@pulumi/aws 6.4.0-alpha.1696270400 → 6.4.0

package/types/output.d.ts

@@ -10162,6 +10162,10 @@ export declare namespace cleanrooms {
         memberAbilities: string[];
         status: string;
     }
+    interface ConfiguredTableTableReference {
+        databaseName: string;
+        tableName: string;
+    }
 }
 export declare namespace cloudformation {
     interface CloudFormationTypeLoggingConfig {
@@ -10719,11 +10723,11 @@ export declare namespace cloudfront {
          */
         originPath?: string;
         /**
-         * The CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see [Using Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html) in the Amazon CloudFront Developer Guide.
+         * CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see [Using Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html) in the Amazon CloudFront Developer Guide.
          */
         originShield?: outputs.cloudfront.DistributionOriginOriginShield;
         /**
-         * The CloudFront S3 origin configuration information. If a custom origin is required, use `customOriginConfig` instead.
+         * CloudFront S3 origin configuration information. If a custom origin is required, use `customOriginConfig` instead.
          */
         s3OriginConfig?: outputs.cloudfront.DistributionOriginS3OriginConfig;
     }
@@ -10789,9 +10793,9 @@ export declare namespace cloudfront {
          */
         enabled: boolean;
         /**
-         * AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as us-east-2.
+         * AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as `us-east-2`.
          */
-        originShieldRegion: string;
+        originShieldRegion?: string;
     }
     interface DistributionOriginS3OriginConfig {
         /**
@@ -17771,6 +17775,49 @@ export declare namespace dms {
         useCsvNoSupValue: boolean;
         useTaskStartTimeForFullLoadTimestamp: boolean;
     }
+    interface ReplicationConfigComputeConfig {
+        /**
+         * The Availability Zone where the DMS Serverless replication using this configuration will run. The default value is a random.
+         */
+        availabilityZone: string;
+        /**
+         * A list of custom DNS name servers supported for the DMS Serverless replication to access your source or target database.
+         */
+        dnsNameServers?: string;
+        /**
+         * An Key Management Service (KMS) key Amazon Resource Name (ARN) that is used to encrypt the data during DMS Serverless replication. If you don't specify a value for the KmsKeyId parameter, DMS uses your default encryption key.
+         */
+        kmsKeyId: string;
+        /**
+         * Specifies the maximum value of the DMS capacity units (DCUs) for which a given DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 2 DCUs as the minimum value allowed. The list of valid DCU values includes 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384.
+         */
+        maxCapacityUnits?: number;
+        /**
+         * Specifies the minimum value of the DMS capacity units (DCUs) for which a given DMS Serverless replication can be provisioned. The list of valid DCU values includes 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. If this value isn't set DMS scans the current activity of available source tables to identify an optimum setting for this parameter.
+         */
+        minCapacityUnits?: number;
+        /**
+         * Specifies if the replication instance is a multi-az deployment. You cannot set the `availabilityZone` parameter if the `multiAz` parameter is set to `true`.
+         */
+        multiAz: boolean;
+        /**
+         * The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).
+         *
+         * - Default: A 30-minute window selected at random from an 8-hour block of time per region, occurring on a random day of the week.
+         * - Format: `ddd:hh24:mi-ddd:hh24:mi`
+         * - Valid Days: `mon, tue, wed, thu, fri, sat, sun`
+         * - Constraints: Minimum 30-minute window.
+         */
+        preferredMaintenanceWindow: string;
+        /**
+         * Specifies a subnet group identifier to associate with the DMS Serverless replication.
+         */
+        replicationSubnetGroupId: string;
+        /**
+         * Specifies the virtual private cloud (VPC) security group to use with the DMS Serverless replication. The VPC security group must work with the VPC containing the replication.
+         */
+        vpcSecurityGroupIds: string[];
+    }
 }
 export declare namespace docdb {
     interface ClusterParameterGroupParameter {
@@ -28067,6 +28114,86 @@ export declare namespace fsx {
          */
         ipAddresses: string[];
     }
+    interface OntapVolumeSnaplockConfiguration {
+        /**
+         * Enables or disables the audit log volume for an FSx for ONTAP SnapLock volume. The default value is `false`.
+         */
+        auditLogVolume?: boolean;
+        /**
+         * The configuration object for setting the autocommit period of files in an FSx for ONTAP SnapLock volume. See Autocommit Period below.
