigurationResultConfiguration {
4535
4551
  /**
4536
- * Configuration block with encryption settings. Documented below.
4552
+ * Indicates that an Amazon S3 canned ACL should be set to control ownership of stored query results. See ACL Configuration below.
4553
+ */
4554
+ aclConfiguration?: outputs.athena.WorkgroupConfigurationResultConfigurationAclConfiguration;
4555
+ /**
4556
+ * Configuration block with encryption settings. See Encryption Configuration below.
4537
4557
  */
4538
4558
  encryptionConfiguration?: outputs.athena.WorkgroupConfigurationResultConfigurationEncryptionConfiguration;
4559
+ /**
4560
+ * The AWS account ID that you expect to be the owner of the Amazon S3 bucket.
4561
+ */
4562
+ expectedBucketOwner?: string;
4539
4563
  /**
4540
4564
  * The location in Amazon S3 where your query results are stored, such as `s3://path/to/query/bucket/`. For more information, see [Queries and Query Result Files](https://docs.aws.amazon.com/athena/latest/ug/querying.html).
4541
4565
  */
4542
4566
  outputLocation?: string;
4543
4567
  }
4568
+ interface WorkgroupConfigurationResultConfigurationAclConfiguration {
4569
+ /**
4570
+ * The Amazon S3 canned ACL that Athena should specify when storing query results. Valid value is `BUCKET_OWNER_FULL_CONTROL`.
4571
+ */
4572
+ s3AclOption: string;
4573
+ }
4544
4574
  interface WorkgroupConfigurationResultConfigurationEncryptionConfiguration {
4545
4575
  /**
4546
4576
  * Indicates whether Amazon S3 server-side encryption with Amazon S3-managed keys (`SSE_S3`), server-side encryption with KMS-managed keys (`SSE_KMS`), or client-side encryption with KMS-managed keys (`CSE_KMS`) is used. If a query runs in a workgroup and the workgroup overrides client-side settings, then the workgroup's setting for encryption is used. It specifies whether query results must be encrypted, for all queries that run in this workgroup.
@@ -4736,6 +4766,10 @@ export declare namespace autoscaling {
4736
4766
  value: string;
4737
4767
  }
4738
4768
  interface GroupWarmPool {
4769
+ /**
4770
+ * Indicates whether instances in the Auto Scaling group can be returned to the warm pool on scale in. The default is to terminate instances in the Auto Scaling group when the group scales in.
4771
+ */
4772
+ instanceReusePolicy?: outputs.autoscaling.GroupWarmPoolInstanceReusePolicy;
4739
4773
  /**
4740
4774
  * Specifies the total maximum number of instances that are allowed to be in the warm pool or in any state except Terminated for the Auto Scaling group.
4741
4775
  */
@@ -4745,10 +4779,16 @@ export declare namespace autoscaling {
4745
4779
  */
4746
4780
  minSize?: number;
4747
4781
  /**
4748
- * Sets the instance state to transition to after the lifecycle hooks finish. Valid values are: Stopped (default) or Running.
4782
+ * Sets the instance state to transition to after the lifecycle hooks finish. Valid values are: Stopped (default), Running or Hibernated.
4749
4783
  */
4750
4784
  poolState?: string;
4751
4785
  }
4786
+ interface GroupWarmPoolInstanceReusePolicy {
4787
+ /**
4788
+ * Specifies whether instances in the Auto Scaling group can be returned to the warm pool on scale in.
4789
+ */
4790
+ reuseOnScaleIn?: boolean;
4791
+ }
4752
4792
  interface PolicyPredictiveScalingConfiguration {
4753
4793
  /**
4754
4794
  * Defines the behavior that should be applied if the forecast capacity approaches or exceeds the maximum capacity of the Auto Scaling group. Valid values are `HonorMaxCapacity` or `IncreaseMaxCapacity`. Default is `HonorMaxCapacity`.
@@ -5615,7 +5655,7 @@ export declare namespace batch {
5615
5655
  */
5616
5656
  ec2KeyPair?: string;
5617
5657
  /**
5618
- * The Amazon Machine Image (AMI) ID used for instances launched in the compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. (Deprecated, use `imageIdOverride` instead)
5658
+ * The Amazon Machine Image (AMI) ID used for instances launched in the compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. (Deprecated, use `ec2Configuration` `imageIdOverride` instead)
5619
5659
  */
5620
5660
  imageId?: string;
5621
5661
  /**
@@ -6042,29 +6082,47 @@ export declare namespace cfg {
6042
6082
  }
6043
6083
  interface RuleSource {
6044
6084
  /**
6045
- * Indicates whether AWS or the customer owns and manages the AWS Config rule. Valid values are `AWS` or `CUSTOM_LAMBDA`. For more information about managed rules, see the [AWS Config Managed Rules documentation](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html). For more information about custom rules, see the [AWS Config Custom Rules documentation](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html). Custom Lambda Functions require permissions to allow the AWS Config service to invoke them, e.g. via the `aws.lambda.Permission` resource.
6085
+ * Provides the runtime system, policy definition, and whether debug logging is enabled. Required when owner is set to `CUSTOM_POLICY`. See Custom Policy Details Below.
6086
+ */
6087
+ customPolicyDetails?: outputs.cfg.RuleSourceCustomPolicyDetails;
6088
+ /**
6089
+ * Indicates whether AWS or the customer owns and manages the AWS Config rule. Valid values are `AWS`, `CUSTOM_LAMBDA` or `CUSTOM_POLICY`. For more information about managed rules, see the [AWS Config Managed Rules documentation](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html). For more information about custom rules, see the [AWS Config Custom Rules documentation](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html). Custom Lambda Functions require permissions to allow the AWS Config service to invoke them, e.g., via the [`aws.lambda.Permission` resource](https://www.terraform.io/docs/providers/aws/r/lambda_permission.html).
6046
6090
  */
6047
6091
  owner: string;
6048
6092
  /**
6049
- * Provides the source and type of the event that causes AWS Config to evaluate your AWS resources. Only valid if `owner` is `CUSTOM_LAMBDA`.
6093
+ * Provides the source and type of the event that causes AWS Config to evaluate your AWS resources. Only valid if `owner` is `CUSTOM_LAMBDA` or `CUSTOM_POLICY`. See Source Detail Below.
6050
6094
  */
6051
6095
  sourceDetails?: outputs.cfg.RuleSourceSourceDetail[];
6052
6096
  /**
6053
6097
  * For AWS Config managed rules, a predefined identifier, e.g `IAM_PASSWORD_POLICY`. For custom Lambda rules, the identifier is the ARN of the Lambda Function, such as `arn:aws:lambda:us-east-1:123456789012:function:custom_rule_name` or the `arn` attribute of the `aws.lambda.Function` resource.
6054
6098
  */
6055
- sourceIdentifier: string;
6099
+ sourceIdentifier?: string;
6100
+ }
6101
+ interface RuleSourceCustomPolicyDetails {
6102
+ /**
6103
+ * The boolean expression for enabling debug logging for your Config Custom Policy rule. The default value is `false`.
6104
+ */
6105
+ enableDebugLogDelivery?: boolean;
6106
+ /**
6107
+ * The runtime system for your Config Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://github.com/aws-cloudformation/cloudformation-guard).
6108
+ */
6109
+ policyRuntime: string;
6110
+ /**
6111
+ * The policy definition containing the logic for your Config Custom Policy rule.
6112
+ */
6113
+ policyText: string;
6056
6114
  }
6057
6115
  interface RuleSourceSourceDetail {
6058
6116
  /**
6059
- * The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources. This defaults to `aws.config` and is the only valid value.
6117
+ * The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWSresources. This defaults to `aws.config` and is the only valid value.
6060
6118
  */
6061
6119
  eventSource?: string;
6062
6120
  /**
6063
- * The frequency that you want AWS Config to run evaluations for a rule that is triggered periodically. If specified, requires `messageType` to be `ScheduledNotification`.
6121
+ * The frequency that you want AWS Config to run evaluations for a rule that istriggered periodically. If specified, requires `messageType` to be `ScheduledNotification`.
6064
6122
  */
6065
6123
  maximumExecutionFrequency?: string;
6066
6124
  /**
6067
- * The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:
6125
+ * The type of notification that triggers AWS Config to run an evaluation for a rule. You canspecify the following notification types:
6068
6126
  */
6069
6127
  messageType?: string;
6070
6128
  }
@@ -6147,6 +6205,40 @@ export declare namespace cloudformation {
6147
6205
  interface StackSetInstanceDeploymentTargets {
6148
6206
  organizationalUnitIds?: string[];
6149
6207
  }
6208
+ interface StackSetInstanceOperationPreferences {
6209
+ failureToleranceCount?: number;
6210
+ failureTolerancePercentage?: number;
6211
+ maxConcurrentCount?: number;
6212
+ maxConcurrentPercentage?: number;
6213
+ regionConcurrencyType?: string;
6214
+ regionOrders?: string[];
6215
+ }
6216
+ interface StackSetOperationPreferences {
6217
+ /**
6218
+ * The number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region.
6219
+ */
6220
+ failureToleranceCount?: number;
6221
+ /**
6222
+ * The percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region.
6223
+ */
6224
+ failureTolerancePercentage?: number;
6225
+ /**
6226
+ * The maximum number of accounts in which to perform this operation at one time.
6227
+ */
6228
+ maxConcurrentCount?: number;
6229
+ /**
6230
+ * The maximum percentage of accounts in which to perform this operation at one time.
6231
+ */
6232
+ maxConcurrentPercentage?: number;
6233
+ /**
6234
+ * The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.
6235
+ */
6236
+ regionConcurrencyType?: string;
6237
+ /**
6238
+ * The order of the Regions in where you want to perform the stack operation.
6239
+ */
6240
+ regionOrders?: string[];
6241
+ }
6150
6242
  }
6151
6243
  export declare namespace cloudfront {
6152
6244
  interface CachePolicyParametersInCacheKeyAndForwardedToOrigin {
@@ -9446,6 +9538,7 @@ export declare namespace config {
9446
9538
  cloudtrail?: string;
9447
9539
  cloudwatch?: string;
9448
9540
  cloudwatchevents?: string;
9541
+ cloudwatchevidently?: string;
9449
9542
  cloudwatchlogs?: string;
9450
9543
  cloudwatchrum?: string;
9451
9544
  codeartifact?: string;
@@ -9609,6 +9702,8 @@ export declare namespace config {
9609
9702
  networkfirewall?: string;
9610
9703
  networkmanager?: string;
9611
9704
  nimblestudio?: string;
9705
+ opensearch?: string;
9706
+ opensearchservice?: string;
9612
9707
  opsworks?: string;
9613
9708
  opsworkscm?: string;
9614
9709
  organizations?: string;
@@ -10195,6 +10290,24 @@ export declare namespace datasync {
10195
10290
  */
10196
10291
  subnetArn: string;
10197
10292
  }
10293
+ interface FsxOpenZfsFileSystemProtocol {
10294
+ /**
10295
+ * Represents the Network File System (NFS) protocol that DataSync uses to access your FSx for OpenZFS file system. See below.
10296
+ */
10297
+ nfs: outputs.datasync.FsxOpenZfsFileSystemProtocolNfs;
10298
+ }
10299
+ interface FsxOpenZfsFileSystemProtocolNfs {
10300
+ /**
10301
+ * Represents the mount options that are available for DataSync to access an NFS location. See below.
10302
+ */
10303
+ mountOptions: outputs.datasync.FsxOpenZfsFileSystemProtocolNfsMountOptions;
10304
+ }
10305
+ interface FsxOpenZfsFileSystemProtocolNfsMountOptions {
10306
+ /**
10307
+ * The specific NFS version that you want DataSync to use for mounting your NFS share. Valid values: `AUTOMATIC`, `NFS3`, `NFS4_0` and `NFS4_1`. Default: `AUTOMATIC`
10308
+ */
10309
+ version?: string;
10310
+ }
10198
10311
  interface LocationHdfsNameNode {
10199
10312
  /**
10200
10313
  * The hostname of the NameNode in the HDFS cluster. This value is the IP address or Domain Name Service (DNS) name of the NameNode. An agent that's installed on-premises uses this hostname to communicate with the NameNode in the network.
@@ -10440,20 +10553,118 @@ export declare namespace directoryservice {
10440
10553
  export declare namespace dlm {
10441
10554
  interface LifecyclePolicyPolicyDetails {
10442
10555
  /**
10443
- * A list of resource types that should be targeted by the lifecycle policy. `VOLUME` is currently the only allowed value.
10556
+ * The actions to be performed when the event-based policy is triggered. You can specify only one action per policy. This parameter is required for event-based policies only. If you are creating a snapshot or AMI policy, omit this parameter. See the `action` configuration block.
10557
+ */
10558
+ action?: outputs.dlm.LifecyclePolicyPolicyDetailsAction;
10559
+ /**
10560
+ * The event that triggers the event-based policy. This parameter is required for event-based policies only. If you are creating a snapshot or AMI policy, omit this parameter. See the `eventSource` configuration block.
10444
10561
  */
10445
- resourceTypes: string[];
10562
+ eventSource?: outputs.dlm.LifecyclePolicyPolicyDetailsEventSource;
10563
+ /**
10564
+ * Information about the event. See the `parameters` configuration block.
10565
+ */
10566
+ parameters?: outputs.dlm.LifecyclePolicyPolicyDetailsParameters;
10567
+ /**
10568
+ * The valid target resource types and actions a policy can manage. Specify `EBS_SNAPSHOT_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of Amazon EBS snapshots. Specify `IMAGE_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of EBS-backed AMIs. Specify `EVENT_BASED_POLICY` to create an event-based policy that performs specific actions when a defined event occurs in your AWS account. Default value is `EBS_SNAPSHOT_MANAGEMENT`.
10569
+ */
10570
+ policyType?: string;
10571
+ /**
10572
+ * The location of the resources to backup. If the source resources are located in an AWS Region, specify `CLOUD`. If the source resources are located on an Outpost in your account, specify `OUTPOST`. If you specify `OUTPOST`, Amazon Data Lifecycle Manager backs up all resources of the specified type with matching target tags across all of the Outposts in your account. Valid values are `CLOUD` and `OUTPOST`.
10573
+ */
10574
+ resourceLocations: string;
10575
+ /**
10576
+ * A list of resource types that should be targeted by the lifecycle policy. Valid values are `VOLUME` and `INSTANCE`.
10577
+ */
10578
+ resourceTypes?: string[];
10446
10579
  /**
10447
10580
  * See the `schedule` configuration block.
