@pulumi/aws 6.0.0-alpha.2 → 6.0.0-alpha.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (401) hide show
  1. package/alb/targetGroupAttachment.d.ts +17 -10
  2. package/alb/targetGroupAttachment.js +2 -1
  3. package/alb/targetGroupAttachment.js.map +1 -1
  4. package/appconfig/environment.d.ts +1 -1
  5. package/appflow/flow.d.ts +98 -0
  6. package/appflow/flow.js +98 -0
  7. package/appflow/flow.js.map +1 -1
  8. package/applicationloadbalancing/targetGroupAttachment.d.ts +17 -10
  9. package/applicationloadbalancing/targetGroupAttachment.js +2 -1
  10. package/applicationloadbalancing/targetGroupAttachment.js.map +1 -1
  11. package/appsync/graphQLApi.d.ts +0 -134
  12. package/appsync/graphQLApi.js +0 -134
  13. package/appsync/graphQLApi.js.map +1 -1
  14. package/backup/regionSettings.d.ts +3 -3
  15. package/batch/computeEnvironment.d.ts +2 -0
  16. package/batch/computeEnvironment.js +2 -0
  17. package/batch/computeEnvironment.js.map +1 -1
  18. package/budgets/getBudget.d.ts +130 -0
  19. package/budgets/getBudget.js +51 -0
  20. package/budgets/getBudget.js.map +1 -0
  21. package/budgets/index.d.ts +3 -0
  22. package/budgets/index.js +4 -1
  23. package/budgets/index.js.map +1 -1
  24. package/chime/index.d.ts +9 -0
  25. package/chime/index.js +16 -1
  26. package/chime/index.js.map +1 -1
  27. package/chime/sdkvoiceGlobalSettings.d.ts +73 -0
  28. package/chime/sdkvoiceGlobalSettings.js +75 -0
  29. package/chime/sdkvoiceGlobalSettings.js.map +1 -0
  30. package/chime/sdkvoiceSipMediaApplication.d.ts +145 -0
  31. package/chime/sdkvoiceSipMediaApplication.js +95 -0
  32. package/chime/sdkvoiceSipMediaApplication.js.map +1 -0
  33. package/chime/sdkvoiceSipRule.d.ts +134 -0
  34. package/chime/sdkvoiceSipRule.js +99 -0
  35. package/chime/sdkvoiceSipRule.js.map +1 -0
  36. package/chime/voiceConnector.d.ts +44 -0
  37. package/chime/voiceConnector.js +6 -0
  38. package/chime/voiceConnector.js.map +1 -1
  39. package/cleanrooms/collaboration.d.ts +256 -0
  40. package/cleanrooms/collaboration.js +123 -0
  41. package/cleanrooms/collaboration.js.map +1 -0
  42. package/cleanrooms/index.d.ts +3 -0
  43. package/cleanrooms/index.js +22 -0
  44. package/cleanrooms/index.js.map +1 -0
  45. package/cloudfront/cachePolicy.d.ts +22 -22
  46. package/cloudfront/cachePolicy.js +2 -2
  47. package/cloudwatch/eventTarget.d.ts +8 -2
  48. package/cloudwatch/eventTarget.js +8 -2
  49. package/cloudwatch/eventTarget.js.map +1 -1
  50. package/cloudwatch/internetMonitor.d.ts +12 -0
  51. package/cloudwatch/internetMonitor.js +2 -0
  52. package/cloudwatch/internetMonitor.js.map +1 -1
  53. package/cloudwatch/metricStream.d.ts +94 -0
  54. package/cloudwatch/metricStream.js +94 -0
  55. package/cloudwatch/metricStream.js.map +1 -1
  56. package/codebuild/project.d.ts +2 -2
  57. package/codebuild/project.js +2 -2
  58. package/cognito/identityPool.d.ts +1 -1
  59. package/cognito/identityPool.js +1 -1
  60. package/cognito/index.d.ts +3 -0
  61. package/cognito/index.js +6 -1
  62. package/cognito/index.js.map +1 -1
  63. package/cognito/managedUserPoolClient.d.ts +394 -0
  64. package/cognito/managedUserPoolClient.js +170 -0
  65. package/cognito/managedUserPoolClient.js.map +1 -0
  66. package/cognito/userPool.d.ts +3 -3
  67. package/cognito/userPoolClient.d.ts +14 -14
  68. package/cognito/userPoolClient.js +1 -1
  69. package/config/vars.d.ts +5 -0
  70. package/config/vars.js +6 -0
  71. package/config/vars.js.map +1 -1
  72. package/cur/reportDefinition.d.ts +7 -4
  73. package/cur/reportDefinition.js +4 -1
  74. package/cur/reportDefinition.js.map +1 -1
  75. package/datasync/locationObjectStorage.d.ts +3 -3
  76. package/ec2/getInstances.d.ts +54 -0
  77. package/ec2/getInstances.js +54 -0
  78. package/ec2/getInstances.js.map +1 -1
  79. package/ec2/getVpcPeeringConnections.d.ts +34 -0
  80. package/ec2/getVpcPeeringConnections.js +34 -0
  81. package/ec2/getVpcPeeringConnections.js.map +1 -1
  82. package/ec2/instance.d.ts +61 -0
  83. package/ec2/instance.js +39 -0
  84. package/ec2/instance.js.map +1 -1
  85. package/ec2/managedPrefixListEntry.d.ts +8 -16
  86. package/ec2/managedPrefixListEntry.js +5 -13
  87. package/ec2/managedPrefixListEntry.js.map +1 -1
  88. package/ec2/peeringConnectionOptions.d.ts +6 -18
  89. package/ec2/peeringConnectionOptions.js.map +1 -1
  90. package/ec2/securityGroupRule.d.ts +6 -0
  91. package/ec2/securityGroupRule.js.map +1 -1
  92. package/ec2/spotInstanceRequest.d.ts +7 -7
  93. package/ec2/spotInstanceRequest.js +1 -1
  94. package/ec2transitgateway/connect.d.ts +3 -3
  95. package/ec2transitgateway/connectPeer.d.ts +16 -0
  96. package/ec2transitgateway/connectPeer.js +4 -0
  97. package/ec2transitgateway/connectPeer.js.map +1 -1
  98. package/ec2transitgateway/getConnectPeer.d.ts +8 -0
  99. package/ec2transitgateway/getConnectPeer.js.map +1 -1
  100. package/ec2transitgateway/getVpcAttachments.d.ts +32 -0
  101. package/ec2transitgateway/getVpcAttachments.js +32 -0