+         */
+        autocommitPeriod: outputs.fsx.OntapVolumeSnaplockConfigurationAutocommitPeriod;
+        /**
+         * Enables, disables, or permanently disables privileged delete on an FSx for ONTAP SnapLock Enterprise volume. Valid values: `DISABLED`, `ENABLED`, `PERMANENTLY_DISABLED`. The default value is `DISABLED`.
+         */
+        privilegedDelete?: string;
+        /**
+         * The retention period of an FSx for ONTAP SnapLock volume. See SnapLock Retention Period below.
+         */
+        retentionPeriod: outputs.fsx.OntapVolumeSnaplockConfigurationRetentionPeriod;
+        /**
+         * Specifies the retention mode of an FSx for ONTAP SnapLock volume. After it is set, it can't be changed. Valid values: `COMPLIANCE`, `ENTERPRISE`.
+         */
+        snaplockType: string;
+        /**
+         * Enables or disables volume-append mode on an FSx for ONTAP SnapLock volume. The default value is `false`.
+         */
+        volumeAppendModeEnabled?: boolean;
+    }
+    interface OntapVolumeSnaplockConfigurationAutocommitPeriod {
+        /**
+         * The type of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. Setting this value to `NONE` disables autocommit. Valid values: `MINUTES`, `HOURS`, `DAYS`, `MONTHS`, `YEARS`, `NONE`.
+         */
+        type: string;
+        /**
+         * The amount of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume.
+         */
+        value?: number;
+    }
+    interface OntapVolumeSnaplockConfigurationRetentionPeriod {
+        /**
+         * The retention period assigned to a write once, read many (WORM) file by default if an explicit retention period is not set for an FSx for ONTAP SnapLock volume. The default retention period must be greater than or equal to the minimum retention period and less than or equal to the maximum retention period. See Retention Period below.
+         */
+        defaultRetention: outputs.fsx.OntapVolumeSnaplockConfigurationRetentionPeriodDefaultRetention;
+        /**
+         * The longest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume. See Retention Period below.
+         */
+        maximumRetention: outputs.fsx.OntapVolumeSnaplockConfigurationRetentionPeriodMaximumRetention;
+        /**
+         * The shortest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume. See Retention Period below.
+         */
+        minimumRetention: outputs.fsx.OntapVolumeSnaplockConfigurationRetentionPeriodMinimumRetention;
+    }
+    interface OntapVolumeSnaplockConfigurationRetentionPeriodDefaultRetention {
+        /**
+         * The type of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. Setting this value to `NONE` disables autocommit. Valid values: `MINUTES`, `HOURS`, `DAYS`, `MONTHS`, `YEARS`, `NONE`.
+         */
+        type: string;
+        /**
+         * The amount of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume.
+         */
+        value?: number;
+    }
+    interface OntapVolumeSnaplockConfigurationRetentionPeriodMaximumRetention {
+        /**
+         * The type of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. Setting this value to `NONE` disables autocommit. Valid values: `MINUTES`, `HOURS`, `DAYS`, `MONTHS`, `YEARS`, `NONE`.
+         */
+        type: string;
+        /**
+         * The amount of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume.
+         */
+        value?: number;
+    }
+    interface OntapVolumeSnaplockConfigurationRetentionPeriodMinimumRetention {
+        /**
+         * The type of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. Setting this value to `NONE` disables autocommit. Valid values: `MINUTES`, `HOURS`, `DAYS`, `MONTHS`, `YEARS`, `NONE`.
+         */
+        type: string;
+        /**
+         * The amount of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume.
+         */
+        value?: number;
+    }
     interface OntapVolumeTieringPolicy {
         /**
          * Specifies the number of days that user data in a volume must remain inactive before it is considered "cold" and moved to the capacity pool. Used with `AUTO` and `SNAPSHOT_ONLY` tiering policies only. Valid values are whole numbers between 2 and 183. Default values are 31 days for `AUTO` and 2 days for `SNAPSHOT_ONLY`.
@@ -37009,6 +37136,39 @@ export declare namespace lex {
          */
         value: string;
     }
+    interface V2modelsBotDataPrivacy {
+        /**
+         * (Required) -  For each Amazon Lex bot created with the Amazon Lex Model Building Service, you must specify whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to the Children's Online Privacy Protection Act (COPPA) by specifying true or false in the childDirected field.
+         */
+        childDirected: boolean;
+    }
+    interface V2modelsBotMember {
+        /**
+         * (Required) - Alias ID of a bot that is a member of this network of bots.
+         */
+        aliasId: string;
+        /**
+         * (Required) - Alias name of a bot that is a member of this network of bots.