10448
10581
  */
10449
- schedules: outputs.dlm.LifecyclePolicyPolicyDetailsSchedule[];
10582
+ schedules?: outputs.dlm.LifecyclePolicyPolicyDetailsSchedule[];
10450
10583
  /**
10451
10584
  * A map of tag keys and their values. Any resources that match the `resourceTypes` and are tagged with _any_ of these tags will be targeted.
10452
10585
  */
10453
- targetTags: {
10586
+ targetTags?: {
10454
10587
  [key: string]: string;
10455
10588
  };
10456
10589
  }
10590
+ interface LifecyclePolicyPolicyDetailsAction {
10591
+ /**
10592
+ * The rule for copying shared snapshots across Regions. See the `crossRegionCopy` configuration block.
10593
+ */
10594
+ crossRegionCopies: outputs.dlm.LifecyclePolicyPolicyDetailsActionCrossRegionCopy[];
10595
+ /**
10596
+ * A name for the schedule.
10597
+ */
10598
+ name: string;
10599
+ }
10600
+ interface LifecyclePolicyPolicyDetailsActionCrossRegionCopy {
10601
+ /**
10602
+ * The encryption settings for the copied snapshot. See the `encryptionConfiguration` block. Max of 1 per action.
10603
+ */
10604
+ encryptionConfiguration: outputs.dlm.LifecyclePolicyPolicyDetailsActionCrossRegionCopyEncryptionConfiguration;
10605
+ /**
10606
+ * The retention rule that indicates how long snapshot copies are to be retained in the destination Region. See the `retainRule` block. Max of 1 per schedule.
10607
+ */
10608
+ retainRule?: outputs.dlm.LifecyclePolicyPolicyDetailsActionCrossRegionCopyRetainRule;
10609
+ /**
10610
+ * The target Region or the Amazon Resource Name (ARN) of the target Outpost for the snapshot copies.
10611
+ */
10612
+ target: string;
10613
+ }
10614
+ interface LifecyclePolicyPolicyDetailsActionCrossRegionCopyEncryptionConfiguration {
10615
+ /**
10616
+ * The Amazon Resource Name (ARN) of the AWS KMS customer master key (CMK) to use for EBS encryption. If this argument is not specified, the default KMS key for the account is used.
10617
+ */
10618
+ cmkArn?: string;
10619
+ /**
10620
+ * To encrypt a copy of an unencrypted snapshot if encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or if encryption by default is not enabled.
10621
+ */
10622
+ encrypted?: boolean;
10623
+ }
10624
+ interface LifecyclePolicyPolicyDetailsActionCrossRegionCopyRetainRule {
10625
+ /**
10626
+ * The amount of time to retain each snapshot. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.
10627
+ */
10628
+ interval: number;
10629
+ /**
10630
+ * The unit of time for time-based retention. Valid values: `DAYS`, `WEEKS`, `MONTHS`, or `YEARS`.
10631
+ */
10632
+ intervalUnit: string;
10633
+ }
10634
+ interface LifecyclePolicyPolicyDetailsEventSource {
10635
+ /**
10636
+ * Information about the event. See the `parameters` configuration block.
10637
+ */
10638
+ parameters: outputs.dlm.LifecyclePolicyPolicyDetailsEventSourceParameters;
10639
+ /**
10640
+ * The source of the event. Currently only managed CloudWatch Events rules are supported. Valid values are `MANAGED_CWE`.
10641
+ */
10642
+ type: string;
10643
+ }
10644
+ interface LifecyclePolicyPolicyDetailsEventSourceParameters {
10645
+ /**
10646
+ * The snapshot description that can trigger the policy. The description pattern is specified using a regular expression. The policy runs only if a snapshot with a description that matches the specified pattern is shared with your account.
10647
+ */
10648
+ descriptionRegex: string;
10649
+ /**
10650
+ * The type of event. Currently, only `shareSnapshot` events are supported.
10651
+ */
10652
+ eventType: string;
10653
+ /**
10654
+ * The IDs of the AWS accounts that can trigger policy by sharing snapshots with your account. The policy only runs if one of the specified AWS accounts shares a snapshot with your account.
10655
+ */
10656
+ snapshotOwners: string[];
10657
+ }
10658
+ interface LifecyclePolicyPolicyDetailsParameters {
10659
+ /**
10660
+ * Indicates whether to exclude the root volume from snapshots created using CreateSnapshots. The default is `false`.
10661
+ */
10662
+ excludeBootVolume?: boolean;
10663
+ /**
10664
+ * Applies to AMI lifecycle policies only. Indicates whether targeted instances are rebooted when the lifecycle policy runs. `true` indicates that targeted instances are not rebooted when the policy runs. `false` indicates that target instances are rebooted when the policy runs. The default is `true` (instances are not rebooted).
10665
+ */
10666
+ noReboot?: boolean;
10667
+ }
10457
10668
  interface LifecyclePolicyPolicyDetailsSchedule {
10458
10669
  /**
10459
10670
  * Whether to copy all user-defined tags from the source snapshot to the cross-region snapshot copy.
@@ -10467,6 +10678,14 @@ export declare namespace dlm {
10467
10678
  * See the `crossRegionCopyRule` block. Max of 3 per schedule.
10468
10679
  */
10469
10680
  crossRegionCopyRules?: outputs.dlm.LifecyclePolicyPolicyDetailsScheduleCrossRegionCopyRule[];
10681
+ /**
10682
+ * The AMI deprecation rule for cross-Region AMI copies created by the rule. See the `deprecateRule` block.
10683
+ */
10684
+ deprecateRule?: outputs.dlm.LifecyclePolicyPolicyDetailsScheduleDeprecateRule;
10685
+ /**
10686
+ * See the `fastRestoreRule` block. Max of 1 per schedule.
10687
+ */
10688
+ fastRestoreRule?: outputs.dlm.LifecyclePolicyPolicyDetailsScheduleFastRestoreRule;
10470
10689
  /**
10471
10690
  * A name for the schedule.
10472
10691
  */
@@ -10475,22 +10694,40 @@ export declare namespace dlm {
10475
10694
  * The retention rule that indicates how long snapshot copies are to be retained in the destination Region. See the `retainRule` block. Max of 1 per schedule.
10476
10695
  */
10477
10696
  retainRule: outputs.dlm.LifecyclePolicyPolicyDetailsScheduleRetainRule;
10697
+ /**
10698
+ * See the `shareRule` block. Max of 1 per schedule.
10699
+ */
10700
+ shareRule?: outputs.dlm.LifecyclePolicyPolicyDetailsScheduleShareRule;
10478
10701
  /**
10479
10702
  * A map of tag keys and their values. DLM lifecycle policies will already tag the snapshot with the tags on the volume. This configuration adds extra tags on top of these.
10480
10703
  */
10481
10704
  tagsToAdd?: {
10482
10705
  [key: string]: string;
10483
10706
  };
10707
+ /**
10708
+ * A map of tag keys and variable values, where the values are determined when the policy is executed. Only `$(instance-id)` or `$(timestamp)` are valid values. Can only be used when `resourceTypes` is `INSTANCE`.
10709
+ */
10710
+ variableTags?: {
10711
+ [key: string]: string;
10712
+ };
10484
10713
  }
10485
10714
  interface LifecyclePolicyPolicyDetailsScheduleCreateRule {
10715
+ /**
10716
+ * The schedule, as a Cron expression. The schedule interval must be between 1 hour and 1 year.
10717
+ */
10718
+ cronExpression?: string;
10486
10719
  /**
10487
10720
  * The amount of time to retain each snapshot. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.
10488
10721
  */
10489
- interval: number;
10722
+ interval?: number;
10490
10723
  /**
10491
10724
  * The unit of time for time-based retention. Valid values: `DAYS`, `WEEKS`, `MONTHS`, or `YEARS`.
10492
10725
  */
10493
- intervalUnit?: string;
10726
+ intervalUnit: string;
10727
+ /**
10728
+ * Specifies the destination for snapshots created by the policy. To create snapshots in the same Region as the source resource, specify `CLOUD`. To create snapshots on the same Outpost as the source resource, specify `OUTPOST_LOCAL`. If you omit this parameter, `CLOUD` is used by default. If the policy targets resources in an AWS Region, then you must create snapshots in the same Region as the source resource. If the policy targets resources on an Outpost, then you can create snapshots on the same Outpost as the source resource, or in the Region of that Outpost. Valid values are `CLOUD` and `OUTPOST_LOCAL`.
10729
+ */
10730
+ location: string;
10494
10731
  /**
10495
10732
  * A list of times in 24 hour clock format that sets when the lifecycle policy should be evaluated. Max of 1.
10496
10733
  */
@@ -10542,11 +10779,59 @@ export declare namespace dlm {
10542
10779
  */
10543
10780
  intervalUnit: string;
10544
10781
  }
10782
+ interface LifecyclePolicyPolicyDetailsScheduleDeprecateRule {
10783
+ /**
10784
+ * How many snapshots to keep. Must be an integer between `1` and `1000`.
10785
+ */
10786
+ count?: number;
10787
+ /**
10788
+ * The amount of time to retain each snapshot. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.
10789
+ */
10790
+ interval?: number;
10791
+ /**
10792
+ * The unit of time for time-based retention. Valid values: `DAYS`, `WEEKS`, `MONTHS`, or `YEARS`.
10793
+ */
10794
+ intervalUnit?: string;
10795
+ }
10796
+ interface LifecyclePolicyPolicyDetailsScheduleFastRestoreRule {
10797
+ /**
10798
+ * The Availability Zones in which to enable fast snapshot restore.
10799
+ */
10800
+ availabilityZones: string[];
10801
+ /**
10802
+ * How many snapshots to keep. Must be an integer between `1` and `1000`.
10803
+ */
10804
+ count?: number;
10805
+ /**
10806
+ * The amount of time to retain each snapshot. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.
10807
+ */
10808
+ interval?: number;
10809
+ /**
10810
+ * The unit of time for time-based retention. Valid values: `DAYS`, `WEEKS`, `MONTHS`, or `YEARS`.
10811
+ */
10812
+ intervalUnit?: string;
10813
+ }
10545
10814
  interface LifecyclePolicyPolicyDetailsScheduleRetainRule {
10546
10815
  /**
10547
- * How many snapshots to keep. Must be an integer between 1 and 1000.
10816
+ * How many snapshots to keep. Must be an integer between `1` and `1000`.
10548
10817
  */
10549
- count: number;
10818
+ count?: number;
10819
+ /**
10820
+ * The amount of time to retain each snapshot. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.
10821
+ */
10822
+ interval?: number;
10823
+ /**
10824
+ * The unit of time for time-based retention. Valid values: `DAYS`, `WEEKS`, `MONTHS`, or `YEARS`.
10825
+ */
10826
+ intervalUnit?: string;
10827
+ }
10828
+ interface LifecyclePolicyPolicyDetailsScheduleShareRule {
10829
+ /**
10830
+ * The IDs of the AWS accounts with which to share the snapshots.
10831
+ */
10832
+ targetAccounts: string[];
10833
+ unshareInterval?: number;
10834
+ unshareIntervalUnit?: string;
10550
10835
  }
10551
10836
  }
10552
10837
  export declare namespace dms {
@@ -11359,6 +11644,10 @@ export declare namespace ec2 {
11359
11644
  * The CIDR block of the route.
11360
11645
  */
11361
11646
  cidrBlock?: string;
11647
+ /**
11648
+ * The Amazon Resource Name (ARN) of a core network.
11649
+ */
11650
+ coreNetworkArn?: string;
11362
11651
  /**
11363
11652
  * The ID of a managed prefix list destination of the route.
11364
11653
  */
@@ -12222,6 +12511,18 @@ export declare namespace ec2 {
12222
12511
  */
12223
12512
  values: string[];
12224
12513
  }
12514
+ interface GetNatGatewaysFilter {
12515
+ /**
12516
+ * The name of the field to filter by, as defined by
12517
+ * [the underlying AWS API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNatGateways.html).
12518
+ */
12519
+ name: string;
12520
+ /**
12521
+ * Set of values that are accepted for the given field.
12522
+ * A Nat Gateway will be selected if any one of the given values matches.
12523
+ */
12524
+ values: string[];
12525
+ }
12225
12526
  interface GetNetworkAclsFilter {
12226
12527
  /**
12227
12528
  * The name of the field to filter by, as defined by
@@ -12336,6 +12637,10 @@ export declare namespace ec2 {
12336
12637
  * CIDR block of the route.
12337
12638
  */
12338
12639
  cidrBlock: string;
12640
+ /**
12641
+ * ARN of the core network.
12642
+ */
12643
+ coreNetworkArn: string;
12339
12644
  /**
12340
12645
  * The ID of a managed prefix list destination of the route.
12341
12646
  */
@@ -13300,6 +13605,10 @@ export declare namespace ec2 {
13300
13605
  * The CIDR block of the route.
13301
13606
  */
13302
13607
  cidrBlock?: string;
13608
+ /**
13609
+ * The Amazon Resource Name (ARN) of a core network.
13610
+ */
13611
+ coreNetworkArn?: string;
13303
13612
  /**
13304
13613
  * The ID of a managed prefix list destination of the route.
13305
13614
  */
@@ -15129,6 +15438,24 @@ export declare namespace elasticache {
15129
15438
  */
15130
15439
  port: number;
15131
15440
  }
15441
+ interface ClusterLogDeliveryConfiguration {
15442
+ /**
15443
+ * Name of either the CloudWatch Logs LogGroup or Kinesis Data Firehose resource.
15444
+ */
15445
+ destination: string;
15446
+ /**
15447
+ * For CloudWatch Logs use `cloudwatch-logs` or for Kinesis Data Firehose use `kinesis-firehose`.
15448
+ */
15449
+ destinationType: string;
15450
+ /**
15451
+ * Valid values are `json` or `text`
15452
+ */
15453
+ logFormat: string;
15454
+ /**
15455
+ * Valid values are `slow-log` or `engine-log`. Max 1 of each.
15456
+ */
15457
+ logType: string;
15458
+ }
15132
15459
  interface GetClusterCacheNode {
15133
15460
  address: string;
15134
15461
  /**
@@ -15142,6 +15469,18 @@ export declare namespace elasticache {
15142
15469
  */
15143
15470
  port: number;
15144
15471
  }
15472
+ interface GetClusterLogDeliveryConfiguration {
15473
+ destination: string;
15474
+ destinationType: string;
15475
+ logFormat: string;
15476
+ logType: string;
15477
+ }
15478
+ interface GetReplicationGroupLogDeliveryConfiguration {
15479
+ destination: string;
15480
+ destinationType: string;
15481
+ logFormat: string;
15482
+ logType: string;
15483
+ }
15145
15484
  interface ParameterGroupParameter {
15146
15485
  /**
15147
15486
  * The name of the ElastiCache parameter.
