@pulumi/aws 6.83.0-alpha.1749735083 → 6.83.0

package/types/output.d.ts

@@ -1120,6 +1120,34 @@ export declare namespace amp {
          */
         update?: string;
     }
+    interface WorkspaceConfigurationLimitsPerLabelSet {
+        /**
+         * Map of label key-value pairs that identify the metrics to which the limits apply. An empty map represents the default bucket for metrics that don't match any other label set.
+         */
+        labelSet: {
+            [key: string]: string;
+        };
+        /**
+         * Configuration block for the limits to apply to the specified label set. Detailed below.
+         */
+        limits?: outputs.amp.WorkspaceConfigurationLimitsPerLabelSetLimits;
+    }
+    interface WorkspaceConfigurationLimitsPerLabelSetLimits {
+        /**
+         * Maximum number of active time series that can be ingested for metrics matching the label set.
+         */
+        maxSeries: number;
+    }
+    interface WorkspaceConfigurationTimeouts {
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+         */
+        create?: string;
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+         */
+        update?: string;
+    }
     interface WorkspaceLoggingConfiguration {
         /**
          * The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist.
@@ -19513,6 +19541,10 @@ export declare namespace config {
          * Use this to override the default service endpoint URL
          */
         evidently?: string;
+        /**
+         * Use this to override the default service endpoint URL
+         */
+        evs?: string;
         /**
          * Use this to override the default service endpoint URL
          */
@@ -25503,6 +25535,48 @@ export declare namespace drs {
         update?: string;
     }
 }
+export declare namespace dsql {
+    interface ClusterEncryptionDetail {
+        /**
+         * The status of encryption for the DSQL Cluster.
+         */
+        encryptionStatus: string;
+        /**
+         * The type of encryption that protects the data on the DSQL Cluster.
+         */
+        encryptionType: string;
+    }
+    interface ClusterMultiRegionProperties {
+        /**
+         * List of DSQL Cluster ARNs peered to this cluster.
+         */
+        clusters: string[];
+        /**
+         * Witness region for the multi-region clusters. Setting this makes this cluster a multi-region cluster. Changing it recreates the resource.
+         */
+        witnessRegion?: string;
+    }
+    interface ClusterPeeringTimeouts {
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+         */
+        create?: string;
+    }
+    interface ClusterTimeouts {
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+         */
+        create?: string;
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
+         */
+        delete?: string;
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+         */
+        update?: string;
+    }
+}
 export declare namespace dynamodb {
     interface GetTableAttribute {
         /**
@@ -37389,6 +37463,16 @@ export declare namespace fsx {
         iops: number;
         mode: string;
     }
+    interface LustreFileSystemDataReadCacheConfiguration {
+        /**
+         * Size of the file system's SSD read cache, in gibibytes (GiB). Required when the `sizingMode` is `USER_PROVISIONED`.
+         */
+        size?: number;
+        /**
+         * Sizing mode for the cache. Valud values are `NO_CACHE`, `USER_PROVISIONED`, and `PROPORTIONAL_TO_THROUGHPUT_CAPACITY`.
+         */
+        sizingMode: string;
+    }
     interface LustreFileSystemLogConfiguration {
         /**
          * The Amazon Resource Name (ARN) that specifies the destination of the logs. The name of the Amazon CloudWatch Logs log group must begin with the `/aws/fsx` prefix. If you do not provide a destination, Amazon FSx will create and use a log stream in the CloudWatch Logs `/aws/fsx/lustre` log group.
@@ -37401,11 +37485,11 @@ export declare namespace fsx {
     }
     interface LustreFileSystemMetadataConfiguration {
         /**
-         * Amount of IOPS provisioned for metadata. This parameter should only be used when the mode is set to `USER_PROVISIONED`. Valid Values are `1500`,`3000`,`6000` and `12000` through `192000` in increments of `12000`.
+         * Amount of IOPS provisioned for metadata. This parameter should only be used when the mode is set to `USER_PROVISIONED`. Valid Values are `1500`,`3000`,`6000` and `12000` through `192000` in increments of `12000`. Valid values for `INTELLIGENT_TIERING` storage type are `6000` or `12000`.