  102. package/ec2transitgateway/getVpcAttachments.js.map +1 -1
  103. package/ec2transitgateway/index.d.ts +3 -0
  104. package/ec2transitgateway/index.js +6 -1
  105. package/ec2transitgateway/index.js.map +1 -1
  106. package/ec2transitgateway/instanceConnectEndpoint.d.ts +183 -0
  107. package/ec2transitgateway/instanceConnectEndpoint.js +96 -0
  108. package/ec2transitgateway/instanceConnectEndpoint.js.map +1 -0
  109. package/ec2transitgateway/routeTableAssociation.d.ts +12 -0
  110. package/ec2transitgateway/routeTableAssociation.js +2 -0
  111. package/ec2transitgateway/routeTableAssociation.js.map +1 -1
  112. package/ecr/getPullThroughCacheRule.d.ts +67 -0
  113. package/ecr/getPullThroughCacheRule.js +47 -0
  114. package/ecr/getPullThroughCacheRule.js.map +1 -0
  115. package/ecr/index.d.ts +3 -0
  116. package/ecr/index.js +4 -1
  117. package/ecr/index.js.map +1 -1
  118. package/eks/addon.d.ts +5 -10
  119. package/eks/addon.js +2 -7
  120. package/eks/addon.js.map +1 -1
  121. package/eks/cluster.d.ts +2 -4
  122. package/eks/cluster.js +2 -4
  123. package/eks/cluster.js.map +1 -1
  124. package/eks/getAddonVersion.d.ts +4 -8
  125. package/eks/getAddonVersion.js +4 -8
  126. package/eks/getAddonVersion.js.map +1 -1
  127. package/eks/getCluster.d.ts +6 -12
  128. package/eks/getCluster.js +6 -12
  129. package/eks/getCluster.js.map +1 -1
  130. package/eks/nodeGroup.d.ts +24 -15
  131. package/eks/nodeGroup.js.map +1 -1
  132. package/elasticache/cluster.d.ts +6 -3
  133. package/elasticache/cluster.js.map +1 -1
  134. package/elasticache/globalReplicationGroup.d.ts +6 -3
  135. package/elasticache/globalReplicationGroup.js.map +1 -1
  136. package/elasticache/replicationGroup.d.ts +6 -3
  137. package/elasticache/replicationGroup.js.map +1 -1
  138. package/elasticloadbalancing/loadBalancer.d.ts +3 -3
  139. package/elasticloadbalancingv2/targetGroupAttachment.d.ts +17 -10
  140. package/elasticloadbalancingv2/targetGroupAttachment.js +2 -1
  141. package/elasticloadbalancingv2/targetGroupAttachment.js.map +1 -1
  142. package/elb/loadBalancer.d.ts +3 -3
  143. package/finspace/index.d.ts +12 -0
  144. package/finspace/index.js +37 -0
  145. package/finspace/index.js.map +1 -0
  146. package/finspace/kxCluster.d.ts +340 -0
  147. package/finspace/kxCluster.js +129 -0
  148. package/finspace/kxCluster.js.map +1 -0
  149. package/finspace/kxDatabase.d.ts +165 -0
  150. package/finspace/kxDatabase.js +102 -0
  151. package/finspace/kxDatabase.js.map +1 -0
  152. package/finspace/kxEnvironment.d.ts +235 -0
  153. package/finspace/kxEnvironment.js +132 -0
  154. package/finspace/kxEnvironment.js.map +1 -0
  155. package/finspace/kxUser.d.ts +160 -0
  156. package/finspace/kxUser.js +112 -0
  157. package/finspace/kxUser.js.map +1 -0
  158. package/fis/experimentTemplate.d.ts +12 -0
  159. package/fis/experimentTemplate.js +2 -0
  160. package/fis/experimentTemplate.js.map +1 -1
  161. package/getArn.d.ts +2 -3
  162. package/getArn.js +1 -0
  163. package/getArn.js.map +1 -1
  164. package/getBillingServiceAccount.d.ts +67 -2
  165. package/getBillingServiceAccount.js +56 -3
  166. package/getBillingServiceAccount.js.map +1 -1
  167. package/getCallerIdentity.d.ts +37 -2
  168. package/getCallerIdentity.js +26 -3
  169. package/getCallerIdentity.js.map +1 -1
  170. package/getDefaultTags.d.ts +2 -15
  171. package/getDefaultTags.js +1 -1
  172. package/getDefaultTags.js.map +1 -1
  173. package/getIpRanges.d.ts +2 -3
  174. package/getIpRanges.js +1 -0
  175. package/getIpRanges.js.map +1 -1
  176. package/getPartition.d.ts +41 -2
  177. package/getPartition.js +30 -3
  178. package/getPartition.js.map +1 -1
  179. package/getRegion.d.ts +2 -3
  180. package/getRegion.js +1 -0
  181. package/getRegion.js.map +1 -1
  182. package/getRegions.d.ts +9 -1
  183. package/getRegions.js +1 -0
  184. package/getRegions.js.map +1 -1
  185. package/getService.d.ts +2 -3
  186. package/getService.js +1 -0
  187. package/getService.js.map +1 -1
  188. package/globalaccelerator/customRoutingAccelerator.d.ts +192 -0
  189. package/globalaccelerator/customRoutingAccelerator.js +100 -0
  190. package/globalaccelerator/customRoutingAccelerator.js.map +1 -0
  191. package/globalaccelerator/customRoutingEndpointGroup.d.ts +130 -0
  192. package/globalaccelerator/customRoutingEndpointGroup.js +93 -0
  193. package/globalaccelerator/customRoutingEndpointGroup.js.map +1 -0
  194. package/globalaccelerator/customRoutingListener.d.ts +104 -0
  195. package/globalaccelerator/customRoutingListener.js +93 -0
  196. package/globalaccelerator/customRoutingListener.js.map +1 -0
  197. package/globalaccelerator/getAccelerator.d.ts +3 -9
  198. package/globalaccelerator/getAccelerator.js +1 -1
  199. package/globalaccelerator/getAccelerator.js.map +1 -1
  200. package/globalaccelerator/getCustomRoutingAccelerator.d.ts +96 -0
  201. package/globalaccelerator/getCustomRoutingAccelerator.js +58 -0
  202. package/globalaccelerator/getCustomRoutingAccelerator.js.map +1 -0