@@ -15166,6 +15505,24 @@ export declare namespace elasticache {
15166
15505
  */
15167
15506
  replicasPerNodeGroup: number;
15168
15507
  }
15508
+ interface ReplicationGroupLogDeliveryConfiguration {
15509
+ /**
15510
+ * Name of either the CloudWatch Logs LogGroup or Kinesis Data Firehose resource.
15511
+ */
15512
+ destination: string;
15513
+ /**
15514
+ * For CloudWatch Logs use `cloudwatch-logs` or for Kinesis Data Firehose use `kinesis-firehose`.
15515
+ */
15516
+ destinationType: string;
15517
+ /**
15518
+ * Valid values are `json` or `text`
15519
+ */
15520
+ logFormat: string;
15521
+ /**
15522
+ * Valid values are `slow-log` or `engine-log`. Max 1 of each.
15523
+ */
15524
+ logType: string;
15525
+ }
15169
15526
  }
15170
15527
  export declare namespace elasticbeanstalk {
15171
15528
  interface ApplicationAppversionLifecycle {
@@ -16037,6 +16394,10 @@ export declare namespace elasticsearch {
16037
16394
  value: number;
16038
16395
  }
16039
16396
  interface DomainClusterConfig {
16397
+ /**
16398
+ * Configuration block containing cold storage configuration. Detailed below.
16399
+ */
16400
+ coldStorageOptions: outputs.elasticsearch.DomainClusterConfigColdStorageOptions;
16040
16401
  /**
16041
16402
  * Number of dedicated main nodes in the cluster.
16042
16403
  */
@@ -16078,6 +16439,12 @@ export declare namespace elasticsearch {
16078
16439
  */
16079
16440
  zoneAwarenessEnabled?: boolean;
16080
16441
  }
16442
+ interface DomainClusterConfigColdStorageOptions {
16443
+ /**
16444
+ * Whether to enable node-to-node encryption. If the `nodeToNodeEncryption` block is not provided then this defaults to `false`.
16445
+ */
16446
+ enabled: boolean;
16447
+ }
16081
16448
  interface DomainClusterConfigZoneAwarenessConfig {
16082
16449
  /**
16083
16450
  * Number of Availability Zones for the domain to use with `zoneAwarenessEnabled`. Defaults to `2`. Valid values: `2` or `3`.
@@ -16195,7 +16562,7 @@ export declare namespace elasticsearch {
16195
16562
  */
16196
16563
  sessionTimeoutMinutes?: number;
16197
16564
  /**
16198
- * Element of the SAML assertion to use for username. Default is NameID.
16565
+ * Custom SAML attribute to use for user names. Default is an empty string - `""`. This will cause Elasticsearch to use the `NameID` element of the `Subject`, which is the default location for name identifiers in the SAML specification.
16199
16566
  */
16200
16567
  subjectKey?: string;
16201
16568
  }
@@ -16276,6 +16643,10 @@ export declare namespace elasticsearch {
16276
16643
  value: number;
16277
16644
  }
16278
16645
  interface GetDomainClusterConfig {
16646
+ /**
16647
+ * Configuration block containing cold storage configuration.
16648
+ */
16649
+ coldStorageOptions: outputs.elasticsearch.GetDomainClusterConfigColdStorageOption[];
16279
16650
  /**
16280
16651
  * Number of dedicated master nodes in the cluster.
16281
16652
  */
@@ -16303,7 +16674,7 @@ export declare namespace elasticsearch {
16303
16674
  /**
16304
16675
  * Indicates warm storage is enabled.
16305
16676
  */
16306
- warmEnabled?: boolean;
16677
+ warmEnabled: boolean;
16307
16678
  /**
16308
16679
  * The instance type for the Elasticsearch cluster's warm nodes.
16309
16680
  */
@@ -16317,6 +16688,12 @@ export declare namespace elasticsearch {
16317
16688
  */
16318
16689
  zoneAwarenessEnabled: boolean;
16319
16690
  }
16691
+ interface GetDomainClusterConfigColdStorageOption {
16692
+ /**
16693
+ * Whether node to node encryption is enabled.
16694
+ */
16695
+ enabled: boolean;
16696
+ }
16320
16697
  interface GetDomainClusterConfigZoneAwarenessConfig {
16321
16698
  /**
16322
16699
  * Number of availability zones used.
@@ -17677,7 +18054,7 @@ export declare namespace fsx {
17677
18054
  export declare namespace gamelift {
17678
18055
  interface AliasRoutingStrategy {
17679
18056
  /**
17680
- * ID of the Gamelift Fleet to point the alias to.
18057
+ * ID of the GameLift Fleet to point the alias to.
17681
18058
  */
17682
18059
  fleetId?: string;
17683
18060
  /**
@@ -19079,6 +19456,14 @@ export declare namespace imagebuilder {
19079
19456
  targetAccountIds?: string[];
19080
19457
  }
19081
19458
  interface DistributionConfigurationDistributionAmiDistributionConfigurationLaunchPermission {
19459
+ /**
19460
+ * Set of AWS Organization ARNs to assign.
19461
+ */
19462
+ organizationArns?: string[];
19463
+ /**
19464
+ * Set of AWS Organizational Unit ARNs to assign.
19465
+ */
19466
+ organizationalUnitArns?: string[];
19082
19467
  /**
19083
19468
  * Set of EC2 launch permission user groups to assign. Use `all` to distribute a public AMI.
19084
19469
  */
@@ -19113,6 +19498,10 @@ export declare namespace imagebuilder {
19113
19498
  service: string;
19114
19499
  }
19115
19500
  interface DistributionConfigurationDistributionLaunchTemplateConfiguration {
19501
+ /**
19502
+ * The account ID that this configuration applies to.
19503
+ */
19504
+ accountId?: string;
19116
19505
  /**
19117
19506
  * Indicates whether to set the specified Amazon EC2 launch template as the default launch template. Defaults to `true`.
19118
19507
  */
@@ -19281,6 +19670,14 @@ export declare namespace imagebuilder {
19281
19670
  targetAccountIds: string[];
19282
19671
  }
19283
19672
  interface GetDistributionConfigurationDistributionAmiDistributionConfigurationLaunchPermission {
19673
+ /**
19674
+ * Set of AWS Organization ARNs.
19675
+ */
19676
+ organizationArns: string[];
19677
+ /**
19678
+ * Set of AWS Organizational Unit ARNs.
19679
+ */
19680
+ organizationalUnitArns: string[];
19284
19681
  /**
19285
19682
  * Set of EC2 launch permission user groups.
19286
19683
  */
@@ -19315,6 +19712,10 @@ export declare namespace imagebuilder {
19315
19712
  service: string;
19316
19713
  }
19317
19714
  interface GetDistributionConfigurationDistributionLaunchTemplateConfiguration {
19715
+ /**
19716
+ * The account ID that this configuration applies to.
19717
+ */
19718
+ accountId: string;
19318
19719
  /**
19319
19720
  * Indicates whether the specified Amazon EC2 launch template is set as the default launch template.
19320
19721
  */
@@ -19392,6 +19793,16 @@ export declare namespace imagebuilder {
19392
19793
  */
19393
19794
  scheduleExpression: string;
19394
19795
  }
19796
+ interface GetImagePipelinesFilter {
19797
+ /**
19798
+ * The name of the filter field. Valid values can be found in the [Image Builder ListImagePipelines API Reference](https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_ListImagePipelines.html).
19799
+ */
19800
+ name: string;
19801
+ /**
19802
+ * Set of values that are accepted for the given filter field. Results will be selected if any given value matches.
19803
+ */
19804
+ values: string[];
19805
+ }
19395
19806
  interface GetImageRecipeBlockDeviceMapping {
19396
19807
  /**
19397
19808
  * Name of the device. For example, `/dev/sda` or `/dev/xvdb`.
@@ -19650,6 +20061,93 @@ export declare namespace imagebuilder {
19650
20061
  }
19651
20062
  }
19652
20063
  export declare namespace iot {
20064
+ interface IndexingConfigurationThingGroupIndexingConfiguration {
20065
+ /**
20066
+ * A list of thing group fields to index. This list cannot contain any managed fields. See below.
20067
+ */
20068
+ customFields?: outputs.iot.IndexingConfigurationThingGroupIndexingConfigurationCustomField[];
20069
+ /**
20070
+ * Contains fields that are indexed and whose types are already known by the Fleet Indexing service. See below.
20071
+ */
20072
+ managedFields: outputs.iot.IndexingConfigurationThingGroupIndexingConfigurationManagedField[];
20073
+ /**
20074
+ * Thing group indexing mode. Valid values: `OFF`, `ON`.
20075
+ */
20076
+ thingGroupIndexingMode: string;
20077
+ }
20078
+ interface IndexingConfigurationThingGroupIndexingConfigurationCustomField {
20079
+ /**
20080
+ * The name of the field.
20081
+ */
20082
+ name?: string;
20083
+ /**
20084
+ * The data type of the field. Valid values: `Number`, `String`, `Boolean`.
20085
+ */
20086
+ type?: string;
20087
+ }
20088
+ interface IndexingConfigurationThingGroupIndexingConfigurationManagedField {
20089
+ /**
20090
+ * The name of the field.
20091
+ */
20092
+ name?: string;
20093
+ /**
20094
+ * The data type of the field. Valid values: `Number`, `String`, `Boolean`.
20095
+ */
20096
+ type?: string;
20097
+ }
20098
+ interface IndexingConfigurationThingIndexingConfiguration {
20099
+ /**
20100
+ * Contains custom field names and their data type. See below.
20101
+ */
20102
+ customFields?: outputs.iot.IndexingConfigurationThingIndexingConfigurationCustomField[];
20103
+ /**
20104
+ * Device Defender indexing mode. Valid values: `VIOLATIONS`, `OFF`. Default: `OFF`.
20105
+ */
20106
+ deviceDefenderIndexingMode?: string;
20107
+ /**
20108
+ * Contains fields that are indexed and whose types are already known by the Fleet Indexing service. See below.
20109
+ */
20110
+ managedFields: outputs.iot.IndexingConfigurationThingIndexingConfigurationManagedField[];
20111
+ /**
20112
+ * [Named shadow](https://docs.aws.amazon.com/iot/latest/developerguide/iot-device-shadows.html) indexing mode. Valid values: `ON`, `OFF`. Default: `OFF`.
20113
+ */
20114
+ namedShadowIndexingMode?: string;
20115
+ /**
20116
+ * Thing connectivity indexing mode. Valid values: `STATUS`, `OFF`. Default: `OFF`.
20117
+ */
20118
+ thingConnectivityIndexingMode?: string;
20119
+ /**
20120
+ * Thing indexing mode. Valid values: `REGISTRY`, `REGISTRY_AND_SHADOW`, `OFF`.
20121
+ */
20122
+ thingIndexingMode: string;
20123
+ }
20124
+ interface IndexingConfigurationThingIndexingConfigurationCustomField {
20125
+ /**
20126
+ * The name of the field.
20127
+ */
20128
+ name?: string;
20129
+ /**
20130
+ * The data type of the field. Valid values: `Number`, `String`, `Boolean`.
20131
+ */
20132
+ type?: string;
20133
+ }
20134
+ interface IndexingConfigurationThingIndexingConfigurationManagedField {
20135
+ /**
20136
+ * The name of the field.
20137
+ */
20138
+ name?: string;
20139
+ /**
20140
+ * The data type of the field. Valid values: `Number`, `String`, `Boolean`.
20141
+ */
20142
+ type?: string;
20143
+ }
20144
+ interface ProvisioningTemplatePreProvisioningHook {
20145
+ /**
20146
+ * The version of the payload that was sent to the target function. The only valid (and the default) payload version is `"2020-04-01"`.
20147
+ */
20148
+ payloadVersion?: string;
20149
+ targetArn: string;
20150
+ }
19653
20151
  interface ThingGroupMetadata {
19654
20152
  creationDate: string;
19655
20153
  /**
@@ -22224,6 +22722,12 @@ export declare namespace lambda {
22224
22722
  [key: string]: string;
22225
22723
  };
22226
22724
  }
22725
+ interface FunctionEphemeralStorage {
22726
+ /**
22727
+ * The size of the Lambda function Ephemeral storage(`/tmp`) represented in MB. The minimum supported `ephemeralStorage` value defaults to `512`MB and the maximum supported value is `10240`MB.
22728
+ */
22729
+ size: number;
22730
+ }
22227
22731
  interface FunctionEventInvokeConfigDestinationConfig {
22228
22732
  /**
22229
22733
  * Configuration block with destination configuration for failed asynchronous invocations. See below for details.
@@ -22276,6 +22780,32 @@ export declare namespace lambda {
22276
22780
  */
22277
22781
  mode: string;
22278
22782
  }
22783
+ interface FunctionUrlCors {
22784
+ /**
22785
+ * Whether to allow cookies or other credentials in requests to the function URL. The default is `false`.
22786
+ */
22787
+ allowCredentials?: boolean;
22788
+ /**
22789
+ * The HTTP headers that origins can include in requests to the function URL. For example: `["date", "keep-alive", "x-custom-header"]`.
22790
+ */
22791
+ allowHeaders?: string[];
22792
+ /**
22793
+ * The HTTP methods that are allowed when calling the function URL. For example: `["GET", "POST", "DELETE"]`, or the wildcard character (`["*"]`).
22794
+ */
22795
+ allowMethods?: string[];
22796
+ /**
22797
+ * The origins that can access the function URL. You can list any number of specific origins (or the wildcard character (`"*"`)), separated by a comma. For example: `["https://www.example.com", "http://localhost:60905"]`.
22798
+ */
22799
+ allowOrigins?: string[];
22800
+ /**
22801
+ * The HTTP headers in your function response that you want to expose to origins that call the function URL.
22802
+ */
22803
+ exposeHeaders?: string[];
22804
+ /**
22805
+ * The maximum amount of time, in seconds, that web browsers can cache results of a preflight request. By default, this is set to `0`, which means that the browser doesn't cache results. The maximum value is `86400`.
22806
+ */
22807
+ maxAge?: number;
22808
+ }
22279
22809
  interface FunctionVpcConfig {
22280
22810
  /**
22281
22811
  * List of security group IDs associated with the Lambda function.