+         */
+        aliasName: string;
+        /**
+         * (Required) - Unique ID of a bot that is a member of this network of bots.
+         */
+        id: string;
+        /**
+         * Name of the bot. The bot name must be unique in the account that creates the bot. Type String. Length Constraints: Minimum length of 1. Maximum length of 100.
+         */
+        name: string;
+        /**
+         * (Required) - Version of a bot that is a member of this network of bots.
+         */
+        version: string;
+    }
+    interface V2modelsBotTimeouts {
+        create?: string;
+        delete?: string;
+        update?: string;
+    }
 }
 export declare namespace licensemanager {
     interface GetLicenseGrantsFilter {
@@ -42840,6 +43000,22 @@ export declare namespace opensearch {
          */
         userAttribute: string;
     }
+    interface OutboundConnectionConnectionProperties {
+        /**
+         * Configuration block for cross cluster search.
+         */
+        crossClusterSearch?: outputs.opensearch.OutboundConnectionConnectionPropertiesCrossClusterSearch;
+        /**
+         * The endpoint of the remote domain, is only set when `connectionMode` is `VPC_ENDPOINT` and `acceptConnection` is `TRUE`.
+         */
+        endpoint: string;
+    }
+    interface OutboundConnectionConnectionPropertiesCrossClusterSearch {
+        /**
+         * Skips unavailable clusters and can only be used for cross-cluster searches. Accepted values are `ENABLED` or `DISABLED`.
+         */
+        skipUnavailable?: string;
+    }
     interface OutboundConnectionLocalDomainInfo {
         /**
          * The name of the local domain.
@@ -54461,13 +54637,11 @@ export declare namespace sesv2 {
 export declare namespace sfn {
     interface AliasRoutingConfiguration {
         /**
-         * A version of the state machine.
+         * The Amazon Resource Name (ARN) of the state machine version.
          */
         stateMachineVersionArn: string;
         /**
          * Percentage of traffic routed to the state machine version.
-         *
-         * The following arguments are optional:
          */
         weight: number;
     }
@@ -56329,7 +56503,7 @@ export declare namespace vpclattice {
          */
         id: string;
         /**
-         * The port on which the target is listening. For HTTP, the default is 80. For HTTPS, the default is 443.
+         * This port is used for routing traffic to the target, and defaults to the target group port. However, you can override the default and specify a custom port.
          */
         port: number;
     }
@@ -57535,9 +57709,13 @@ export declare namespace wafv2 {
     }
     interface RuleGroupRuleStatementRateBasedStatement {
         /**
-         * Setting that indicates how to aggregate the request counts. Valid values include: `CONSTANT`, `FORWARDED_IP` or `IP`. Default: `IP`.
+         * Setting that indicates how to aggregate the request counts. Valid values include: `CONSTANT`, `CUSTOM_KEYS`, `FORWARDED_IP` or `IP`. Default: `IP`.
          */
         aggregateKeyType?: string;
+        /**
+         * Aggregate the request counts using one or more web request components as the aggregate keys. See `customKey` below for details.
+         */
+        customKeys?: outputs.wafv2.RuleGroupRuleStatementRateBasedStatementCustomKey[];
         /**
          * The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. If `aggregateKeyType` is set to `FORWARDED_IP`, this block is required. See Forwarded IP Config below for details.
          */
@@ -57551,6 +57729,208 @@ export declare namespace wafv2 {
          */
         scopeDownStatement?: outputs.wafv2.RuleGroupRuleStatementRateBasedStatementScopeDownStatement;
     }
+    interface RuleGroupRuleStatementRateBasedStatementCustomKey {
+        /**
+         * (Optional) Use the value of a cookie in the request as an aggregate key. See RateLimit `cookie` below for details.
+         */
+        cookie?: outputs.wafv2.RuleGroupRuleStatementRateBasedStatementCustomKeyCookie;
+        /**
+         * (Optional) Use the first IP address in an HTTP header as an aggregate key. See `forwardedIp` below for details.
+         */
+        forwardedIp?: outputs.wafv2.RuleGroupRuleStatementRateBasedStatementCustomKeyForwardedIp;
+        /**
+         * (Optional) Use the value of a header in the request as an aggregate key. See RateLimit `header` below for details.
+         */
+        header?: outputs.wafv2.RuleGroupRuleStatementRateBasedStatementCustomKeyHeader;
+        /**
+         * (Optional) Use the request's HTTP method as an aggregate key. See RateLimit `httpMethod` below for details.