  203. package/globalaccelerator/index.d.ts +12 -0
  204. package/globalaccelerator/index.js +19 -1
  205. package/globalaccelerator/index.js.map +1 -1
  206. package/glue/crawler.d.ts +21 -0
  207. package/glue/crawler.js +2 -0
  208. package/glue/crawler.js.map +1 -1
  209. package/glue/devEndpoint.d.ts +3 -3
  210. package/glue/workflow.d.ts +3 -3
  211. package/guardduty/getFindingIds.d.ts +66 -0
  212. package/guardduty/getFindingIds.js +49 -0
  213. package/guardduty/getFindingIds.js.map +1 -0
  214. package/guardduty/index.d.ts +3 -0
  215. package/guardduty/index.js +4 -1
  216. package/guardduty/index.js.map +1 -1
  217. package/iam/getPrincipalPolicySimulation.d.ts +167 -0
  218. package/iam/getPrincipalPolicySimulation.js +48 -0
  219. package/iam/getPrincipalPolicySimulation.js.map +1 -0
  220. package/iam/index.d.ts +3 -0
  221. package/iam/index.js +5 -2
  222. package/iam/index.js.map +1 -1
  223. package/index.d.ts +9 -4
  224. package/index.js +15 -8
  225. package/index.js.map +1 -1
  226. package/iot/getEndpoint.d.ts +50 -0
  227. package/iot/getEndpoint.js +50 -0
  228. package/iot/getEndpoint.js.map +1 -1
  229. package/kendra/querySuggestionsBlockList.d.ts +24 -24
  230. package/kendra/querySuggestionsBlockList.js +2 -2
  231. package/keyspaces/table.d.ts +12 -0
  232. package/keyspaces/table.js +2 -0
  233. package/keyspaces/table.js.map +1 -1
  234. package/kinesis/firehoseDeliveryStream.d.ts +0 -50
  235. package/kinesis/firehoseDeliveryStream.js +0 -50
  236. package/kinesis/firehoseDeliveryStream.js.map +1 -1
  237. package/lambda/eventSourceMapping.d.ts +6 -48
  238. package/lambda/eventSourceMapping.js +0 -42
  239. package/lambda/eventSourceMapping.js.map +1 -1
  240. package/lambda/function.d.ts +51 -4
  241. package/lambda/function.js +36 -1
  242. package/lambda/function.js.map +1 -1
  243. package/lambda/provisionedConcurrencyConfig.d.ts +2 -2
  244. package/lambda/provisionedConcurrencyConfig.js +2 -2
  245. package/lb/targetGroupAttachment.d.ts +17 -10
  246. package/lb/targetGroupAttachment.js +2 -1
  247. package/lb/targetGroupAttachment.js.map +1 -1
  248. package/msk/cluster.d.ts +108 -0
  249. package/msk/cluster.js +108 -0
  250. package/msk/cluster.js.map +1 -1
  251. package/opensearch/getServerlessAccessPolicy.d.ts +81 -0
  252. package/opensearch/getServerlessAccessPolicy.js +52 -0
  253. package/opensearch/getServerlessAccessPolicy.js.map +1 -0
  254. package/opensearch/getServerlessCollection.d.ts +101 -0
  255. package/opensearch/getServerlessCollection.js +51 -0
  256. package/opensearch/getServerlessCollection.js.map +1 -0
  257. package/opensearch/getServerlessSecurityConfig.d.ts +91 -0
  258. package/opensearch/getServerlessSecurityConfig.js +50 -0
  259. package/opensearch/getServerlessSecurityConfig.js.map +1 -0
  260. package/opensearch/getServerlessSecurityPolicy.d.ts +90 -0
  261. package/opensearch/getServerlessSecurityPolicy.js +50 -0
  262. package/opensearch/getServerlessSecurityPolicy.js.map +1 -0
  263. package/opensearch/getServerlessVpcEndpoint.d.ts +79 -0
  264. package/opensearch/getServerlessVpcEndpoint.js +47 -0
  265. package/opensearch/getServerlessVpcEndpoint.js.map +1 -0
  266. package/opensearch/index.d.ts +30 -0
  267. package/opensearch/index.js +41 -1
  268. package/opensearch/index.js.map +1 -1
  269. package/opensearch/serverlessAccessPolicy.d.ts +138 -0
  270. package/opensearch/serverlessAccessPolicy.js +106 -0
  271. package/opensearch/serverlessAccessPolicy.js.map +1 -0
  272. package/opensearch/serverlessCollection.d.ts +167 -0
  273. package/opensearch/serverlessCollection.js +104 -0
  274. package/opensearch/serverlessCollection.js.map +1 -0
  275. package/opensearch/serverlessSecurityConfig.d.ts +113 -0
  276. package/opensearch/serverlessSecurityConfig.js +76 -0
  277. package/opensearch/serverlessSecurityConfig.js.map +1 -0
  278. package/opensearch/serverlessSecurityPolicy.d.ts +148 -0
  279. package/opensearch/serverlessSecurityPolicy.js +116 -0
  280. package/opensearch/serverlessSecurityPolicy.js.map +1 -0
  281. package/opensearch/serverlessVpcEndpoint.d.ts +120 -0
  282. package/opensearch/serverlessVpcEndpoint.js +91 -0
  283. package/opensearch/serverlessVpcEndpoint.js.map +1 -0
  284. package/organizations/getPolicies.d.ts +45 -0
  285. package/organizations/getPolicies.js +29 -0
  286. package/organizations/getPolicies.js.map +1 -0
  287. package/organizations/getPoliciesForTarget.d.ts +54 -0
  288. package/organizations/getPoliciesForTarget.js +30 -0
  289. package/organizations/getPoliciesForTarget.js.map +1 -0
  290. package/organizations/index.d.ts +9 -0
  291. package/organizations/index.js +12 -1
  292. package/organizations/index.js.map +1 -1
  293. package/organizations/resourcePolicy.d.ts +137 -0
  294. package/organizations/resourcePolicy.js +109 -0
  295. package/organizations/resourcePolicy.js.map +1 -0
  296. package/package.json +2 -2
  297. package/package.json.dev +2 -2
  298. package/pinpoint/smsChannel.d.ts +18 -18