@@ -22307,6 +22837,9 @@ export declare namespace lambda {
22307
22837
  [key: string]: string;
22308
22838
  };
22309
22839
  }
22840
+ interface GetFunctionEphemeralStorage {
22841
+ size: number;
22842
+ }
22310
22843
  interface GetFunctionFileSystemConfig {
22311
22844
  /**
22312
22845
  * Unqualified (no `:QUALIFIER` or `:VERSION` suffix) Amazon Resource Name (ARN) identifying your Lambda Function. See also `qualifiedArn`.
@@ -22317,6 +22850,14 @@ export declare namespace lambda {
22317
22850
  interface GetFunctionTracingConfig {
22318
22851
  mode: string;
22319
22852
  }
22853
+ interface GetFunctionUrlCor {
22854
+ allowCredentials: boolean;
22855
+ allowHeaders: string[];
22856
+ allowMethods: string[];
22857
+ allowOrigins: string[];
22858
+ exposeHeaders: string[];
22859
+ maxAge: number;
22860
+ }
22320
22861
  interface GetFunctionVpcConfig {
22321
22862
  securityGroupIds: string[];
22322
22863
  subnetIds: string[];
@@ -23684,6 +24225,133 @@ export declare namespace memorydb {
23684
24225
  */
23685
24226
  port: number;
23686
24227
  }
24228
+ interface GetClusterClusterEndpoint {
24229
+ /**
24230
+ * DNS hostname of the node.
24231
+ */
24232
+ address: string;
24233
+ /**
24234
+ * Port number that this node is listening on.
24235
+ */
24236
+ port: number;
24237
+ }
24238
+ interface GetClusterShard {
24239
+ /**
24240
+ * Name of the cluster.
24241
+ */
24242
+ name: string;
24243
+ /**
24244
+ * Set of nodes in this shard.
24245
+ */
24246
+ nodes: outputs.memorydb.GetClusterShardNode[];
24247
+ /**
24248
+ * Number of individual nodes in this shard.
24249
+ */
24250
+ numNodes: number;
24251
+ /**
24252
+ * Keyspace for this shard. Example: `0-16383`.
24253
+ */
24254
+ slots: string;
24255
+ }
24256
+ interface GetClusterShardNode {
24257
+ /**
24258
+ * The Availability Zone in which the node resides.
24259
+ */
24260
+ availabilityZone: string;
24261
+ /**
24262
+ * The date and time when the node was created. Example: `2022-01-01T21:00:00Z`.
24263
+ */
24264
+ createTime: string;
24265
+ endpoints: outputs.memorydb.GetClusterShardNodeEndpoint[];
24266
+ /**
24267
+ * Name of the cluster.
24268
+ */
24269
+ name: string;
24270
+ }
24271
+ interface GetClusterShardNodeEndpoint {
24272
+ /**
24273
+ * DNS hostname of the node.
24274
+ */
24275
+ address: string;
24276
+ /**
24277
+ * Port number that this node is listening on.
24278
+ */
24279
+ port: number;
24280
+ }
24281
+ interface GetParameterGroupParameter {
24282
+ /**
24283
+ * Name of the parameter group.
24284
+ */
24285
+ name: string;
24286
+ /**
24287
+ * Value of the parameter.
24288
+ */
24289
+ value: string;
24290
+ }
24291
+ interface GetSnapshotClusterConfiguration {
24292
+ /**
24293
+ * Description for the cluster.
24294
+ */
24295
+ description: string;
24296
+ /**
24297
+ * Version number of the Redis engine used by the cluster.
24298
+ */
24299
+ engineVersion: string;
24300
+ /**
24301
+ * The weekly time range during which maintenance on the cluster is performed.
24302
+ */
24303
+ maintenanceWindow: string;
24304
+ /**
24305
+ * Name of the snapshot.
24306
+ */
24307
+ name: string;
24308
+ /**
24309
+ * Compute and memory capacity of the nodes in the cluster.
24310
+ */
24311
+ nodeType: string;
24312
+ /**
24313
+ * Number of shards in the cluster.
24314
+ */
24315
+ numShards: number;
24316
+ /**
24317
+ * Name of the parameter group associated with the cluster.
24318
+ */
24319
+ parameterGroupName: string;
24320
+ /**
24321
+ * Port number on which the cluster accepts connections.
24322
+ */
24323
+ port: number;
24324
+ /**
24325
+ * Number of days for which MemoryDB retains automatic snapshots before deleting them.
24326
+ */
24327
+ snapshotRetentionLimit: number;
24328
+ /**
24329
+ * The daily time range (in UTC) during which MemoryDB begins taking a daily snapshot of the shard.
24330
+ */
24331
+ snapshotWindow: string;
24332
+ /**
24333
+ * Name of the subnet group used by the cluster.
24334
+ */
24335
+ subnetGroupName: string;
24336
+ /**
24337
+ * ARN of the SNS topic to which cluster notifications are sent.
24338
+ */
24339
+ topicArn: string;
24340
+ /**
24341
+ * The VPC in which the cluster exists.
24342
+ */
24343
+ vpcId: string;
24344
+ }
24345
+ interface GetUserAuthenticationMode {
24346
+ /**
24347
+ * The number of passwords belonging to the user.
24348
+ */
24349
+ passwordCount: number;
24350
+ /**
24351
+ * Indicates whether the user requires a password to authenticate.
24352
+ */
24353
+ type: string;
24354
+ }
23687
24355
  interface ParameterGroupParameter {
23688
24356
  /**
23689
24357
  * The name of the parameter.
@@ -24098,6 +24766,178 @@ export declare namespace msk {
24098
24766
  }
24099
24767
  }
24100
24768
  export declare namespace mskconnect {
24769
+ interface ConnectorCapacity {
24770
+ /**
24771
+ * Information about the auto scaling parameters for the connector. See below.
24772
+ */
24773
+ autoscaling?: outputs.mskconnect.ConnectorCapacityAutoscaling;
24774
+ /**
24775
+ * Details about a fixed capacity allocated to a connector. See below.
24776
+ */
24777
+ provisionedCapacity?: outputs.mskconnect.ConnectorCapacityProvisionedCapacity;
24778
+ }
24779
+ interface ConnectorCapacityAutoscaling {
24780
+ /**
24781
+ * The maximum number of workers allocated to the connector.
24782
+ */
24783
+ maxWorkerCount: number;
24784
+ /**
24785
+ * The number of microcontroller units (MCUs) allocated to each connector worker. Valid values: `1`, `2`, `4`, `8`. The default value is `1`.
24786
+ */
24787
+ mcuCount?: number;
24788
+ /**
24789
+ * The minimum number of workers allocated to the connector.
24790
+ */
24791
+ minWorkerCount: number;
24792
+ /**
24793
+ * The scale-in policy for the connector. See below.
24794
+ */
24795
+ scaleInPolicy: outputs.mskconnect.ConnectorCapacityAutoscalingScaleInPolicy;
24796
+ /**
24797
+ * The scale-out policy for the connector. See below.
24798
+ */
24799
+ scaleOutPolicy: outputs.mskconnect.ConnectorCapacityAutoscalingScaleOutPolicy;
24800
+ }
24801
+ interface ConnectorCapacityAutoscalingScaleInPolicy {
24802
+ /**
24803
+ * The CPU utilization percentage threshold at which you want connector scale out to be triggered.
24804
+ */
24805
+ cpuUtilizationPercentage: number;
24806
+ }
24807
+ interface ConnectorCapacityAutoscalingScaleOutPolicy {
24808
+ /**
24809
+ * The CPU utilization percentage threshold at which you want connector scale out to be triggered.
24810
+ */
24811
+ cpuUtilizationPercentage: number;
24812
+ }
24813
+ interface ConnectorCapacityProvisionedCapacity {
24814
+ /**
24815
+ * The number of microcontroller units (MCUs) allocated to each connector worker. Valid values: `1`, `2`, `4`, `8`. The default value is `1`.
24816
+ */
24817
+ mcuCount?: number;
24818
+ /**
24819
+ * The number of workers that are allocated to the connector.
24820
+ */
24821
+ workerCount: number;
24822
+ }
24823
+ interface ConnectorKafkaCluster {
24824
+ /**
24825
+ * The Apache Kafka cluster to which the connector is connected.
24826
+ */
24827
+ apacheKafkaCluster: outputs.mskconnect.ConnectorKafkaClusterApacheKafkaCluster;
24828
+ }
24829
+ interface ConnectorKafkaClusterApacheKafkaCluster {
24830
+ /**
24831
+ * The bootstrap servers of the cluster.
24832
+ */
24833
+ bootstrapServers: string;
24834
+ /**
24835
+ * Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster.
24836
+ */
24837
+ vpc: outputs.mskconnect.ConnectorKafkaClusterApacheKafkaClusterVpc;
24838
+ }
24839
+ interface ConnectorKafkaClusterApacheKafkaClusterVpc {
24840
+ /**
24841
+ * The security groups for the connector.
24842
+ */
24843
+ securityGroups: string[];
24844
+ /**
24845
+ * The subnets for the connector.
24846
+ */
24847
+ subnets: string[];
24848
+ }
24849
+ interface ConnectorKafkaClusterClientAuthentication {
24850
+ /**
24851
+ * The type of client authentication used to connect to the Apache Kafka cluster. Valid values: `IAM`, `NONE`. A value of `NONE` means that no client authentication is used. The default value is `NONE`.
24852
+ */
24853
+ authenticationType?: string;
24854
+ }
24855
+ interface ConnectorKafkaClusterEncryptionInTransit {
24856
+ /**
24857
+ * The type of encryption in transit to the Apache Kafka cluster. Valid values: `PLAINTEXT`, `TLS`. The default values is `PLAINTEXT`.
24858
+ */
24859
+ encryptionType?: string;
24860
+ }
24861
+ interface ConnectorLogDelivery {
24862
+ /**
24863
+ * The workers can send worker logs to different destination types. This configuration specifies the details of these destinations. See below.
24864
+ */
24865
+ workerLogDelivery: outputs.mskconnect.ConnectorLogDeliveryWorkerLogDelivery;
24866
+ }
24867
+ interface ConnectorLogDeliveryWorkerLogDelivery {
24868
+ /**
24869
+ * Details about delivering logs to Amazon CloudWatch Logs. See below.
24870
+ */
24871
+ cloudwatchLogs?: outputs.mskconnect.ConnectorLogDeliveryWorkerLogDeliveryCloudwatchLogs;
24872
+ /**
24873
+ * Details about delivering logs to Amazon Kinesis Data Firehose. See below.
24874
+ */
24875
+ firehose?: outputs.mskconnect.ConnectorLogDeliveryWorkerLogDeliveryFirehose;
24876
+ /**
24877
+ * Details about delivering logs to Amazon S3. See below.
24878
+ */
24879
+ s3?: outputs.mskconnect.ConnectorLogDeliveryWorkerLogDeliveryS3;
24880
+ }
24881
+ interface ConnectorLogDeliveryWorkerLogDeliveryCloudwatchLogs {
24882
+ /**
24883
+ * Specifies whether connector logs get sent to the specified Amazon S3 destination.
24884
+ */
24885
+ enabled: boolean;
24886
+ /**
24887
+ * The name of the CloudWatch log group that is the destination for log delivery.
24888
+ */
24889
+ logGroup?: string;
24890
+ }
24891
+ interface ConnectorLogDeliveryWorkerLogDeliveryFirehose {
24892
+ /**
24893
+ * The name of the Kinesis Data Firehose delivery stream that is the destination for log delivery.
24894
+ */
24895
+ deliveryStream?: string;
24896
+ /**
24897
+ * Specifies whether connector logs get sent to the specified Amazon S3 destination.
24898
+ */
24899
+ enabled: boolean;
24900
+ }
24901
+ interface ConnectorLogDeliveryWorkerLogDeliveryS3 {
24902
+ /**
24903
+ * The name of the S3 bucket that is the destination for log delivery.
24904
+ */
24905
+ bucket?: string;
24906
+ /**
24907
+ * Specifies whether connector logs get sent to the specified Amazon S3 destination.
24908
+ */
24909
+ enabled: boolean;
24910
+ /**
24911
+ * The S3 prefix that is the destination for log delivery.
24912
+ */
24913
+ prefix?: string;
24914
+ }
24915
+ interface ConnectorPlugin {
24916
+ /**
24917
+ * Details about a custom plugin. See below.
24918
+ */
24919
+ customPlugin: outputs.mskconnect.ConnectorPluginCustomPlugin;
24920
+ }
24921
+ interface ConnectorPluginCustomPlugin {
24922
+ /**
24923
+ * The Amazon Resource Name (ARN) of the worker configuration.
24924
+ */
24925
+ arn: string;
24926
+ /**
24927
+ * The revision of the worker configuration.
24928
+ */
24929
+ revision: number;
24930
+ }
24931
+ interface ConnectorWorkerConfiguration {
24932
+ /**
24933
+ * The Amazon Resource Name (ARN) of the worker configuration.
24934
+ */
24935
+ arn: string;
24936
+ /**
24937
+ * The revision of the worker configuration.
24938
+ */
24939
+ revision: number;
24940
+ }
24101
24941
  interface CustomPluginLocation {
24102
24942
  /**
24103
24943
  * Information of the plugin file stored in Amazon S3. See below.
@@ -24770,6 +25610,451 @@ export declare namespace networkmanager {
24770
25610
  longitude?: string;
24771
25611
  }
24772
25612
  }
25613
+ export declare namespace opensearch {
25614
+ interface DomainAdvancedSecurityOptions {
25615
+ /**
25616
+ * Whether to enable node-to-node encryption. If the `nodeToNodeEncryption` block is not provided then this defaults to `false`.
25617
+ */
25618
+ enabled: boolean;
25619
+ /**
25620
+ * Whether the internal user database is enabled. Default is `false`.
25621
+ */
25622
+ internalUserDatabaseEnabled?: boolean;
25623
+ /**
25624
+ * Configuration block for the main user. Detailed below.
25625
+ */
25626
+ masterUserOptions?: outputs.opensearch.DomainAdvancedSecurityOptionsMasterUserOptions;
25627
+ }
25628
+ interface DomainAdvancedSecurityOptionsMasterUserOptions {
25629
+ /**
25630
+ * ARN for the main user. Only specify if `internalUserDatabaseEnabled` is not set or set to `false`.
25631
+ */
25632
+ masterUserArn?: string;
25633
+ /**
25634
+ * Main user's username, which is stored in the Amazon OpenSearch Service domain's internal database. Only specify if `internalUserDatabaseEnabled` is set to `true`.