+         */
+        httpMethod?: outputs.wafv2.RuleGroupRuleStatementRateBasedStatementCustomKeyHttpMethod;
+        /**
+         * (Optional) Use the request's originating IP address as an aggregate key. See `RateLimit ip` below for details.
+         */
+        ip?: outputs.wafv2.RuleGroupRuleStatementRateBasedStatementCustomKeyIp;
+        /**
+         * (Optional) Use the specified label namespace as an aggregate key. See RateLimit `labelNamespace` below for details.
+         */
+        labelNamespace?: outputs.wafv2.RuleGroupRuleStatementRateBasedStatementCustomKeyLabelNamespace;
+        /**
+         * (Optional) Use the specified query argument as an aggregate key. See RateLimit `queryArgument` below for details.
+         */
+        queryArgument?: outputs.wafv2.RuleGroupRuleStatementRateBasedStatementCustomKeyQueryArgument;
+        /**
+         * Inspect the query string. This is the part of a URL that appears after a `?` character, if any.
+         */
+        queryString?: outputs.wafv2.RuleGroupRuleStatementRateBasedStatementCustomKeyQueryString;
+        /**
+         * Inspect the request URI path. This is the part of a web request that identifies a resource, for example, `/images/daily-ad.jpg`.
+         */
+        uriPath?: outputs.wafv2.RuleGroupRuleStatementRateBasedStatementCustomKeyUriPath;
+    }
+    interface RuleGroupRuleStatementRateBasedStatementCustomKeyCookie {
+        /**
+         * A friendly name of the rule group.
+         */
+        name: string;
+        /**
+         * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         */
+        textTransformations: outputs.wafv2.RuleGroupRuleStatementRateBasedStatementCustomKeyCookieTextTransformation[];
+    }
+    interface RuleGroupRuleStatementRateBasedStatementCustomKeyCookieTextTransformation {
+        /**
+         * The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.
+         */
+        priority: number;
+        /**
+         * The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.
+         */
+        type: string;
+    }
+    interface RuleGroupRuleStatementRateBasedStatementCustomKeyForwardedIp {
+    }
+    interface RuleGroupRuleStatementRateBasedStatementCustomKeyHeader {
+        /**
+         * A friendly name of the rule group.
+         */
+        name: string;
+        /**
+         * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         */
+        textTransformations: outputs.wafv2.RuleGroupRuleStatementRateBasedStatementCustomKeyHeaderTextTransformation[];
+    }
+    interface RuleGroupRuleStatementRateBasedStatementCustomKeyHeaderTextTransformation {
+        /**
+         * The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.
+         */
+        priority: number;
+        /**
+         * The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.
+         */
+        type: string;
+    }
+    interface RuleGroupRuleStatementRateBasedStatementCustomKeyHttpMethod {
+    }
+    interface RuleGroupRuleStatementRateBasedStatementCustomKeyIp {
+    }
+    interface RuleGroupRuleStatementRateBasedStatementCustomKeyLabelNamespace {
+        /**
+         * The namespace to use for aggregation
+         */
+        namespace: string;
+    }
+    interface RuleGroupRuleStatementRateBasedStatementCustomKeyQueryArgument {
+        /**
+         * A friendly name of the rule group.
+         */
+        name: string;
+        /**
+         * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         */
+        textTransformations: outputs.wafv2.RuleGroupRuleStatementRateBasedStatementCustomKeyQueryArgumentTextTransformation[];
+    }
+    interface RuleGroupRuleStatementRateBasedStatementCustomKeyQueryArgumentTextTransformation {
+        /**
+         * The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.
+         */
+        priority: number;
+        /**
+         * The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.
+         */
+        type: string;
+    }
+    interface RuleGroupRuleStatementRateBasedStatementCustomKeyQueryString {
+        /**
+         * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         */
+        textTransformations: outputs.wafv2.RuleGroupRuleStatementRateBasedStatementCustomKeyQueryStringTextTransformation[];
+    }
+    interface RuleGroupRuleStatementRateBasedStatementCustomKeyQueryStringTextTransformation {
+        /**
+         * The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.
+         */
+        priority: number;
+        /**
+         * The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.
+         */
+        type: string;
+    }
+    interface RuleGroupRuleStatementRateBasedStatementCustomKeyUriPath {
+        /**
+         * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         * At least one required.
+         * See Text Transformation below for details.