  299. package/pinpoint/smsChannel.js +2 -2
  300. package/pipes/pipe.d.ts +52 -19
  301. package/pipes/pipe.js +25 -8
  302. package/pipes/pipe.js.map +1 -1
  303. package/provider.d.ts +10 -0
  304. package/provider.js +2 -1
  305. package/provider.js.map +1 -1
  306. package/quicksight/dataSet.d.ts +2 -2
  307. package/quicksight/dataSet.js +0 -3
  308. package/quicksight/dataSet.js.map +1 -1
  309. package/quicksight/getTheme.d.ts +133 -0
  310. package/quicksight/getTheme.js +51 -0
  311. package/quicksight/getTheme.js.map +1 -0
  312. package/quicksight/index.d.ts +6 -0
  313. package/quicksight/index.js +9 -1
  314. package/quicksight/index.js.map +1 -1
  315. package/quicksight/refreshSchedule.d.ts +44 -0
  316. package/quicksight/refreshSchedule.js +44 -0
  317. package/quicksight/refreshSchedule.js.map +1 -1
  318. package/quicksight/theme.d.ts +211 -0
  319. package/quicksight/theme.js +97 -0
  320. package/quicksight/theme.js.map +1 -0
  321. package/rds/eventSubscription.d.ts +3 -3
  322. package/rds/getInstance.d.ts +1 -1
  323. package/rds/instance.d.ts +3 -3
  324. package/rds/proxy.d.ts +3 -3
  325. package/redshift/cluster.d.ts +8 -0
  326. package/redshift/cluster.js +2 -0
  327. package/redshift/cluster.js.map +1 -1
  328. package/redshift/getCluster.d.ts +5 -1
  329. package/redshift/getCluster.js.map +1 -1
  330. package/s3/bucketNotification.d.ts +15 -3
  331. package/s3/bucketNotification.js +12 -0
  332. package/s3/bucketNotification.js.map +1 -1
  333. package/servicecatalog/getProduct.d.ts +13 -13
  334. package/servicecatalog/getProduct.js +4 -4
  335. package/ses/activeReceiptRuleSet.d.ts +8 -0
  336. package/ses/activeReceiptRuleSet.js +8 -0
  337. package/ses/activeReceiptRuleSet.js.map +1 -1
  338. package/sesv2/emailIdentity.d.ts +15 -3
  339. package/sesv2/emailIdentity.js.map +1 -1
  340. package/sesv2/getEmailIdentity.d.ts +97 -0
  341. package/sesv2/getEmailIdentity.js +50 -0
  342. package/sesv2/getEmailIdentity.js.map +1 -0
  343. package/sesv2/getEmailIdentityMailFromAttributes.d.ts +75 -0
  344. package/sesv2/getEmailIdentityMailFromAttributes.js +55 -0
  345. package/sesv2/getEmailIdentityMailFromAttributes.js.map +1 -0
  346. package/sesv2/index.d.ts +6 -0
  347. package/sesv2/index.js +7 -1
  348. package/sesv2/index.js.map +1 -1
  349. package/sfn/alias.d.ts +136 -0
  350. package/sfn/alias.js +103 -0
  351. package/sfn/alias.js.map +1 -0
  352. package/sfn/getAlias.d.ts +97 -0
  353. package/sfn/getAlias.js +53 -0
  354. package/sfn/getAlias.js.map +1 -0
  355. package/sfn/getStateMachine.d.ts +5 -0
  356. package/sfn/getStateMachine.js.map +1 -1
  357. package/sfn/getStateMachineVersions.d.ts +65 -0
  358. package/sfn/getStateMachineVersions.js +49 -0
  359. package/sfn/getStateMachineVersions.js.map +1 -0
  360. package/sfn/index.d.ts +9 -0
  361. package/sfn/index.js +12 -1
  362. package/sfn/index.js.map +1 -1
  363. package/sfn/stateMachine.d.ts +45 -0
  364. package/sfn/stateMachine.js +35 -0
  365. package/sfn/stateMachine.js.map +1 -1
  366. package/ssm/patchBaseline.d.ts +6 -0
  367. package/ssm/patchBaseline.js.map +1 -1
  368. package/timestreamwrite/table.d.ts +30 -0
  369. package/timestreamwrite/table.js +20 -0
  370. package/timestreamwrite/table.js.map +1 -1
  371. package/transfer/agreement.d.ts +170 -0
  372. package/transfer/agreement.js +110 -0
  373. package/transfer/agreement.js.map +1 -0
  374. package/transfer/certificate.d.ts +172 -0
  375. package/transfer/certificate.js +103 -0
  376. package/transfer/certificate.js.map +1 -0
  377. package/transfer/connector.d.ts +152 -0
  378. package/transfer/connector.js +104 -0
  379. package/transfer/connector.js.map +1 -0
  380. package/transfer/index.d.ts +12 -0
  381. package/transfer/index.js +21 -1
  382. package/transfer/index.js.map +1 -1
  383. package/transfer/profile.d.ts +117 -0
  384. package/transfer/profile.js +78 -0
  385. package/transfer/profile.js.map +1 -0
  386. package/types/input.d.ts +9207 -97395
  387. package/types/output.d.ts +9845 -97697
  388. package/vpc/securityGroupEgressRule.d.ts +3 -3
  389. package/vpc/securityGroupEgressRule.js +4 -1
  390. package/vpc/securityGroupEgressRule.js.map +1 -1
  391. package/vpc/securityGroupIngressRule.d.ts +3 -3
  392. package/vpc/securityGroupIngressRule.js +4 -1
  393. package/vpc/securityGroupIngressRule.js.map +1 -1
  394. package/wafv2/ruleGroup.d.ts +0 -49
  395. package/wafv2/ruleGroup.js +0 -49
  396. package/wafv2/ruleGroup.js.map +1 -1
  397. package/wafv2/webAcl.d.ts +6 -246
  398. package/wafv2/webAcl.js +0 -240
  399. package/wafv2/webAcl.js.map +1 -1
  400. package/wafv2/webAclLoggingConfiguration.d.ts +17 -17
  401. package/wafv2/webAclLoggingConfiguration.js +5 -5
package/wafv2/webAcl.js CHANGED
@@ -5,246 +5,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
5
5
  exports.WebAcl = void 0;
6
6
  const pulumi = require("@pulumi/pulumi");
7
7
  const utilities = require("../utilities");
8
- /**
9
- * Creates a WAFv2 Web ACL resource.