25635
+ */
25636
+ masterUserName?: string;
25637
+ /**
25638
+ * Main user's password, which is stored in the Amazon OpenSearch Service domain's internal database. Only specify if `internalUserDatabaseEnabled` is set to `true`.
25639
+ */
25640
+ masterUserPassword?: string;
25641
+ }
25642
+ interface DomainAutoTuneOptions {
25643
+ /**
25644
+ * Auto-Tune desired state for the domain. Valid values: `ENABLED` or `DISABLED`.
25645
+ */
25646
+ desiredState: string;
25647
+ /**
25648
+ * Configuration block for Auto-Tune maintenance windows. Can be specified multiple times for each maintenance window. Detailed below.
25649
+ */
25650
+ maintenanceSchedules: outputs.opensearch.DomainAutoTuneOptionsMaintenanceSchedule[];
25651
+ /**
25652
+ * Whether to roll back to default Auto-Tune settings when disabling Auto-Tune. Valid values: `DEFAULT_ROLLBACK` or `NO_ROLLBACK`.
25653
+ */
25654
+ rollbackOnDisable: string;
25655
+ }
25656
+ interface DomainAutoTuneOptionsMaintenanceSchedule {
25657
+ /**
25658
+ * A cron expression specifying the recurrence pattern for an Auto-Tune maintenance schedule.
25659
+ */
25660
+ cronExpressionForRecurrence: string;
25661
+ /**
25662
+ * Configuration block for the duration of the Auto-Tune maintenance window. Detailed below.
25663
+ */
25664
+ duration: outputs.opensearch.DomainAutoTuneOptionsMaintenanceScheduleDuration;
25665
+ /**
25666
+ * Date and time at which to start the Auto-Tune maintenance schedule in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).
25667
+ */
25668
+ startAt: string;
25669
+ }
25670
+ interface DomainAutoTuneOptionsMaintenanceScheduleDuration {
25671
+ /**
25672
+ * Unit of time specifying the duration of an Auto-Tune maintenance window. Valid values: `HOURS`.
25673
+ */
25674
+ unit: string;
25675
+ /**
25676
+ * An integer specifying the value of the duration of an Auto-Tune maintenance window.
25677
+ */
25678
+ value: number;
25679
+ }
25680
+ interface DomainClusterConfig {
25681
+ /**
25682
+ * Number of dedicated main nodes in the cluster.
25683
+ */
25684
+ dedicatedMasterCount?: number;
25685
+ /**
25686
+ * Whether dedicated main nodes are enabled for the cluster.
25687
+ */
25688
+ dedicatedMasterEnabled?: boolean;
25689
+ /**
25690
+ * Instance type of the dedicated main nodes in the cluster.
25691
+ */
25692
+ dedicatedMasterType?: string;
25693
+ /**
25694
+ * Number of instances in the cluster.
25695
+ */
25696
+ instanceCount?: number;
25697
+ /**
25698
+ * Instance type of data nodes in the cluster.
25699
+ */
25700
+ instanceType?: string;
25701
+ /**
25702
+ * Number of warm nodes in the cluster. Valid values are between `2` and `150`. `warmCount` can be only and must be set when `warmEnabled` is set to `true`.
25703
+ */
25704
+ warmCount?: number;
25705
+ /**
25706
+ * Whether to enable warm storage.
25707
+ */
25708
+ warmEnabled?: boolean;
25709
+ /**
25710
+ * Instance type for the OpenSearch cluster's warm nodes. Valid values are `ultrawarm1.medium.search`, `ultrawarm1.large.search` and `ultrawarm1.xlarge.search`. `warmType` can be only and must be set when `warmEnabled` is set to `true`.
25711
+ */
25712
+ warmType?: string;
25713
+ /**
25714
+ * Configuration block containing zone awareness settings. Detailed below.
25715
+ */
25716
+ zoneAwarenessConfig?: outputs.opensearch.DomainClusterConfigZoneAwarenessConfig;
25717
+ /**
25718
+ * Whether zone awareness is enabled, set to `true` for multi-az deployment. To enable awareness with three Availability Zones, the `availabilityZoneCount` within the `zoneAwarenessConfig` must be set to `3`.
25719
+ */
25720
+ zoneAwarenessEnabled?: boolean;
25721
+ }
25722
+ interface DomainClusterConfigZoneAwarenessConfig {
25723
+ /**
25724
+ * Number of Availability Zones for the domain to use with `zoneAwarenessEnabled`. Defaults to `2`. Valid values: `2` or `3`.
25725
+ */
25726
+ availabilityZoneCount?: number;
25727
+ }
25728
+ interface DomainCognitoOptions {
25729
+ /**
25730
+ * Whether to enable node-to-node encryption. If the `nodeToNodeEncryption` block is not provided then this defaults to `false`.
25731
+ */
25732
+ enabled?: boolean;
25733
+ /**
25734
+ * ID of the Cognito Identity Pool to use.
25735
+ */
25736
+ identityPoolId: string;
25737
+ /**
25738
+ * ARN of the IAM role that has the AmazonOpenSearchServiceCognitoAccess policy attached.
25739
+ */
25740
+ roleArn: string;
25741
+ /**
25742
+ * ID of the Cognito User Pool to use.
25743
+ */
25744
+ userPoolId: string;
25745
+ }
25746
+ interface DomainDomainEndpointOptions {
25747
+ /**
25748
+ * Fully qualified domain for your custom endpoint.
25749
+ */
25750
+ customEndpoint?: string;
25751
+ /**
25752
+ * ACM certificate ARN for your custom endpoint.
25753
+ */
25754
+ customEndpointCertificateArn?: string;
25755
+ /**
25756
+ * Whether to enable custom endpoint for the OpenSearch domain.
25757
+ */
25758
+ customEndpointEnabled?: boolean;
25759
+ /**
25760
+ * Whether or not to require HTTPS. Defaults to `true`.
25761
+ */
25762
+ enforceHttps?: boolean;
25763
+ tlsSecurityPolicy: string;
25764
+ }
25765
+ interface DomainEbsOptions {
25766
+ /**
25767
+ * Whether EBS volumes are attached to data nodes in the domain.
25768
+ */
25769
+ ebsEnabled: boolean;
25770
+ /**
25771
+ * Baseline input/output (I/O) performance of EBS volumes attached to data nodes. Applicable only for the Provisioned IOPS EBS volume type.
25772
+ */
25773
+ iops?: number;
25774
+ /**
25775
+ * Size of EBS volumes attached to data nodes (in GiB).
25776
+ */
25777
+ volumeSize?: number;
25778
+ /**
25779
+ * Type of EBS volumes attached to data nodes.
25780
+ */
25781
+ volumeType: string;
25782
+ }
25783
+ interface DomainEncryptAtRest {
25784
+ /**
25785
+ * Whether to enable node-to-node encryption. If the `nodeToNodeEncryption` block is not provided then this defaults to `false`.
25786
+ */
25787
+ enabled: boolean;
25788
+ /**
25789
+ * KMS key id to encrypt the OpenSearch domain with. If not specified then it defaults to using the `aws/es` service KMS key.
25790
+ */
25791
+ kmsKeyId: string;
25792
+ }
25793
+ interface DomainLogPublishingOption {
25794
+ /**
25795
+ * ARN of the Cloudwatch log group to which log needs to be published.
25796
+ */
25797
+ cloudwatchLogGroupArn: string;
25798
+ /**
25799
+ * Whether to enable node-to-node encryption. If the `nodeToNodeEncryption` block is not provided then this defaults to `false`.
25800
+ */
25801
+ enabled?: boolean;
25802
+ /**
25803
+ * Type of OpenSearch log. Valid values: `INDEX_SLOW_LOGS`, `SEARCH_SLOW_LOGS`, `ES_APPLICATION_LOGS`, `AUDIT_LOGS`.
25804
+ */
25805
+ logType: string;
25806
+ }
25807
+ interface DomainNodeToNodeEncryption {
25808
+ /**
25809
+ * Whether to enable node-to-node encryption. If the `nodeToNodeEncryption` block is not provided then this defaults to `false`.
25810
+ */
25811
+ enabled: boolean;
25812
+ }
25813
+ interface DomainSamlOptionsSamlOptions {
25814
+ /**
25815
+ * Whether SAML authentication is enabled.
25816
+ */
25817
+ enabled?: boolean;
25818
+ /**
25819
+ * Information from your identity provider.
25820
+ */
25821
+ idp?: outputs.opensearch.DomainSamlOptionsSamlOptionsIdp;
25822
+ /**
25823
+ * This backend role from the SAML IdP receives full permissions to the cluster, equivalent to a new master user.
25824
+ */
25825
+ masterBackendRole?: string;
25826
+ /**
25827
+ * This username from the SAML IdP receives full permissions to the cluster, equivalent to a new master user.
25828
+ */
25829
+ masterUserName?: string;
25830
+ /**
25831
+ * Element of the SAML assertion to use for backend roles. Default is roles.
25832
+ */
25833
+ rolesKey?: string;
25834
+ /**
25835
+ * Duration of a session in minutes after a user logs in. Default is 60. Maximum value is 1,440.
25836
+ */
25837
+ sessionTimeoutMinutes?: number;
25838
+ /**
25839
+ * Element of the SAML assertion to use for username. Default is NameID.
25840
+ */
25841
+ subjectKey?: string;
25842
+ }
25843
+ interface DomainSamlOptionsSamlOptionsIdp {
25844
+ /**
25845
+ * Unique Entity ID of the application in SAML Identity Provider.
25846
+ */
25847
+ entityId: string;
25848
+ /**
25849
+ * Metadata of the SAML application in xml format.
25850
+ */
25851
+ metadataContent: string;
25852
+ }
25853
+ interface DomainSnapshotOptions {
25854
+ /**
25855
+ * Hour during which the service takes an automated daily snapshot of the indices in the domain.
25856
+ */
25857
+ automatedSnapshotStartHour: number;
25858
+ }
25859
+ interface DomainVpcOptions {
25860
+ availabilityZones: string[];
25861
+ /**
25862
+ * List of VPC Security Group IDs to be applied to the OpenSearch domain endpoints. If omitted, the default Security Group for the VPC will be used.
25863
+ */
25864
+ securityGroupIds?: string[];
25865
+ /**
25866
+ * List of VPC Subnet IDs for the OpenSearch domain endpoints to be created in.
25867
+ */
25868
+ subnetIds?: string[];
25869
+ vpcId: string;
25870
+ }
25871
+ interface GetDomainAdvancedSecurityOption {
25872
+ /**
25873
+ * Whether node to node encryption is enabled.
25874
+ */
25875
+ enabled: boolean;
25876
+ /**
25877
+ * Whether the internal user database is enabled.
25878
+ */
25879
+ internalUserDatabaseEnabled: boolean;
25880
+ }
25881
+ interface GetDomainAutoTuneOption {
25882
+ /**
25883
+ * Auto-Tune desired state for the domain.
25884
+ */
25885
+ desiredState: string;
25886
+ /**
25887
+ * A list of the nested configurations for the Auto-Tune maintenance windows of the domain.
25888
+ */
25889
+ maintenanceSchedules: outputs.opensearch.GetDomainAutoTuneOptionMaintenanceSchedule[];
25890
+ /**
25891
+ * Whether the domain is set to roll back to default Auto-Tune settings when disabling Auto-Tune.
25892
+ */
25893
+ rollbackOnDisable: string;
25894
+ }
25895
+ interface GetDomainAutoTuneOptionMaintenanceSchedule {
25896
+ /**
25897
+ * A cron expression specifying the recurrence pattern for an Auto-Tune maintenance schedule.
25898
+ */
25899
+ cronExpressionForRecurrence: string;
25900
+ /**
25901
+ * Configuration block for the duration of the Auto-Tune maintenance window.
25902
+ */
25903
+ durations: outputs.opensearch.GetDomainAutoTuneOptionMaintenanceScheduleDuration[];
25904
+ /**
25905
+ * Date and time at which the Auto-Tune maintenance schedule starts in [RFC3339 format](https://tools.ietf.org/html/rfc3339#section-5.8).
25906
+ */
25907
+ startAt: string;
25908
+ }
25909
+ interface GetDomainAutoTuneOptionMaintenanceScheduleDuration {
25910
+ /**
25911
+ * Unit of time specifying the duration of an Auto-Tune maintenance window.
25912
+ */
25913
+ unit: string;
25914
+ /**
25915
+ * An integer specifying the value of the duration of an Auto-Tune maintenance window.
25916
+ */
25917
+ value: number;
25918
+ }
25919
+ interface GetDomainClusterConfig {
25920
+ /**
25921
+ * Number of dedicated master nodes in the cluster.
25922
+ */
25923
+ dedicatedMasterCount: number;
25924
+ /**
25925
+ * Indicates whether dedicated master nodes are enabled for the cluster.
25926
+ */
25927
+ dedicatedMasterEnabled: boolean;
25928
+ /**
25929
+ * Instance type of the dedicated master nodes in the cluster.
25930
+ */
25931
+ dedicatedMasterType: string;
25932
+ /**
25933
+ * Number of instances in the cluster.
25934
+ */
25935
+ instanceCount: number;
25936
+ /**
25937
+ * Instance type of data nodes in the cluster.
25938
+ */
25939
+ instanceType: string;
25940
+ /**
25941
+ * Number of warm nodes in the cluster.
25942
+ */
25943
+ warmCount: number;
25944
+ /**
25945
+ * Indicates warm storage is enabled.
25946
+ */
25947
+ warmEnabled?: boolean;
25948
+ /**
25949
+ * Instance type for the OpenSearch cluster's warm nodes.
25950
+ */
25951
+ warmType: string;
25952
+ /**
25953
+ * Configuration block containing zone awareness settings.
25954
+ */
25955
+ zoneAwarenessConfigs: outputs.opensearch.GetDomainClusterConfigZoneAwarenessConfig[];
25956
+ /**
25957
+ * Indicates whether zone awareness is enabled.
25958
+ */
25959
+ zoneAwarenessEnabled: boolean;
25960
+ }
25961
+ interface GetDomainClusterConfigZoneAwarenessConfig {
25962
+ /**
25963
+ * Number of availability zones used.
25964
+ */
25965
+ availabilityZoneCount: number;
25966
+ }
25967
+ interface GetDomainCognitoOption {
25968
+ /**
25969
+ * Whether node to node encryption is enabled.
25970
+ */
25971
+ enabled: boolean;
25972
+ /**
25973
+ * Cognito Identity pool used by the domain.