+         */
+        textTransformations: outputs.wafv2.RuleGroupRuleStatementRateBasedStatementCustomKeyUriPathTextTransformation[];
+    }
+    interface RuleGroupRuleStatementRateBasedStatementCustomKeyUriPathTextTransformation {
+        /**
+         * The relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.
+         */
+        priority: number;
+        /**
+         * The transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.
+         */
+        type: string;
+    }
     interface RuleGroupRuleStatementRateBasedStatementForwardedIpConfig {
         /**
          * The match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include: `MATCH` or `NO_MATCH`.
@@ -60449,7 +60829,7 @@ export declare namespace wafv2 {
          */
         failureValues: string[];
         /**
-         * The name of the header to match against. The name must be an exact match, including case.
+         * The name of the header to use.
          */
         name: string;
         /**
@@ -61823,9 +62203,13 @@ export declare namespace wafv2 {
     }
     interface WebAclRuleStatementRateBasedStatement {
         /**
-         * Setting that indicates how to aggregate the request counts. Valid values include: `CONSTANT`, `FORWARDED_IP` or `IP`. Default: `IP`.
+         * Setting that indicates how to aggregate the request counts. Valid values include: `CONSTANT`, `CUSTOM_KEYS`, `FORWARDED_IP`, or `IP`. Default: `IP`.
          */
         aggregateKeyType?: string;
+        /**
+         * Aggregate the request counts using one or more web request components as the aggregate keys. See `customKey` below for details.
+         */
+        customKeys?: outputs.wafv2.WebAclRuleStatementRateBasedStatementCustomKey[];
         /**
          * Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. If `aggregateKeyType` is set to `FORWARDED_IP`, this block is required. See `forwardedIpConfig` below for details.
          */
@@ -61839,6 +62223,148 @@ export declare namespace wafv2 {
          */
         scopeDownStatement?: outputs.wafv2.WebAclRuleStatementRateBasedStatementScopeDownStatement;
     }
+    interface WebAclRuleStatementRateBasedStatementCustomKey {
+        /**
+         * Use the value of a cookie in the request as an aggregate key. See RateLimit `cookie` below for details.
+         */
+        cookie?: outputs.wafv2.WebAclRuleStatementRateBasedStatementCustomKeyCookie;
+        /**
+         * Use the first IP address in an HTTP header as an aggregate key. See `forwardedIp` below for details.
+         */
+        forwardedIp?: outputs.wafv2.WebAclRuleStatementRateBasedStatementCustomKeyForwardedIp;
+        /**
+         * Use the value of a header in the request as an aggregate key. See RateLimit `header` below for details.
+         */
+        header?: outputs.wafv2.WebAclRuleStatementRateBasedStatementCustomKeyHeader;
+        /**
+         * Use the request's HTTP method as an aggregate key. See RateLimit `httpMethod` below for details.
+         */
+        httpMethod?: outputs.wafv2.WebAclRuleStatementRateBasedStatementCustomKeyHttpMethod;
+        /**
+         * Use the request's originating IP address as an aggregate key. See `RateLimit ip` below for details.
+         */
+        ip?: outputs.wafv2.WebAclRuleStatementRateBasedStatementCustomKeyIp;
+        /**
+         * Use the specified label namespace as an aggregate key. See RateLimit `labelNamespace` below for details.
+         */
+        labelNamespace?: outputs.wafv2.WebAclRuleStatementRateBasedStatementCustomKeyLabelNamespace;
+        /**
+         * Use the specified query argument as an aggregate key. See RateLimit `queryArgument` below for details.
+         */
+        queryArgument?: outputs.wafv2.WebAclRuleStatementRateBasedStatementCustomKeyQueryArgument;
+        /**
+         * Use the request's query string as an aggregate key. See RateLimit `queryString` below for details.
+         */
+        queryString?: outputs.wafv2.WebAclRuleStatementRateBasedStatementCustomKeyQueryString;
+        /**
+         * Use the request's URI path as an aggregate key. See RateLimit `uriPath` below for details.
+         */
+        uriPath?: outputs.wafv2.WebAclRuleStatementRateBasedStatementCustomKeyUriPath;
+    }
+    interface WebAclRuleStatementRateBasedStatementCustomKeyCookie {
+        /**
+         * The name of the cookie to use.
+         */
+        name: string;
+        /**
+         * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. They are used in rate-based rule statements, to transform request components before using them as custom aggregation keys. Atleast one transformation is required. See `textTransformation` above for details.