10
- *
11
- * > **Note:** In `fieldToMatch` blocks, _e.g._, in `byteMatchStatement`, the `body` block includes an optional argument `oversizeHandling`. AWS indicates this argument will be required starting February 2023. To avoid configurations breaking when that change happens, treat the `oversizeHandling` argument as **required** as soon as possible.
12
- *
13
- * ## Example Usage
14
- *
15
- * This resource is based on `aws.wafv2.RuleGroup`, check the documentation of the `aws.wafv2.RuleGroup` resource to see examples of the various available statements.
16
- * ### Account Takeover Protection
17
- *
18
- * ```typescript
19
- * import * as pulumi from "@pulumi/pulumi";
20
- * import * as aws from "@pulumi/aws";
21
- *
22
- * const atp_example = new aws.wafv2.WebAcl("atp-example", {
23
- * defaultAction: {
24
- * allow: {},
25
- * },
26
- * description: "Example of a managed ATP rule.",
27
- * rules: [{
28
- * name: "atp-rule-1",
29
- * overrideAction: {
30
- * count: {},
31
- * },
32
- * priority: 1,
33
- * statement: {
34
- * managedRuleGroupStatement: {
35
- * managedRuleGroupConfigs: [{
36
- * awsManagedRulesAtpRuleSet: {
37
- * loginPath: "/api/1/signin",
38
- * requestInspection: {
39
- * passwordField: {
40
- * identifier: "/password",
41
- * },
42
- * payloadType: "JSON",
43
- * usernameField: {
44
- * identifier: "/email",
45
- * },
46
- * },
47
- * responseInspection: {
48
- * statusCode: {
49
- * failureCodes: [403],
50
- * successCodes: [200],
51
- * },
52
- * },
53
- * },
54
- * }],
55
- * name: "AWSManagedRulesATPRuleSet",
56
- * vendorName: "AWS",
57
- * },
58
- * },
59
- * visibilityConfig: {
60
- * cloudwatchMetricsEnabled: false,
61
- * metricName: "friendly-rule-metric-name",
62
- * sampledRequestsEnabled: false,
63
- * },
64
- * }],
65
- * scope: "CLOUDFRONT",
66
- * visibilityConfig: {
67
- * cloudwatchMetricsEnabled: false,
68
- * metricName: "friendly-metric-name",
69
- * sampledRequestsEnabled: false,
70
- * },
71
- * });
72
- * ```
73
- * ### Rate Based
74
- *
75
- * Rate-limit US and NL-based clients to 10,000 requests for every 5 minutes.