          */
         iops: number;
         /**
-         * Mode for the metadata configuration of the file system. Valid values are `AUTOMATIC`, and `USER_PROVISIONED`.
+         * Mode for the metadata configuration of the file system. Valid values are `AUTOMATIC`, and `USER_PROVISIONED`. Must be set to `USER_PROVISIONED` for `INTELLIGENT_TIERING` storage type.
          *
          * !> **WARNING:** Updating the value of `iops` from a higher to a lower value will force a recreation of the resource. Any data on the file system will be lost when recreating.
          */
@@ -48029,7 +48113,7 @@ export declare namespace lambda {
          */
         logGroup: string;
         /**
-         * for JSON structured logs, choose the detail level of the Lambda platform event logs sent to CloudWatch, such as `ERROR`, `DEBUG`, or `INFO`.
+         * for JSON structured logs, choose the detail level of the Lambda platform event logs sent to CloudWatch, such as `WARN`, `DEBUG`, or `INFO`.
          */
         systemLogLevel?: string;
     }
@@ -61015,34 +61099,43 @@ export declare namespace licensemanager {
 export declare namespace lightsail {
     interface CertificateDomainValidationOption {
         /**
-         * A domain name for which the certificate should be issued.
+         * Domain name for which the certificate should be issued.
          */
         domainName: string;
+        /**
+         * Name of the DNS record to create to validate the certificate.
+         */
         resourceRecordName: string;
+        /**
+         * Type of DNS record to create to validate the certificate.
+         */
         resourceRecordType: string;
+        /**
+         * Value of the DNS record to create to validate the certificate.
+         */
         resourceRecordValue: string;
     }
     interface ContainerServiceDeploymentVersionContainer {
         /**
-         * The launch command for the container. A list of string.
+         * Launch command for the container. A list of strings.
          */
         commands?: string[];
         /**
-         * The name for the container.
+         * Name of the container.
          */
         containerName: string;
         /**
-         * A key-value map of the environment variables of the container.
+         * Key-value map of the environment variables of the container.
          */
         environment?: {
             [key: string]: string;
         };
         /**
-         * The name of the image used for the container. Container images sourced from your Lightsail container service, that are registered and stored on your service, start with a colon (`:`). For example, `:container-service-1.mystaticwebsite.1`. Container images sourced from a public registry like Docker Hub don't start with a colon. For example, `nginx:latest` or `nginx`.
+         * Name of the image used for the container. Container images sourced from your Lightsail container service, that are registered and stored on your service, start with a colon (`:`). For example, `:container-service-1.mystaticwebsite.1`. Container images sourced from a public registry like Docker Hub don't start with a colon. For example, `nginx:latest` or `nginx`.
          */
         image: string;
         /**
-         * A key-value map of the open firewall ports of the container. Valid values: `HTTP`, `HTTPS`, `TCP`, `UDP`.
+         * Key-value map of the open firewall ports of the container. Valid values: `HTTP`, `HTTPS`, `TCP`, `UDP`.
          */
         ports?: {
             [key: string]: string;
@@ -61050,188 +61143,195 @@ export declare namespace lightsail {
     }
     interface ContainerServiceDeploymentVersionPublicEndpoint {
         /**
-         * The name of the container for the endpoint.
+         * Name of the container for the endpoint.
          */
         containerName: string;
         /**
-         * The port of the container to which traffic is forwarded to.
+         * Port of the container to which traffic is forwarded to.
          */
         containerPort: number;
         /**
-         * A configuration block that describes the health check configuration of the container. Detailed below.
+         * Configuration block that describes the health check configuration of the container. See below.
          */
         healthCheck: outputs.lightsail.ContainerServiceDeploymentVersionPublicEndpointHealthCheck;
     }
     interface ContainerServiceDeploymentVersionPublicEndpointHealthCheck {
         /**
-         * The number of consecutive health checks successes required before moving the container to the Healthy state. Defaults to 2.