25974
+ */
25975
+ identityPoolId: string;
25976
+ /**
25977
+ * IAM Role with the AmazonOpenSearchServiceCognitoAccess policy attached.
25978
+ */
25979
+ roleArn: string;
25980
+ /**
25981
+ * Cognito User pool used by the domain.
25982
+ */
25983
+ userPoolId: string;
25984
+ }
25985
+ interface GetDomainEbsOption {
25986
+ /**
25987
+ * Whether EBS volumes are attached to data nodes in the domain.
25988
+ */
25989
+ ebsEnabled: boolean;
25990
+ /**
25991
+ * Baseline input/output (I/O) performance of EBS volumes attached to data nodes.
25992
+ */
25993
+ iops: number;
25994
+ /**
25995
+ * Size of EBS volumes attached to data nodes (in GB).
25996
+ */
25997
+ volumeSize: number;
25998
+ /**
25999
+ * Type of EBS volumes attached to data nodes.
26000
+ */
26001
+ volumeType: string;
26002
+ }
26003
+ interface GetDomainEncryptionAtRest {
26004
+ /**
26005
+ * Whether node to node encryption is enabled.
26006
+ */
26007
+ enabled: boolean;
26008
+ /**
26009
+ * KMS key id used to encrypt data at rest.
26010
+ */
26011
+ kmsKeyId: string;
26012
+ }
26013
+ interface GetDomainLogPublishingOption {
26014
+ /**
26015
+ * CloudWatch Log Group where the logs are published.
26016
+ */
26017
+ cloudwatchLogGroupArn: string;
26018
+ /**
26019
+ * Whether node to node encryption is enabled.
26020
+ */
26021
+ enabled: boolean;
26022
+ /**
26023
+ * Type of OpenSearch log being published.
26024
+ */
26025
+ logType: string;
26026
+ }
26027
+ interface GetDomainNodeToNodeEncryption {
26028
+ /**
26029
+ * Whether node to node encryption is enabled.
26030
+ */
26031
+ enabled: boolean;
26032
+ }
26033
+ interface GetDomainSnapshotOption {
26034
+ /**
26035
+ * Hour during which the service takes an automated daily snapshot of the indices in the domain.
26036
+ */
26037
+ automatedSnapshotStartHour: number;
26038
+ }
26039
+ interface GetDomainVpcOption {
26040
+ /**
26041
+ * Availability zones used by the domain.
26042
+ */
26043
+ availabilityZones: string[];
26044
+ /**
26045
+ * Security groups used by the domain.
26046
+ */
26047
+ securityGroupIds: string[];
26048
+ /**
26049
+ * Subnets used by the domain.
26050
+ */
26051
+ subnetIds: string[];
26052
+ /**
26053
+ * VPC used by the domain.
26054
+ */
26055
+ vpcId: string;
26056
+ }
26057
+ }
24773
26058
  export declare namespace opsworks {
24774
26059
  interface ApplicationAppSource {
24775
26060
  /**
@@ -25665,6 +26950,18 @@ export declare namespace pricing {
25665
26950
  value: string;
25666
26951
  }
25667
26952
  }
26953
+ export declare namespace qldb {
26954
+ interface StreamKinesisConfiguration {
26955
+ /**
26956
+ * Enables QLDB to publish multiple data records in a single Kinesis Data Streams record, increasing the number of records sent per API call. Default: `true`.
26957
+ */
26958
+ aggregationEnabled?: boolean;
26959
+ /**
26960
+ * The Amazon Resource Name (ARN) of the Kinesis Data Streams resource.
26961
+ */
26962
+ streamArn: string;
26963
+ }
26964
+ }
25668
26965
  export declare namespace quicksight {
25669
26966
  interface DataSourceCredentials {
25670
26967
  /**
@@ -26463,6 +27760,194 @@ export declare namespace route53 {
26463
27760
  name: string;
26464
27761
  values: string[];
26465
27762
  }
27763
+ interface GetTrafficPolicyDocumentEndpoint {
27764
+ /**
27765
+ * ID of a rule you want to assign.
27766
+ */
27767
+ id: string;
27768
+ /**
27769
+ * Region code for the AWS Region that you created the resource in.
27770
+ */
27771
+ region?: string;
27772
+ /**
27773
+ * Type of the rule.
27774
+ */
27775
+ type?: string;
27776
+ /**
27777
+ * Value of the `type`.
27778
+ */
27779
+ value?: string;
27780
+ }
27781
+ interface GetTrafficPolicyDocumentRule {
27782
+ /**
27783
+ * Configuration block for when you add a geoproximity rule, you configure Amazon Route 53 to route traffic to your resources based on the geographic location of your resources. Only valid for `geoproximity` type. See below
27784
+ */
27785
+ geoProximityLocations?: outputs.route53.GetTrafficPolicyDocumentRuleGeoProximityLocation[];
27786
+ /**
27787
+ * ID of a rule you want to assign.
27788
+ */
27789
+ id: string;
27790
+ /**
27791
+ * Configuration block for when you add a multivalue answer rule, you configure your traffic policy to route traffic approximately randomly to your healthy resources. Only valid for `multivalue` type. See below
27792
+ */
27793
+ items?: outputs.route53.GetTrafficPolicyDocumentRuleItem[];
27794
+ /**
27795
+ * Configuration block for when you add a geolocation rule, you configure your traffic policy to route your traffic based on the geographic location of your users. Only valid for `geo` type. See below
27796
+ */
27797
+ locations?: outputs.route53.GetTrafficPolicyDocumentRuleLocation[];
27798
+ /**
27799
+ * Configuration block for the settings for the rule or endpoint that you want to route traffic to whenever the corresponding resources are available. Only valid for `failover` type. See below
27800
+ */
27801
+ primary?: outputs.route53.GetTrafficPolicyDocumentRulePrimary;
27802
+ /**
27803
+ * Region code for the AWS Region that you created the resource in.
27804
+ */
27805
+ regions?: outputs.route53.GetTrafficPolicyDocumentRuleRegion[];
27806
+ /**
27807
+ * Configuration block for the rule or endpoint that you want to route traffic to whenever the primary resources are not available. Only valid for `failover` type. See below
27808
+ */
27809
+ secondary?: outputs.route53.GetTrafficPolicyDocumentRuleSecondary;
27810
+ /**
27811
+ * Type of the rule.
27812
+ */
27813
+ type?: string;
27814
+ }
27815
+ interface GetTrafficPolicyDocumentRuleGeoProximityLocation {
27816
+ /**
27817
+ * Specify a value for `bias` if you want to route more traffic to an endpoint from nearby endpoints (positive values) or route less traffic to an endpoint (negative values).
27818
+ */
27819
+ bias?: string;
27820
+ /**
27821
+ * References to an endpoint.
27822
+ */
27823
+ endpointReference?: string;
27824
+ /**
27825
+ * Indicates whether you want Amazon Route 53 to evaluate the health of the endpoint and route traffic only to healthy endpoints.
27826
+ */
27827
+ evaluateTargetHealth?: boolean;
27828
+ /**
27829
+ * If you want to associate a health check with the endpoint or rule.
27830
+ */
27831
+ healthCheck?: string;
27832
+ /**
27833
+ * Represents the location south (negative) or north (positive) of the equator. Valid values are -90 degrees to 90 degrees.
27834
+ */
27835
+ latitude?: string;
27836
+ /**
27837
+ * Represents the location west (negative) or east (positive) of the prime meridian. Valid values are -180 degrees to 180 degrees.
27838
+ */
27839
+ longitude?: string;
27840
+ /**
27841
+ * Region code for the AWS Region that you created the resource in.
27842
+ */
27843
+ region?: string;
27844
+ /**
27845
+ * References to a rule.
27846
+ */
27847
+ ruleReference?: string;
27848
+ }
27849
+ interface GetTrafficPolicyDocumentRuleItem {
27850
+ /**
27851
+ * References to an endpoint.
27852
+ */
27853
+ endpointReference?: string;
27854
+ /**
27855
+ * If you want to associate a health check with the endpoint or rule.
27856
+ */
27857
+ healthCheck?: string;
27858
+ }
27859
+ interface GetTrafficPolicyDocumentRuleLocation {
27860
+ /**
27861
+ * Value of a continent.
27862
+ */
27863
+ continent?: string;
27864
+ /**
27865
+ * Value of a country.
27866
+ */
27867
+ country?: string;
27868
+ /**
27869
+ * References to an endpoint.
27870
+ */
27871
+ endpointReference?: string;
27872
+ /**
27873
+ * Indicates whether you want Amazon Route 53 to evaluate the health of the endpoint and route traffic only to healthy endpoints.
27874
+ */
27875
+ evaluateTargetHealth?: boolean;
27876
+ /**
27877
+ * If you want to associate a health check with the endpoint or rule.
27878
+ */
27879
+ healthCheck?: string;
27880
+ /**
27881
+ * Indicates whether this set of values represents the default location.
27882
+ */
27883
+ isDefault?: boolean;
27884
+ /**
27885
+ * References to a rule.
27886
+ */
27887
+ ruleReference?: string;
27888
+ /**
27889
+ * Value of a subdivision.
27890
+ */
27891
+ subdivision?: string;
27892
+ }
27893
+ interface GetTrafficPolicyDocumentRulePrimary {
27894
+ /**
27895
+ * References to an endpoint.
27896
+ */
27897
+ endpointReference?: string;
27898
+ /**
27899
+ * Indicates whether you want Amazon Route 53 to evaluate the health of the endpoint and route traffic only to healthy endpoints.
27900
+ */
27901
+ evaluateTargetHealth?: boolean;
27902
+ /**
27903
+ * If you want to associate a health check with the endpoint or rule.
27904
+ */
27905
+ healthCheck?: string;
27906
+ /**
27907
+ * References to a rule.
27908
+ */
27909
+ ruleReference?: string;
27910
+ }
27911
+ interface GetTrafficPolicyDocumentRuleRegion {
27912
+ /**
27913
+ * References to an endpoint.
27914
+ */
27915
+ endpointReference?: string;
27916
+ /**
27917
+ * Indicates whether you want Amazon Route 53 to evaluate the health of the endpoint and route traffic only to healthy endpoints.
27918
+ */
27919
+ evaluateTargetHealth?: boolean;
27920
+ /**
27921
+ * If you want to associate a health check with the endpoint or rule.
27922
+ */
27923
+ healthCheck?: string;
27924
+ /**
27925
+ * Region code for the AWS Region that you created the resource in.
27926
+ */
27927
+ region?: string;
27928
+ /**
27929
+ * References to a rule.
27930
+ */
27931
+ ruleReference?: string;
27932
+ }
27933
+ interface GetTrafficPolicyDocumentRuleSecondary {
27934
+ /**
27935
+ * References to an endpoint.
27936
+ */
27937
+ endpointReference?: string;
27938
+ /**
27939
+ * Indicates whether you want Amazon Route 53 to evaluate the health of the endpoint and route traffic only to healthy endpoints.
27940
+ */
27941
+ evaluateTargetHealth?: boolean;
27942
+ /**
27943
+ * If you want to associate a health check with the endpoint or rule.
27944
+ */
27945
+ healthCheck?: string;
27946
+ /**
27947
+ * References to a rule.
27948
+ */
27949
+ ruleReference?: string;
27950
+ }
26466
27951
  interface RecordAlias {
26467
27952
  /**
26468
27953
  * Set to `true` if you want Route 53 to determine whether to respond to DNS queries using this resource record set by checking the health of the resource record set. Some resources have special requirements, see [related part of documentation](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values.html#rrsets-values-alias-evaluate-target-health).
@@ -27813,194 +29298,137 @@ export declare namespace s3 {
27813
29298
  }
27814
29299
  interface BucketV2CorsRule {
27815
29300
  /**
27816
- * Set of headers that are specified in the Access-Control-Request-Headers header.
27817
- *
27818
- * @deprecated Use the aws_s3_bucket_cors_configuration resource instead
29301
+ * List of headers allowed.
27819
29302
  */
27820
- allowedHeaders: string[];
29303
+ allowedHeaders?: string[];
27821
29304
  /**
27822
- * Set of HTTP methods that the origin is allowed to execute.
27823
- *
27824
- * @deprecated Use the aws_s3_bucket_cors_configuration resource instead
29305
+ * One or more HTTP methods that you allow the origin to execute. Can be `GET`, `PUT`, `POST`, `DELETE` or `HEAD`.
27825
29306
  */
27826
29307
  allowedMethods: string[];
27827
29308
  /**
27828
- * Set of origins customers are able to access the bucket from.
27829
- *
27830
- * @deprecated Use the aws_s3_bucket_cors_configuration resource instead
29309
+ * One or more origins you want customers to be able to access the bucket from.
27831
29310
  */
27832
29311
  allowedOrigins: string[];
27833
29312
  /**
27834
- * Set of headers in the response that customers are able to access from their applications.
27835
- * * `maxAgeSeconds` The time in seconds that browser can cache the response for a preflight request.
27836
- *
27837
- * @deprecated Use the aws_s3_bucket_cors_configuration resource instead
29313
+ * One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).
27838
29314
  */
27839
- exposeHeaders: string[];
29315
+ exposeHeaders?: string[];
27840
29316
  /**
27841
- * @deprecated Use the aws_s3_bucket_cors_configuration resource instead
29317
+ * Specifies time in seconds that browser can cache the response for a preflight request.
27842
29318
  */
27843
- maxAgeSeconds: number;
29319
+ maxAgeSeconds?: number;
27844
29320
  }
27845
29321
  interface BucketV2Grant {
27846
29322
  /**
27847
- * Unique identifier for the rule.
27848
- *
27849
- * @deprecated Use the aws_s3_bucket_acl resource instead
29323
+ * Canonical user id to grant for. Used only when `type` is `CanonicalUser`.
27850
29324
  */
27851
- id: string;
29325
+ id?: string;
27852
29326
  /**
27853
- * List of permissions given to the grantee.
27854
- *
27855
- * @deprecated Use the aws_s3_bucket_acl resource instead
29327
+ * List of permissions to apply for grantee. Valid values are `READ`, `WRITE`, `READ_ACP`, `WRITE_ACP`, `FULL_CONTROL`.
27856
29328
  */
27857
29329
  permissions: string[];
27858
29330
  /**
27859
- * Type of grantee.
27860
- *
27861
- * @deprecated Use the aws_s3_bucket_acl resource instead
29331
+ * Type of grantee to apply for. Valid values are `CanonicalUser` and `Group`. `AmazonCustomerByEmail` is not supported.