76
- *
77
- * ```typescript
78
- * import * as pulumi from "@pulumi/pulumi";
79
- * import * as aws from "@pulumi/aws";
80
- *
81
- * const example = new aws.wafv2.WebAcl("example", {
82
- * defaultAction: {
83
- * allow: {},
84
- * },
85
- * description: "Example of a Cloudfront rate based statement.",
86
- * rules: [{
87
- * action: {
88
- * block: {},
89
- * },
90
- * name: "rule-1",
91
- * priority: 1,
92
- * statement: {
93
- * rateBasedStatement: {
94
- * aggregateKeyType: "IP",
95
- * limit: 10000,
96
- * scopeDownStatement: {
97
- * geoMatchStatement: {
98
- * countryCodes: [
99
- * "US",
100
- * "NL",
101
- * ],
102
- * },
103
- * },
104
- * },
105
- * },
106
- * visibilityConfig: {
107
- * cloudwatchMetricsEnabled: false,
108
- * metricName: "friendly-rule-metric-name",
109
- * sampledRequestsEnabled: false,
110
- * },
111
- * }],
112
- * scope: "CLOUDFRONT",
113
- * tags: {
114
- * Tag1: "Value1",
115
- * Tag2: "Value2",
116
- * },
117
- * visibilityConfig: {
118
- * cloudwatchMetricsEnabled: false,
119
- * metricName: "friendly-metric-name",
120
- * sampledRequestsEnabled: false,
121
- * },
122
- * });
123
- * ```
124
- * ### Rule Group Reference
125
- *
126
- * ```typescript
127
- * import * as pulumi from "@pulumi/pulumi";
128
- * import * as aws from "@pulumi/aws";
129
- *
130
- * const example = new aws.wafv2.RuleGroup("example", {
131
- * capacity: 10,
132
- * scope: "REGIONAL",
133
- * rules: [
134
- * {
135
- * name: "rule-1",
136
- * priority: 1,
137
- * action: {
138
- * count: {},
139
- * },
140
- * statement: {
141
- * geoMatchStatement: {
142
- * countryCodes: ["NL"],
143
- * },
144
- * },
145
- * visibilityConfig: {
146
- * cloudwatchMetricsEnabled: false,
147
- * metricName: "friendly-rule-metric-name",
148
- * sampledRequestsEnabled: false,
149
- * },
150
- * },
151
- * {
152
- * name: "rule-to-exclude-a",
153
- * priority: 10,
154
- * action: {
155
- * allow: {},
156
- * },
157
- * statement: {
158
- * geoMatchStatement: {
159
- * countryCodes: ["US"],
160
- * },
161
- * },
162
- * visibilityConfig: {
163
- * cloudwatchMetricsEnabled: false,
164
- * metricName: "friendly-rule-metric-name",
165
- * sampledRequestsEnabled: false,
166
- * },
167
- * },
168
- * {
169
- * name: "rule-to-exclude-b",
170
- * priority: 15,
171
- * action: {
172
- * allow: {},
173
- * },
174
- * statement: {
175
- * geoMatchStatement: {
176
- * countryCodes: ["GB"],
177
- * },
178
- * },
179
- * visibilityConfig: {
180
- * cloudwatchMetricsEnabled: false,
181
- * metricName: "friendly-rule-metric-name",
182
- * sampledRequestsEnabled: false,
183
- * },
184
- * },
185
- * ],
186
- * visibilityConfig: {
187
- * cloudwatchMetricsEnabled: false,
188
- * metricName: "friendly-metric-name",
189
- * sampledRequestsEnabled: false,
190
- * },
191
- * });
192
- * const test = new aws.wafv2.WebAcl("test", {
193
- * scope: "REGIONAL",
194
- * defaultAction: {
195
- * block: {},
196
- * },
197
- * rules: [{
198
- * name: "rule-1",
199
- * priority: 1,
200
- * overrideAction: {
201
- * count: {},
202
- * },
203
- * statement: {
204
- * ruleGroupReferenceStatement: {
205
- * arn: example.arn,
206
- * ruleActionOverrides: [
207
- * {
208
- * actionToUse: {
209
- * count: {},
210
- * },
211
- * name: "rule-to-exclude-b",
212
- * },
213
- * {
214
- * actionToUse: {
215
- * count: {},
216
- * },
217
- * name: "rule-to-exclude-a",
218
- * },
219
- * ],
220
- * },
221
- * },
222
- * visibilityConfig: {
223
- * cloudwatchMetricsEnabled: false,
224
- * metricName: "friendly-rule-metric-name",
225
- * sampledRequestsEnabled: false,
226
- * },
227
- * }],
228
- * tags: {
229
- * Tag1: "Value1",
230
- * Tag2: "Value2",
231
- * },
232
- * visibilityConfig: {
233
- * cloudwatchMetricsEnabled: false,
234
- * metricName: "friendly-metric-name",
235
- * sampledRequestsEnabled: false,
236
- * },
237
- * });
238
- * ```
239
- *
240
- * ## Import
241
- *
242
- * WAFv2 Web ACLs can be imported using `ID/Name/Scope` e.g.,
243
- *
244
- * ```sh
245
- * $ pulumi import aws:wafv2/webAcl:WebAcl example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc/example/REGIONAL
246
- * ```
247
- */
248
8
  class WebAcl extends pulumi.CustomResource {
249
9
  /**
250
10
  * Get an existing WebAcl resource's state with the given name, ID, and optional extra
@@ -1 +1 @@
1
- {"version":3,"file":"webAcl.js","sourceRoot":"","sources":["../../wafv2/webAcl.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAIzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+OG;AACH,MAAa,MAAO,SAAQ,MAAM,CAAC,cAAc;IAC7C;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAmB,EAAE,IAAmC;QACjH,OAAO,IAAI,MAAM,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAC7D,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,MAAM,CAAC,YAAY,CAAC;IACvD,CAAC;IAgED,YAAY,IAAY,EAAE,WAAsC,EAAE,IAAmC;QACjG,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAsC,CAAC;YACrD,cAAc,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,sBAAsB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,CAAC,SAAS,CAAC;YACxF,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;SACnF;aAAM;YACH,MAAM,IAAI,GAAG,WAAqC,CAAC;YACnD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC1D,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;aAChE;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAClD,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;aACxD;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,gBAAgB,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC7D,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;aACnE;YACD,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,sBAAsB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,CAAC,SAAS,CAAC;YACtF,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,KAAK,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC1C,cAAc,CAAC,UAAU,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC/C,cAAc,CAAC,WAAW,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAChD,cAAc,CAAC,SAAS,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SACjD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,MAAM,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC3D,CAAC;;AAzIL,wBA0IC;AA5HG,gBAAgB;AACO,mBAAY,GAAG,yBAAyB,CAAC"}
1
+ {"version":3,"file":"webAcl.js","sourceRoot":"","sources":["../../wafv2/webAcl.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAIzC,0CAA0C;AAE1C,MAAa,MAAO,SAAQ,MAAM,CAAC,cAAc;IAC7C;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAmB,EAAE,IAAmC;QACjH,OAAO,IAAI,MAAM,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAC7D,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,MAAM,CAAC,YAAY,CAAC;IACvD,CAAC;IAgED,YAAY,IAAY,EAAE,WAAsC,EAAE,IAAmC;QACjG,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAsC,CAAC;YACrD,cAAc,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,sBAAsB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,CAAC,SAAS,CAAC;YACxF,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;SACnF;aAAM;YACH,MAAM,IAAI,GAAG,WAAqC,CAAC;YACnD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC1D,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;aAChE;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAClD,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;aACxD;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,gBAAgB,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC7D,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;aACnE;YACD,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,sBAAsB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,CAAC,SAAS,CAAC;YACtF,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,KAAK,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC1C,cAAc,CAAC,UAAU,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC/C,cAAc,CAAC,WAAW,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAChD,cAAc,CAAC,SAAS,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SACjD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,MAAM,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC3D,CAAC;;AAzIL,wBA0IC;AA5HG,gBAAgB;AACO,mBAAY,GAAG,yBAAyB,CAAC"}
@@ -2,11 +2,11 @@ import * as pulumi from "@pulumi/pulumi";
2
2
  import * as inputs from "../types/input";
3
3
  import * as outputs from "../types/output";
4
4
  /**
5
- * Creates a WAFv2 Web ACL Logging Configuration resource.