+         */
+        textTransformations: outputs.wafv2.WebAclRuleStatementRateBasedStatementCustomKeyCookieTextTransformation[];
+    }
+    interface WebAclRuleStatementRateBasedStatementCustomKeyCookieTextTransformation {
+        /**
+         * Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.
+         */
+        priority: number;
+        /**
+         * Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.
+         */
+        type: string;
+    }
+    interface WebAclRuleStatementRateBasedStatementCustomKeyForwardedIp {
+    }
+    interface WebAclRuleStatementRateBasedStatementCustomKeyHeader {
+        /**
+         * The name of the header to use.
+         */
+        name: string;
+        /**
+         * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. They are used in rate-based rule statements, to transform request components before using them as custom aggregation keys. Atleast one transformation is required. See `textTransformation` above for details.
+         */
+        textTransformations: outputs.wafv2.WebAclRuleStatementRateBasedStatementCustomKeyHeaderTextTransformation[];
+    }
+    interface WebAclRuleStatementRateBasedStatementCustomKeyHeaderTextTransformation {
+        /**
+         * Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.
+         */
+        priority: number;
+        /**
+         * Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.
+         */
+        type: string;
+    }
+    interface WebAclRuleStatementRateBasedStatementCustomKeyHttpMethod {
+    }
+    interface WebAclRuleStatementRateBasedStatementCustomKeyIp {
+    }
+    interface WebAclRuleStatementRateBasedStatementCustomKeyLabelNamespace {
+        /**
+         * The namespace to use for aggregation
+         */
+        namespace: string;
+    }
+    interface WebAclRuleStatementRateBasedStatementCustomKeyQueryArgument {
+        /**
+         * The name of the query argument to use.
+         */
+        name: string;
+        /**
+         * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. They are used in rate-based rule statements, to transform request components before using them as custom aggregation keys. Atleast one transformation is required. See `textTransformation` above for details.
+         */
+        textTransformations: outputs.wafv2.WebAclRuleStatementRateBasedStatementCustomKeyQueryArgumentTextTransformation[];
+    }
+    interface WebAclRuleStatementRateBasedStatementCustomKeyQueryArgumentTextTransformation {
+        /**
+         * Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.
+         */
+        priority: number;
+        /**
+         * Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.
+         */
+        type: string;
+    }
+    interface WebAclRuleStatementRateBasedStatementCustomKeyQueryString {
+        /**
+         * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. They are used in rate-based rule statements, to transform request components before using them as custom aggregation keys. Atleast one transformation is required. See `textTransformation` above for details.
+         */
+        textTransformations: outputs.wafv2.WebAclRuleStatementRateBasedStatementCustomKeyQueryStringTextTransformation[];
+    }
+    interface WebAclRuleStatementRateBasedStatementCustomKeyQueryStringTextTransformation {
+        /**
+         * Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.
+         */
+        priority: number;
+        /**
+         * Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.
+         */
+        type: string;
+    }
+    interface WebAclRuleStatementRateBasedStatementCustomKeyUriPath {
+        /**
+         * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. They are used in rate-based rule statements, to transform request components before using them as custom aggregation keys. Atleast one transformation is required. See `textTransformation` above for details.
+         */
+        textTransformations: outputs.wafv2.WebAclRuleStatementRateBasedStatementCustomKeyUriPathTextTransformation[];
+    }
+    interface WebAclRuleStatementRateBasedStatementCustomKeyUriPathTextTransformation {
+        /**
+         * Relative processing order for multiple transformations that are defined for a rule statement. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content.
+         */
+        priority: number;
+        /**
+         * Transformation to apply, please refer to the Text Transformation [documentation](https://docs.aws.amazon.com/waf/latest/APIReference/API_TextTransformation.html) for more details.
+         */
+        type: string;
+    }
     interface WebAclRuleStatementRateBasedStatementForwardedIpConfig {
         /**
          * Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include: `MATCH` or `NO_MATCH`.

package/vpclattice/getService.d.ts

@@ -25,7 +25,7 @@ export interface GetServiceArgs {
      */
     name?: string;
     /**
-     * ID or Amazon Resource Name (ARN) of the service network.
+     * ID or Amazon Resource Name (ARN) of the service.
      */
     serviceIdentifier?: string;
     /**
@@ -101,7 +101,7 @@ export interface GetServiceOutputArgs {
      */
     name?: pulumi.Input<string>;
     /**
-     * ID or Amazon Resource Name (ARN) of the service network.
+     * ID or Amazon Resource Name (ARN) of the service.
      */
     serviceIdentifier?: pulumi.Input<string>;
     /**