27862
29332
  */
27863
29333
  type: string;
27864
29334
  /**
27865
- * URI of the grantee group.
27866
- *
27867
- * @deprecated Use the aws_s3_bucket_acl resource instead
29335
+ * Uri address to grant for. Used only when `type` is `Group`.
27868
29336
  */
27869
- uri: string;
29337
+ uri?: string;
27870
29338
  }
27871
29339
  interface BucketV2LifecycleRule {
27872
29340
  /**
27873
- * Number of days after initiating a multipart upload when the multipart upload must be completed.
27874
- *
27875
- * @deprecated Use the aws_s3_bucket_lifecycle_configuration resource instead
29341
+ * Specifies the number of days after initiating a multipart upload when the multipart upload must be completed.
27876
29342
  */
27877
- abortIncompleteMultipartUploadDays: number;
29343
+ abortIncompleteMultipartUploadDays?: number;
27878
29344
  /**
27879
- * Whether versioning is enabled.
27880
- *
27881
- * @deprecated Use the aws_s3_bucket_lifecycle_configuration resource instead
29345
+ * Specifies lifecycle rule status.
27882
29346
  */
27883
29347
  enabled: boolean;
27884
29348
  /**
27885
- * The expiration for the lifecycle of the object in the form of date, days and, whether the object has a delete marker.
27886
- *
27887
- * @deprecated Use the aws_s3_bucket_lifecycle_configuration resource instead
29349
+ * Specifies a period in the object's expire. See Expiration below for details.
27888
29350
  */
27889
- expirations: outputs.s3.BucketV2LifecycleRuleExpiration[];
29351
+ expirations?: outputs.s3.BucketV2LifecycleRuleExpiration[];
27890
29352
  /**
27891
- * Unique identifier for the rule.
27892
- *
27893
- * @deprecated Use the aws_s3_bucket_lifecycle_configuration resource instead
29353
+ * Unique identifier for the rule. Must be less than or equal to 255 characters in length.
27894
29354
  */
27895
29355
  id: string;
27896
29356
  /**
27897
- * When noncurrent object versions expire.
27898
- *
27899
- * @deprecated Use the aws_s3_bucket_lifecycle_configuration resource instead
29357
+ * Specifies when noncurrent object versions expire. See Noncurrent Version Expiration below for details.
27900
29358
  */
27901
- noncurrentVersionExpirations: outputs.s3.BucketV2LifecycleRuleNoncurrentVersionExpiration[];
29359
+ noncurrentVersionExpirations?: outputs.s3.BucketV2LifecycleRuleNoncurrentVersionExpiration[];
27902
29360
  /**
27903
- * When noncurrent object versions transition.
27904
- *
27905
- * @deprecated Use the aws_s3_bucket_lifecycle_configuration resource instead
29361
+ * Specifies when noncurrent object versions transitions. See Noncurrent Version Transition below for details.
27906
29362
  */
27907
- noncurrentVersionTransitions: outputs.s3.BucketV2LifecycleRuleNoncurrentVersionTransition[];
29363
+ noncurrentVersionTransitions?: outputs.s3.BucketV2LifecycleRuleNoncurrentVersionTransition[];
27908
29364
  /**
27909
- * Object keyname prefix identifying one or more objects to which the rule applies
27910
- *
27911
- * @deprecated Use the aws_s3_bucket_lifecycle_configuration resource instead
29365
+ * Object key prefix identifying one or more objects to which the rule applies.
27912
29366
  */
27913
- prefix: string;
29367
+ prefix?: string;
27914
29368
  /**
27915
- * A map of tags to assign to the bucket. If configured with a provider [`defaultTags` configuration blockpresent, tags with matching keys will overwrite those defined at the provider-level.
27916
- *
27917
- * @deprecated Use the aws_s3_bucket_lifecycle_configuration resource instead
29369
+ * Specifies object tags key and value.
27918
29370
  */
27919
- tags: {
29371
+ tags?: {
27920
29372
  [key: string]: string;
27921
29373
  };
27922
29374
  /**
27923
- * Specifies when an Amazon S3 object transitions to a specified storage class.
27924
- *
27925
- * @deprecated Use the aws_s3_bucket_lifecycle_configuration resource instead
29375
+ * Specifies a period in the object's transitions. See Transition below for details.
27926
29376
  */
27927
- transitions: outputs.s3.BucketV2LifecycleRuleTransition[];
29377
+ transitions?: outputs.s3.BucketV2LifecycleRuleTransition[];
27928
29378
  }
27929
29379
  interface BucketV2LifecycleRuleExpiration {
27930
29380
  /**
27931
- * The date after which you want the corresponding action to take effect.
27932
- *
27933
- * @deprecated Use the aws_s3_bucket_lifecycle_configuration resource instead
29381
+ * Specifies the date after which you want the corresponding action to take effect.
27934
29382
  */
27935
- date: string;
29383
+ date?: string;
27936
29384
  /**
27937
- * The number of days specified for the default retention period.
27938
- *
27939
- * @deprecated Use the aws_s3_bucket_lifecycle_configuration resource instead
29385
+ * Specifies the number of days after object creation when the specific rule action takes effect.
27940
29386
  */
27941
- days: number;
29387
+ days?: number;
27942
29388
  /**
27943
- * Indicates whether Amazon S3 will remove a delete marker with no noncurrent versions.
27944
- *
27945
- * @deprecated Use the aws_s3_bucket_lifecycle_configuration resource instead
29389
+ * On a versioned bucket (versioning-enabled or versioning-suspended bucket), you can add this element in the lifecycle configuration to direct Amazon S3 to delete expired object delete markers. This cannot be specified with Days or Date in a Lifecycle Expiration Policy.
27946
29390
  */
27947
- expiredObjectDeleteMarker: boolean;
29391
+ expiredObjectDeleteMarker?: boolean;
27948
29392
  }
27949
29393
  interface BucketV2LifecycleRuleNoncurrentVersionExpiration {
27950
29394
  /**
27951
- * The number of days specified for the default retention period.
27952
- *
27953
- * @deprecated Use the aws_s3_bucket_lifecycle_configuration resource instead
29395
+ * Specifies the number of days noncurrent object versions expire.
27954
29396
  */
27955
- days: number;
29397
+ days?: number;
27956
29398
  }
27957
29399
  interface BucketV2LifecycleRuleNoncurrentVersionTransition {
27958
29400
  /**
27959
- * The number of days specified for the default retention period.
27960
- *
27961
- * @deprecated Use the aws_s3_bucket_lifecycle_configuration resource instead
29401
+ * Specifies the number of days noncurrent object versions transition.
27962
29402
  */
27963
- days: number;
29403
+ days?: number;
27964
29404
  /**
27965
- * The [storage class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_Destination.html#AmazonS3-Type-Destination-StorageClass) used to store the object.
27966
- *
27967
- * @deprecated Use the aws_s3_bucket_lifecycle_configuration resource instead
29405
+ * Specifies the Amazon S3 [storage class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_Transition.html#AmazonS3-Type-Transition-StorageClass) to which you want the object to transition.
27968
29406
  */
27969
29407
  storageClass: string;
27970
29408
  }
27971
29409
  interface BucketV2LifecycleRuleTransition {
27972
29410
  /**
27973
- * The date after which you want the corresponding action to take effect.
27974
- *
27975
- * @deprecated Use the aws_s3_bucket_lifecycle_configuration resource instead
29411
+ * Specifies the date after which you want the corresponding action to take effect.
27976
29412
  */
27977
- date: string;
29413
+ date?: string;
27978
29414
  /**
27979
- * The number of days specified for the default retention period.
27980
- *
27981
- * @deprecated Use the aws_s3_bucket_lifecycle_configuration resource instead
29415
+ * Specifies the number of days after object creation when the specific rule action takes effect.
27982
29416
  */
27983
- days: number;
29417
+ days?: number;
27984
29418
  /**
27985
- * The [storage class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_Destination.html#AmazonS3-Type-Destination-StorageClass) used to store the object.
27986
- *
27987
- * @deprecated Use the aws_s3_bucket_lifecycle_configuration resource instead
29419
+ * Specifies the Amazon S3 [storage class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_Transition.html#AmazonS3-Type-Transition-StorageClass) to which you want the object to transition.
27988
29420
  */
27989
29421
  storageClass: string;
27990
29422
  }
27991
29423
  interface BucketV2Logging {
27992
29424
  /**
27993
- * The name of the bucket that receives the log objects.
27994
- *
27995
- * @deprecated Use the aws_s3_bucket_logging resource instead
29425
+ * The name of the bucket that will receive the log objects.
27996
29426
  */
27997
29427
  targetBucket: string;
27998
29428
  /**
27999
- * The prefix for all log object keys/
28000
- *
28001
- * @deprecated Use the aws_s3_bucket_logging resource instead
29429
+ * To specify a key prefix for log objects.
28002
29430
  */
28003
- targetPrefix: string;
29431
+ targetPrefix?: string;
28004
29432
  }
28005
29433
  interface BucketV2ObjectLockConfiguration {
28006
29434
  /**
@@ -28010,291 +29438,210 @@ export declare namespace s3 {
28010
29438
  */
28011
29439
  objectLockEnabled?: string;
28012
29440
  /**
28013
- * (required) Information about a particular server-side encryption configuration rule.
29441
+ * The Object Lock rule in place for this bucket (documented below).
28014
29442
  *
28015
29443
  * @deprecated Use the aws_s3_bucket_object_lock_configuration resource instead
28016
29444
  */
28017
- rules: outputs.s3.BucketV2ObjectLockConfigurationRule[];
29445
+ rules?: outputs.s3.BucketV2ObjectLockConfigurationRule[];
28018
29446
  }
28019
29447
  interface BucketV2ObjectLockConfigurationRule {
28020
29448
  /**
28021
- * The default retention period applied to new objects placed in this bucket.
28022
- *
28023
- * @deprecated Use the aws_s3_bucket_object_lock_configuration resource instead
29449
+ * The default retention period that you want to apply to new objects placed in this bucket (documented below).
28024
29450
  */
28025
29451
  defaultRetentions: outputs.s3.BucketV2ObjectLockConfigurationRuleDefaultRetention[];
28026
29452
  }
28027
29453
  interface BucketV2ObjectLockConfigurationRuleDefaultRetention {
28028
29454
  /**
28029
- * The number of days specified for the default retention period.
28030
- *
28031
- * @deprecated Use the aws_s3_bucket_object_lock_configuration resource instead
29455
+ * The number of days that you want to specify for the default retention period.
28032
29456
  */
28033
- days: number;
29457
+ days?: number;
28034
29458
  /**
28035
- * The default Object Lock retention mode applied to new objects placed in this bucket.
28036
- *
28037
- * @deprecated Use the aws_s3_bucket_object_lock_configuration resource instead
29459
+ * The default Object Lock retention mode you want to apply to new objects placed in this bucket. Valid values are `GOVERNANCE` and `COMPLIANCE`.
28038
29460
  */
28039
29461
  mode: string;
28040
29462
  /**
28041
- * The number of years specified for the default retention period.
28042
- *
28043
- * @deprecated Use the aws_s3_bucket_object_lock_configuration resource instead
29463
+ * The number of years that you want to specify for the default retention period.
28044
29464
  */
28045
- years: number;
29465
+ years?: number;
28046
29466
  }
28047
29467
  interface BucketV2ReplicationConfiguration {
28048
29468
  /**
28049
- * The ARN of the IAM role for Amazon S3 assumed when replicating the objects.
28050
- *
28051
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29469
+ * The ARN of the IAM role for Amazon S3 to assume when replicating the objects.
28052
29470
  */
28053
29471
  role: string;
28054
29472
  /**
28055
- * The rules managing the replication.
28056
- *
28057
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29473
+ * Specifies the rules managing the replication (documented below).
28058
29474
  */
28059
29475
  rules: outputs.s3.BucketV2ReplicationConfigurationRule[];
28060
29476
  }
28061
29477
  interface BucketV2ReplicationConfigurationRule {
28062
29478
  /**
28063
- * Whether delete markers are replicated.
28064
- *
28065
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29479
+ * Whether delete markers are replicated. The only valid value is `Enabled`. To disable, omit this argument. This argument is only valid with V2 replication configurations (i.e., when `filter` is used).
28066
29480
  */
28067
- deleteMarkerReplicationStatus: string;
29481
+ deleteMarkerReplicationStatus?: string;
28068
29482
  /**
28069
- * The destination for the rule.
28070
- *
28071
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29483
+ * Specifies the destination for the rule (documented below).
28072
29484
  */
28073
29485
  destinations: outputs.s3.BucketV2ReplicationConfigurationRuleDestination[];
28074
29486
  /**
28075
- * Filter that identifies subset of objects to which the replication rule applies.
28076
- *
28077
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29487
+ * Filter that identifies subset of objects to which the replication rule applies (documented below).
28078
29488
  */
28079
- filters: outputs.s3.BucketV2ReplicationConfigurationRuleFilter[];
29489
+ filters?: outputs.s3.BucketV2ReplicationConfigurationRuleFilter[];
28080
29490
  /**
28081
- * Unique identifier for the rule.
28082
- *
28083
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29491
+ * Unique identifier for the rule. Must be less than or equal to 255 characters in length.
28084
29492
  */
28085
- id: string;
29493
+ id?: string;
28086
29494
  /**
28087
- * Object keyname prefix identifying one or more objects to which the rule applies
28088
- *
28089
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29495
+ * Object keyname prefix identifying one or more objects to which the rule applies. Must be less than or equal to 1024 characters in length.
28090
29496
  */
28091
- prefix: string;
29497
+ prefix?: string;
28092
29498
  /**
28093
- * The priority associated with the rule.
28094
- *
28095
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29499
+ * The priority associated with the rule. Priority should only be set if `filter` is configured. If not provided, defaults to `0`. Priority must be unique between multiple rules.
28096
29500
  */
28097
- priority: number;
29501
+ priority?: number;
28098
29502
  /**
28099
- * The special object selection criteria.
28100
- *
28101
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29503
+ * Specifies special object selection criteria (documented below).
28102
29504
  */
28103
- sourceSelectionCriterias: outputs.s3.BucketV2ReplicationConfigurationRuleSourceSelectionCriteria[];
29505
+ sourceSelectionCriterias?: outputs.s3.BucketV2ReplicationConfigurationRuleSourceSelectionCriteria[];
28104
29506
  /**
28105
- * The status of the rule.
28106
- *
28107
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29507
+ * The status of the rule. Either `Enabled` or `Disabled`. The rule is ignored if status is not Enabled.