5
+ * This resource creates a WAFv2 Web ACL Logging Configuration.
6
6
  *
7
- * > **Note:** To start logging from a WAFv2 Web ACL, an Amazon Kinesis Data Firehose (e.g., `aws.kinesis.FirehoseDeliveryStream` resource must also be created with a PUT source (not a stream) and in the region that you are operating.
8
- * If you are capturing logs for Amazon CloudFront, always create the firehose in US East (N. Virginia).
9
- * Be sure to give the data firehose, cloudwatch log group, and/or s3 bucket a name that starts with the prefix `aws-waf-logs-`.
7
+ * > **NOTE:** To start logging from a WAFv2 Web ACL, you need to create an Amazon Kinesis Data Firehose resource, such as the `aws.kinesis.FirehoseDeliveryStream` resource. Make sure to create the firehose with a PUT source (not a stream) in the region where you are operating. If you are capturing logs for Amazon CloudFront, create the firehose in the US East (N. Virginia) region. It is important to name the data firehose, CloudWatch log group, and/or S3 bucket with a prefix of `aws-waf-logs-`.
8
+ *
9
+ * !> **WARNING:** When logging from a WAFv2 Web ACL to a CloudWatch Log Group, the WAFv2 service tries to create or update a generic Log Resource Policy named `AWSWAF-LOGS`. However, if there are a large number of Web ACLs or if the account frequently creates and deletes Web ACLs, this policy may exceed the maximum policy size. As a result, this resource type will fail to be created. More details about this issue can be found in this issue. To prevent this issue, you can manage a specific resource policy. Please refer to the example below for managing a CloudWatch Log Group with a managed CloudWatch Log Resource Policy.
10
10
  *
11
11
  * ## Example Usage
12
12
  * ### With Redacted Fields
@@ -69,7 +69,7 @@ import * as outputs from "../types/output";
69
69
  *
70
70
  * ## Import
71
71
  *
72
- * WAFv2 Web ACL Logging Configurations can be imported using the WAFv2 Web ACL ARN e.g.,
72
+ * To import WAFv2 Web ACL Logging Configurations, use the ARN of the WAFv2 Web ACL. For example
73
73
  *
74
74
  * ```sh
75
75
  * $ pulumi import aws:wafv2/webAclLoggingConfiguration:WebAclLoggingConfiguration example arn:aws:wafv2:us-west-2:123456789012:regional/webacl/test-logs/a1b2c3d4-5678-90ab-cdef
@@ -92,19 +92,19 @@ export declare class WebAclLoggingConfiguration extends pulumi.CustomResource {
92
92
  */
93
93
  static isInstance(obj: any): obj is WebAclLoggingConfiguration;
94
94
  /**
95
- * The Amazon Kinesis Data Firehose, Cloudwatch Log log group, or S3 bucket Amazon Resource Names (ARNs) that you want to associate with the web ACL.
95
+ * Configuration block that allows you to associate Amazon Kinesis Data Firehose, Cloudwatch Log log group, or S3 bucket Amazon Resource Names (ARNs) with the web ACL.
96
96
  */
97
97
  readonly logDestinationConfigs: pulumi.Output<string[]>;
98
98
  /**
99
- * A configuration block that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation. See Logging Filter below for more details.
99
+ * Configuration block that specifies which web requests are kept in the logs and which are dropped. It allows filtering based on the rule action and the web request labels applied by matching rules during web ACL evaluation. For more details, refer to the Logging Filter section below.
100
100
  */
101
101
  readonly loggingFilter: pulumi.Output<outputs.wafv2.WebAclLoggingConfigurationLoggingFilter | undefined>;
102
102
  /**
103
- * The parts of the request that you want to keep out of the logs. Up to 100 `redactedFields` blocks are supported. See Redacted Fields below for more details.
103
+ * Configuration for parts of the request that you want to keep out of the logs. Up to 100 `redactedFields` blocks are supported. See Redacted Fields below for more details.
104
104
  */
105
105
  readonly redactedFields: pulumi.Output<outputs.wafv2.WebAclLoggingConfigurationRedactedField[] | undefined>;
106
106
  /**
107
- * The Amazon Resource Name (ARN) of the web ACL that you want to associate with `logDestinationConfigs`.
107
+ * Amazon Resource Name (ARN) of the web ACL that you want to associate with `logDestinationConfigs`.
108
108
  */
109
109
  readonly resourceArn: pulumi.Output<string>;
110
110
  /**
@@ -121,19 +121,19 @@ export declare class WebAclLoggingConfiguration extends pulumi.CustomResource {
121
121
  */
122
122
  export interface WebAclLoggingConfigurationState {
123
123
  /**
124
- * The Amazon Kinesis Data Firehose, Cloudwatch Log log group, or S3 bucket Amazon Resource Names (ARNs) that you want to associate with the web ACL.
124
+ * Configuration block that allows you to associate Amazon Kinesis Data Firehose, Cloudwatch Log log group, or S3 bucket Amazon Resource Names (ARNs) with the web ACL.
125
125
  */
126
126
  logDestinationConfigs?: pulumi.Input<pulumi.Input<string>[]>;
127
127
  /**
128
- * A configuration block that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation. See Logging Filter below for more details.