+         * Number of consecutive health check successes required before moving the container to the Healthy state. Defaults to 2.
          */
         healthyThreshold?: number;
         /**
-         * The approximate interval, in seconds, between health checks of an individual container. You can specify between 5 and 300 seconds. Defaults to 5.
+         * Approximate interval, in seconds, between health checks of an individual container. You can specify between 5 and 300 seconds. Defaults to 5.
          */
         intervalSeconds?: number;
         /**
-         * The path on the container on which to perform the health check. Defaults to "/".
+         * Path on the container on which to perform the health check. Defaults to "/".
          */
         path?: string;
         /**
-         * The HTTP codes to use when checking for a successful response from a container. You can specify values between 200 and 499. Defaults to "200-499".
+         * HTTP codes to use when checking for a successful response from a container. You can specify values between 200 and 499. Defaults to "200-499".
          */
         successCodes?: string;
         /**
-         * The amount of time, in seconds, during which no response means a failed health check. You can specify between 2 and 60 seconds. Defaults to 2.
+         * Amount of time, in seconds, during which no response means a failed health check. You can specify between 2 and 60 seconds. Defaults to 2.
          */
         timeoutSeconds?: number;
         /**
-         * The number of consecutive health checks failures required before moving the container to the Unhealthy state. Defaults to 2.
+         * Number of consecutive health check failures required before moving the container to the Unhealthy state. Defaults to 2.
          */
         unhealthyThreshold?: number;
     }
     interface ContainerServicePrivateRegistryAccess {
         /**
-         * Describes a request to configure an Amazon Lightsail container service to access private container image repositories, such as Amazon Elastic Container Registry (Amazon ECR) private repositories. See ECR Image Puller Role below for more details.
+         * Configuration to access private container image repositories, such as Amazon Elastic Container Registry (Amazon ECR) private repositories. See below.
          */
         ecrImagePullerRole: outputs.lightsail.ContainerServicePrivateRegistryAccessEcrImagePullerRole;
     }
     interface ContainerServicePrivateRegistryAccessEcrImagePullerRole {
         /**
-         * A Boolean value that indicates whether to activate the role. The default is `false`.
+         * Whether to activate the role. Defaults to `false`.
          */
         isActive?: boolean;
         /**
-         * The principal ARN of the container service. The principal ARN can be used to create a trust
-         * relationship between your standard AWS account and your Lightsail container service. This allows you to give your
-         * service permission to access resources in your standard AWS account.
+         * Principal ARN of the container service. The principal ARN can be used to create a trust relationship between your standard AWS account and your Lightsail container service.
          */
         principalArn: string;
     }
     interface ContainerServicePublicDomainNames {
+        /**
+         * Set of certificate configurations for the public domain names. Each element contains the following attributes:
+         */
         certificates: outputs.lightsail.ContainerServicePublicDomainNamesCertificate[];
     }
     interface ContainerServicePublicDomainNamesCertificate {
+        /**
+         * Name of the certificate.
+         */
         certificateName: string;
+        /**
+         * List of domain names for the certificate.
+         */
         domainNames: string[];
     }
     interface DistributionCacheBehavior {
         /**
-         * The cache behavior for the specified path.
+         * Cache behavior for the specified path. Valid values: `cache`, `dont-cache`.
          */
         behavior: string;
         /**
-         * The path to a directory or file to cached, or not cache. Use an asterisk symbol to specify wildcard directories (path/to/assets/\*), and file types (\*.html, \*jpg, \*js). Directories and file paths are case-sensitive.
+         * Path to a directory or file to cache, or not cache. Use an asterisk symbol to specify wildcard directories (`path/to/assets/*`), and file types (`*.html`, `*.jpg`, `*.js`). Directories and file paths are case-sensitive.
          */
         path: string;
     }
     interface DistributionCacheBehaviorSettings {
         /**
-         * The HTTP methods that are processed and forwarded to the distribution's origin.
+         * HTTP methods that are processed and forwarded to the distribution's origin.