28108
29508
  */
28109
29509
  status: string;
28110
29510
  }
28111
29511
  interface BucketV2ReplicationConfigurationRuleDestination {
28112
29512
  /**
28113
- * The overrides to use for object owners on replication.
28114
- *
28115
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29513
+ * Specifies the overrides to use for object owners on replication. Must be used in conjunction with `accountId` owner override configuration.
28116
29514
  */
28117
- accessControlTranslations: outputs.s3.BucketV2ReplicationConfigurationRuleDestinationAccessControlTranslation[];
29515
+ accessControlTranslations?: outputs.s3.BucketV2ReplicationConfigurationRuleDestinationAccessControlTranslation[];
28118
29516
  /**
28119
- * The Account ID to use for overriding the object owner on replication.
28120
- *
28121
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29517
+ * The Account ID to use for overriding the object owner on replication. Must be used in conjunction with `accessControlTranslation` override configuration.
28122
29518
  */
28123
- accountId: string;
29519
+ accountId?: string;
28124
29520
  /**
28125
- * The name of the bucket. If omitted, this provider will assign a random, unique name. Must be lowercase and less than or equal to 63 characters in length. A full list of bucket naming rules [may be found here](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html).
28126
- *
28127
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29521
+ * The ARN of the S3 bucket where you want Amazon S3 to store replicas of the object identified by the rule.
28128
29522
  */
28129
29523
  bucket: string;
28130
29524
  /**
28131
- * Replication metrics.
28132
- *
28133
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29525
+ * Enables replication metrics (required for S3 RTC) (documented below).
28134
29526
  */
28135
- metrics: outputs.s3.BucketV2ReplicationConfigurationRuleDestinationMetric[];
29527
+ metrics?: outputs.s3.BucketV2ReplicationConfigurationRuleDestinationMetric[];
28136
29528
  /**
28137
- * Destination KMS encryption key ARN for SSE-KMS replication.
28138
- *
28139
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29529
+ * Destination KMS encryption key ARN for SSE-KMS replication. Must be used in conjunction with
29530
+ * `sseKmsEncryptedObjects` source selection criteria.
28140
29531
  */
28141
- replicaKmsKeyId: string;
29532
+ replicaKmsKeyId?: string;
28142
29533
  /**
28143
- * S3 Replication Time Control (S3 RTC).
28144
- *
28145
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29534
+ * Enables S3 Replication Time Control (S3 RTC) (documented below).
28146
29535
  */
28147
- replicationTimes: outputs.s3.BucketV2ReplicationConfigurationRuleDestinationReplicationTime[];
29536
+ replicationTimes?: outputs.s3.BucketV2ReplicationConfigurationRuleDestinationReplicationTime[];
28148
29537
  /**
28149
- * The [storage class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_Destination.html#AmazonS3-Type-Destination-StorageClass) used to store the object.
28150
- *
28151
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29538
+ * The [storage class](https://docs.aws.amazon.com/AmazonS3/latest/API/API_Destination.html#AmazonS3-Type-Destination-StorageClass) used to store the object. By default, Amazon S3 uses the storage class of the source object to create the object replica.
28152
29539
  */
28153
- storageClass: string;
29540
+ storageClass?: string;
28154
29541
  }
28155
29542
  interface BucketV2ReplicationConfigurationRuleDestinationAccessControlTranslation {
28156
- /**
28157
- * The override value for the owner on replicated objects.
28158
- *
28159
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
28160
- */
28161
29543
  owner: string;
28162
29544
  }
28163
29545
  interface BucketV2ReplicationConfigurationRuleDestinationMetric {
28164
29546
  /**
28165
- * Threshold within which objects are to be replicated.
28166
- *
28167
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29547
+ * Threshold within which objects are to be replicated. The only valid value is `15`.
28168
29548
  */
28169
- minutes: number;
29549
+ minutes?: number;
28170
29550
  /**
28171
- * The status of the rule.
28172
- *
28173
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29551
+ * The status of replication metrics. Either `Enabled` or `Disabled`.
28174
29552
  */
28175
- status: string;
29553
+ status?: string;
28176
29554
  }
28177
29555
  interface BucketV2ReplicationConfigurationRuleDestinationReplicationTime {
28178
29556
  /**
28179
- * Threshold within which objects are to be replicated.
28180
- *
28181
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29557
+ * Threshold within which objects are to be replicated. The only valid value is `15`.
28182
29558
  */
28183
- minutes: number;
29559
+ minutes?: number;
28184
29560
  /**
28185
- * The status of the rule.
28186
- *
28187
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29561
+ * The status of RTC. Either `Enabled` or `Disabled`.
28188
29562
  */
28189
- status: string;
29563
+ status?: string;
28190
29564
  }
28191
29565
  interface BucketV2ReplicationConfigurationRuleFilter {
28192
29566
  /**
28193
- * Object keyname prefix identifying one or more objects to which the rule applies
28194
- *
28195
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29567
+ * Object keyname prefix that identifies subset of objects to which the rule applies. Must be less than or equal to 1024 characters in length.
28196
29568
  */
28197
- prefix: string;
29569
+ prefix?: string;
28198
29570
  /**
28199
- * A map of tags to assign to the bucket. If configured with a provider [`defaultTags` configuration blockpresent, tags with matching keys will overwrite those defined at the provider-level.
28200
- *
28201
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29571
+ * A map of tags that identifies subset of objects to which the rule applies.
29572
+ * The rule applies only to objects having all the tags in its tagset.
28202
29573
  */
28203
- tags: {
29574
+ tags?: {
28204
29575
  [key: string]: string;
28205
29576
  };
28206
29577
  }
28207
29578
  interface BucketV2ReplicationConfigurationRuleSourceSelectionCriteria {
28208
29579
  /**
28209
- * Matched SSE-KMS encrypted objects.
28210
- *
28211
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29580
+ * Match SSE-KMS encrypted objects (documented below). If specified, `replicaKmsKeyId`
29581
+ * in `destination` must be specified as well.
28212
29582
  */
28213
- sseKmsEncryptedObjects: outputs.s3.BucketV2ReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObject[];
29583
+ sseKmsEncryptedObjects?: outputs.s3.BucketV2ReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObject[];
28214
29584
  }
28215
29585
  interface BucketV2ReplicationConfigurationRuleSourceSelectionCriteriaSseKmsEncryptedObject {
28216
29586
  /**
28217
- * Whether versioning is enabled.
28218
- *
28219
- * @deprecated Use the aws_s3_bucket_replication_configuration resource instead
29587
+ * Boolean which indicates if this criteria is enabled.
28220
29588
  */
28221
29589
  enabled: boolean;
28222
29590
  }
28223
29591
  interface BucketV2ServerSideEncryptionConfiguration {
28224
29592
  /**
28225
- * (required) Information about a particular server-side encryption configuration rule.
28226
- *
28227
- * @deprecated Use the aws_s3_bucket_server_side_encryption_configuration resource instead
29593
+ * A single object for server-side encryption by default configuration. (documented below)
28228
29594
  */
28229
29595
  rules: outputs.s3.BucketV2ServerSideEncryptionConfigurationRule[];
28230
29596
  }
28231
29597
  interface BucketV2ServerSideEncryptionConfigurationRule {
28232
29598
  /**
28233
- * The default server-side encryption applied to new objects in the bucket.
28234
- *
28235
- * @deprecated Use the aws_s3_bucket_server_side_encryption_configuration resource instead
29599
+ * A single object for setting server-side encryption by default. (documented below)
28236
29600
  */
28237
29601
  applyServerSideEncryptionByDefaults: outputs.s3.BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault[];
28238
29602
  /**
28239
- * (Optional) Whether an [Amazon S3 Bucket Key](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) is used for SSE-KMS.
28240
- *
28241
- * @deprecated Use the aws_s3_bucket_server_side_encryption_configuration resource instead
29603
+ * Whether or not to use [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) for SSE-KMS.
28242
29604
  */
28243
- bucketKeyEnabled: boolean;
29605
+ bucketKeyEnabled?: boolean;
28244
29606
  }
28245
29607
  interface BucketV2ServerSideEncryptionConfigurationRuleApplyServerSideEncryptionByDefault {
28246
29608
  /**
28247
- * (optional) The AWS KMS master key ID used for the SSE-KMS encryption.
28248
- *
28249
- * @deprecated Use the aws_s3_bucket_server_side_encryption_configuration resource instead
29609
+ * The AWS KMS master key ID used for the SSE-KMS encryption. This can only be used when you set the value of `sseAlgorithm` as `aws:kms`. The default `aws/s3` AWS KMS master key is used if this element is absent while the `sseAlgorithm` is `aws:kms`.
28250
29610
  */
28251
- kmsMasterKeyId: string;
29611
+ kmsMasterKeyId?: string;
28252
29612
  /**
28253
- * (required) The server-side encryption algorithm used.
28254
- *
28255
- * @deprecated Use the aws_s3_bucket_server_side_encryption_configuration resource instead
29613
+ * The server-side encryption algorithm to use. Valid values are `AES256` and `aws:kms`
28256
29614
  */
28257
29615
  sseAlgorithm: string;
28258
29616
  }
28259
29617
  interface BucketV2Versioning {
28260
29618
  /**
28261
- * Whether versioning is enabled.
28262
- *
28263
- * @deprecated Use the aws_s3_bucket_versioning resource instead
29619
+ * Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket.
28264
29620
  */
28265
- enabled: boolean;
29621
+ enabled?: boolean;
28266
29622
  /**
28267
- * Whether MFA delete is enabled.
28268
- *
28269
- * @deprecated Use the aws_s3_bucket_versioning resource instead
29623
+ * Enable MFA delete for either `Change the versioning state of your bucket` or `Permanently delete an object version`. Default is `false`. This cannot be used to toggle this setting but is available to allow managed buckets to reflect the state in AWS
28270
29624
  */
28271
- mfaDelete: boolean;
29625
+ mfaDelete?: boolean;
28272
29626
  }
28273
29627
  interface BucketV2Website {
28274
29628
  /**
28275
- * The name of the error document for the website.
28276
- *
28277
- * @deprecated Use the aws_s3_bucket_website_configuration resource
29629
+ * An absolute path to the document to return in case of a 4XX error.
28278
29630
  */
28279
- errorDocument: string;
29631
+ errorDocument?: string;
28280
29632
  /**
28281
- * The name of the index document for the website.
28282
- *
28283
- * @deprecated Use the aws_s3_bucket_website_configuration resource
29633
+ * Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders.
28284
29634
  */
28285
- indexDocument: string;
29635
+ indexDocument?: string;
28286
29636
  /**
28287
- * The redirect behavior for every request to this bucket's website endpoint.
28288
- *
28289
- * @deprecated Use the aws_s3_bucket_website_configuration resource
29637
+ * A hostname to redirect all website requests for this bucket to. Hostname can optionally be prefixed with a protocol (`http://` or `https://`) to use when redirecting requests. The default is the protocol that is used in the original request.
28290
29638
  */
28291
- redirectAllRequestsTo: string;
29639
+ redirectAllRequestsTo?: string;
28292
29640
  /**
28293
- * (Optional) The rules that define when a redirect is applied and the redirect behavior.
28294
- *
28295
- * @deprecated Use the aws_s3_bucket_website_configuration resource
29641
+ * A json array containing [routing rules](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-websiteconfiguration-routingrules.html)
29642
+ * describing redirect behavior and when redirects are applied.
28296
29643
  */
28297
- routingRules: string;
29644
+ routingRules?: string;
28298
29645
  }
28299
29646
  interface BucketVersioning {
28300
29647
  /**
@@ -31356,7 +32703,7 @@ export declare namespace ses {
31356
32703
  */
31357
32704
  position: number;
31358
32705
  /**
31359
- * The scope to apply
32706
+ * The scope to apply. The only acceptable value is `RuleSet`.
31360
32707
  */
31361
32708
  scope: string;
31362
32709
  /**
@@ -31559,6 +32906,16 @@ export declare namespace ssm {
31559
32906
  */
31560
32907
  values: string[];
31561
32908
  }
32909
+ interface GetMaintenanceWindowsFilter {
32910
+ /**
32911
+ * The name of the filter field. Valid values can be found in the [SSM DescribeMaintenanceWindows API Reference](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeMaintenanceWindows.html#API_DescribeMaintenanceWindows_RequestSyntax).
32912
+ */
32913
+ name: string;
32914
+ /**
32915
+ * Set of values that are accepted for the given filter field. Results will be selected if any given value matches.
32916
+ */
32917
+ values: string[];
32918
+ }
31562
32919
  interface MaintenanceWindowTargetTarget {
31563
32920
  key: string;
31564
32921
  values: string[];
@@ -31794,6 +33151,24 @@ export declare namespace storagegateway {
31794
33151
  */
31795
33152
  ipv4Address: string;
31796
33153
  }
33154
+ interface GatewayMaintenanceStartTime {
33155
+ /**
33156
+ * The day of the month component of the maintenance start time represented as an ordinal number from 1 to 28, where 1 represents the first day of the month and 28 represents the last day of the month.
33157
+ */
33158
+ dayOfMonth?: string;
33159
+ /**
33160
+ * The day of the week component of the maintenance start time week represented as an ordinal number from 0 to 6, where 0 represents Sunday and 6 Saturday.
33161
+ */
33162
+ dayOfWeek?: string;
33163
+ /**
33164
+ * The hour component of the maintenance start time represented as _hh_, where _hh_ is the hour (00 to 23). The hour of the day is in the time zone of the gateway.
33165
+ */
33166
+ hourOfDay: number;
33167
+ /**
33168
+ * The minute component of the maintenance start time represented as _mm_, where _mm_ is the minute (00 to 59). The minute of the hour is in the time zone of the gateway.
33169
+ */
33170
+ minuteOfHour?: number;
33171
+ }
31797
33172
  interface GatewaySmbActiveDirectorySettings {
31798
33173
  activeDirectoryStatus: string;
31799
33174
  /**
@@ -71244,3 +72619,15 @@ export declare namespace workspaces {
71244
72619
  userVolumeSizeGib?: number;
71245
72620
  }
71246
72621
  }
72622
+ export declare namespace xray {
72623
+ interface GroupInsightsConfiguration {
72624
+ /**
72625
+ * Specifies whether insights are enabled.
72626
+ */
72627
+ insightsEnabled: boolean;
72628
+ /**
72629
+ * Specifies whether insight notifications are enabled.
72630
+ */
72631
+ notificationsEnabled: boolean;
72632
+ }
72633
+ }