128
+ * Configuration block that specifies which web requests are kept in the logs and which are dropped. It allows filtering based on the rule action and the web request labels applied by matching rules during web ACL evaluation. For more details, refer to the Logging Filter section below.
129
129
  */
130
130
  loggingFilter?: pulumi.Input<inputs.wafv2.WebAclLoggingConfigurationLoggingFilter>;
131
131
  /**
132
- * The parts of the request that you want to keep out of the logs. Up to 100 `redactedFields` blocks are supported. See Redacted Fields below for more details.
132
+ * Configuration for parts of the request that you want to keep out of the logs. Up to 100 `redactedFields` blocks are supported. See Redacted Fields below for more details.
133
133
  */
134
134
  redactedFields?: pulumi.Input<pulumi.Input<inputs.wafv2.WebAclLoggingConfigurationRedactedField>[]>;
135
135
  /**
136
- * The Amazon Resource Name (ARN) of the web ACL that you want to associate with `logDestinationConfigs`.
136
+ * Amazon Resource Name (ARN) of the web ACL that you want to associate with `logDestinationConfigs`.
137
137
  */
138
138
  resourceArn?: pulumi.Input<string>;
139
139
  }
@@ -142,19 +142,19 @@ export interface WebAclLoggingConfigurationState {
142
142
  */
143
143
  export interface WebAclLoggingConfigurationArgs {
144
144
  /**
145
- * The Amazon Kinesis Data Firehose, Cloudwatch Log log group, or S3 bucket Amazon Resource Names (ARNs) that you want to associate with the web ACL.
145
+ * Configuration block that allows you to associate Amazon Kinesis Data Firehose, Cloudwatch Log log group, or S3 bucket Amazon Resource Names (ARNs) with the web ACL.
146
146
  */
147
147
  logDestinationConfigs: pulumi.Input<pulumi.Input<string>[]>;
148
148
  /**
149
- * A configuration block that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation. See Logging Filter below for more details.
149
+ * Configuration block that specifies which web requests are kept in the logs and which are dropped. It allows filtering based on the rule action and the web request labels applied by matching rules during web ACL evaluation. For more details, refer to the Logging Filter section below.
150
150
  */
151
151
  loggingFilter?: pulumi.Input<inputs.wafv2.WebAclLoggingConfigurationLoggingFilter>;
152
152
  /**
153
- * The parts of the request that you want to keep out of the logs. Up to 100 `redactedFields` blocks are supported. See Redacted Fields below for more details.
153
+ * Configuration for parts of the request that you want to keep out of the logs. Up to 100 `redactedFields` blocks are supported. See Redacted Fields below for more details.
154
154
  */
155
155
  redactedFields?: pulumi.Input<pulumi.Input<inputs.wafv2.WebAclLoggingConfigurationRedactedField>[]>;
156
156
  /**
157
- * The Amazon Resource Name (ARN) of the web ACL that you want to associate with `logDestinationConfigs`.
157
+ * Amazon Resource Name (ARN) of the web ACL that you want to associate with `logDestinationConfigs`.
158
158
  */
159
159
  resourceArn: pulumi.Input<string>;
160
160
  }
@@ -6,11 +6,11 @@ exports.WebAclLoggingConfiguration = void 0;
6
6
  const pulumi = require("@pulumi/pulumi");
7
7
  const utilities = require("../utilities");
8
8
  /**
9
- * Creates a WAFv2 Web ACL Logging Configuration resource.
9
+ * This resource creates a WAFv2 Web ACL Logging Configuration.
10
10
  *
11
- * > **Note:** To start logging from a WAFv2 Web ACL, an Amazon Kinesis Data Firehose (e.g., `aws.kinesis.FirehoseDeliveryStream` resource must also be created with a PUT source (not a stream) and in the region that you are operating.
12
- * If you are capturing logs for Amazon CloudFront, always create the firehose in US East (N. Virginia).
13
- * Be sure to give the data firehose, cloudwatch log group, and/or s3 bucket a name that starts with the prefix `aws-waf-logs-`.
11
+ * > **NOTE:** To start logging from a WAFv2 Web ACL, you need to create an Amazon Kinesis Data Firehose resource, such as the `aws.kinesis.FirehoseDeliveryStream` resource. Make sure to create the firehose with a PUT source (not a stream) in the region where you are operating. If you are capturing logs for Amazon CloudFront, create the firehose in the US East (N. Virginia) region. It is important to name the data firehose, CloudWatch log group, and/or S3 bucket with a prefix of `aws-waf-logs-`.
12
+ *
13
+ * !> **WARNING:** When logging from a WAFv2 Web ACL to a CloudWatch Log Group, the WAFv2 service tries to create or update a generic Log Resource Policy named `AWSWAF-LOGS`. However, if there are a large number of Web ACLs or if the account frequently creates and deletes Web ACLs, this policy may exceed the maximum policy size. As a result, this resource type will fail to be created. More details about this issue can be found in this issue. To prevent this issue, you can manage a specific resource policy. Please refer to the example below for managing a CloudWatch Log Group with a managed CloudWatch Log Resource Policy.
14
14
  *
15
15
  * ## Example Usage
16
16
  * ### With Redacted Fields
@@ -73,7 +73,7 @@ const utilities = require("../utilities");
73
73
  *
74
74
  * ## Import
75
75
  *
76
- * WAFv2 Web ACL Logging Configurations can be imported using the WAFv2 Web ACL ARN e.g.,
76
+ * To import WAFv2 Web ACL Logging Configurations, use the ARN of the WAFv2 Web ACL. For example
77
77
  *
78
78
  * ```sh
79
79
  * $ pulumi import aws:wafv2/webAclLoggingConfiguration:WebAclLoggingConfiguration example arn:aws:wafv2:us-west-2:123456789012:regional/webacl/test-logs/a1b2c3d4-5678-90ab-cdef