          */
         allowedHttpMethods?: string;
         /**
-         * The HTTP method responses that are cached by your distribution.
+         * HTTP method responses that are cached by your distribution.
          */
         cachedHttpMethods?: string;
         /**
-         * The default amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the content has been updated.
+         * Default amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the content has been updated.
          */
         defaultTtl?: number;
         /**
-         * An object that describes the cookies that are forwarded to the origin. Your content is cached based on the cookies that are forwarded. Detailed below
+         * Cookies that are forwarded to the origin. Your content is cached based on the cookies that are forwarded. See below.
          */
         forwardedCookies?: outputs.lightsail.DistributionCacheBehaviorSettingsForwardedCookies;
         /**
-         * An object that describes the headers that are forwarded to the origin. Your content is cached based on the headers that are forwarded. Detailed below
+         * Headers that are forwarded to the origin. Your content is cached based on the headers that are forwarded. See below.
          */
         forwardedHeaders?: outputs.lightsail.DistributionCacheBehaviorSettingsForwardedHeaders;
         /**
-         * An object that describes the query strings that are forwarded to the origin. Your content is cached based on the query strings that are forwarded. Detailed below
+         * Query strings that are forwarded to the origin. Your content is cached based on the query strings that are forwarded. See below.
          */
         forwardedQueryStrings?: outputs.lightsail.DistributionCacheBehaviorSettingsForwardedQueryStrings;
         /**
-         * The maximum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.
+         * Maximum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.
          */
         maximumTtl?: number;
         /**
-         * The minimum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.
+         * Minimum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.
          */
         minimumTtl?: number;
     }
     interface DistributionCacheBehaviorSettingsForwardedCookies {
         /**
-         * The specific cookies to forward to your distribution's origin.
+         * Specific cookies to forward to your distribution's origin.
          */
         cookiesAllowLists?: string[];
         /**
-         * Specifies which cookies to forward to the distribution's origin for a cache behavior: all, none, or allow-list to forward only the cookies specified in the cookiesAllowList parameter.
+         * Which cookies to forward to the distribution's origin for a cache behavior. Valid values: `all`, `none`, `allow-list`.
          */
         option?: string;
     }
     interface DistributionCacheBehaviorSettingsForwardedHeaders {
         /**
-         * The specific headers to forward to your distribution's origin.
+         * Specific headers to forward to your distribution's origin.
          */
         headersAllowLists?: string[];
         /**
-         * The headers that you want your distribution to forward to your origin and base caching on.
+         * Headers that you want your distribution to forward to your origin and base caching on. Valid values: `default`, `allow-list`, `all`.
          */
         option?: string;
     }
     interface DistributionCacheBehaviorSettingsForwardedQueryStrings {
         /**
-         * Indicates whether the distribution forwards and caches based on query strings.
+         * Whether the distribution forwards and caches based on query strings.
          */
         option?: boolean;
         /**
-         * The specific query strings that the distribution forwards to the origin.
+         * Specific query strings that the distribution forwards to the origin.
          */
         queryStringsAllowedLists?: string[];
     }
     interface DistributionDefaultCacheBehavior {
         /**
-         * The cache behavior of the distribution. Valid values: `cache` and `dont-cache`.
+         * Cache behavior of the distribution. Valid values: `cache`, `dont-cache`.
          */
         behavior: string;
     }
     interface DistributionLocation {
         /**
-         * The Availability Zone. Follows the format us-east-2a (case-sensitive).
+         * Availability Zone. Follows the format us-east-2a (case-sensitive).
          */
         availabilityZone: string;
         /**
-         * The AWS Region name.
+         * AWS Region name.
          */
         regionName: string;
     }
     interface DistributionOrigin {
         /**
-         * The name of the origin resource. Your origin can be an instance with an attached static IP, a bucket, or a load balancer that has at least one instance attached to it.
+         * Name of the origin resource. Your origin can be an instance with an attached static IP, a bucket, or a load balancer that has at least one instance attached to it.
          */
         name: string;
         /**
-         * The protocol that your Amazon Lightsail distribution uses when establishing a connection with your origin to pull content.
+         * Protocol that your Amazon Lightsail distribution uses when establishing a connection with your origin to pull content.
          */
         protocolPolicy?: string;
         /**
-         * The AWS Region name of the origin resource.
+         * AWS Region name of the origin resource.
          */
         regionName: string;
         /**
-         * The resource type of the origin resource (e.g., Instance).
+         * Lightsail resource type (e.g., Distribution).
          */
         resourceType: string;
     }
     interface InstanceAddOn {
         /**
-         * The daily time when an automatic snapshot will be created. Must be in HH:00 format, and in an hourly increment and specified in Coordinated Universal Time (UTC). The snapshot will be automatically created between the time specified and up to 45 minutes after.
+         * Daily time when an automatic snapshot will be created. Must be in HH:00 format, and in an hourly increment and specified in Coordinated Universal Time (UTC). The snapshot will be automatically created between the time specified and up to 45 minutes after.
          */
         snapshotTime: string;
         /**
-         * The status of the add-on. Valid Values: `Enabled`, `Disabled`.
+         * Status of the add-on. Valid values: `Enabled`, `Disabled`.
          */
         status: string;
         /**
-         * The add-on type. There is currently only one valid type `AutoSnapshot`.
+         * Add-on type. There is currently only one valid type `AutoSnapshot`.
          */
         type: string;
     }
@@ -61248,9 +61348,12 @@ export declare namespace lightsail {
          * First port in a range of open ports on an instance.
          */
         fromPort: number;
+        /**
+         * Set of IPv6 CIDR blocks.
+         */
         ipv6Cidrs: string[];
         /**
-         * IP protocol name. Valid values are `tcp`, `all`, `udp`, and `icmp`.
+         * IP protocol name. Valid values: `tcp`, `all`, `udp`, `icmp`.
          */
         protocol: string;
         /**
@@ -61262,7 +61365,7 @@ export declare namespace lightsail {
     }
     interface LbCertificateDomainValidationRecord {
         /**
-         * The domain name (e.g., example.com) for your SSL/TLS certificate.
+         * Domain name (e.g., example.com) for your SSL/TLS certificate.
          */
         domainName: string;
         resourceRecordName: string;
@@ -65388,17 +65491,17 @@ export declare namespace neptune {
     }
     interface ClusterServerlessV2ScalingConfiguration {
         /**
-         * The maximum Neptune Capacity Units (NCUs) for this cluster. Must be lower or equal than **128**. See [AWS Documentation](https://docs.aws.amazon.com/neptune/latest/userguide/neptune-serverless-capacity-scaling.html) for more details.
+         * Maximum Neptune Capacity Units (NCUs) for this cluster. Must be lower or equal than **128**. See [AWS Documentation](https://docs.aws.amazon.com/neptune/latest/userguide/neptune-serverless-capacity-scaling.html) for more details.
          */
         maxCapacity?: number;
         /**
-         * The minimum Neptune Capacity Units (NCUs) for this cluster. Must be greater or equal than **1**. See [AWS Documentation](https://docs.aws.amazon.com/neptune/latest/userguide/neptune-serverless-capacity-scaling.html) for more details.
+         * Minimum Neptune Capacity Units (NCUs) for this cluster. Must be greater or equal than **1**. See [AWS Documentation](https://docs.aws.amazon.com/neptune/latest/userguide/neptune-serverless-capacity-scaling.html) for more details.
          */
         minCapacity?: number;
     }
     interface GlobalClusterGlobalClusterMember {
         /**
-         * Amazon Resource Name (ARN) of member DB Cluster.
+         * ARN of member DB Cluster.
          */
         dbClusterArn: string;
         /**
@@ -65882,7 +65985,7 @@ export declare namespace networkfirewall {
          */
         rulesSourceList?: outputs.networkfirewall.RuleGroupRuleGroupRulesSourceRulesSourceList;
         /**
-         * The fully qualified name of a file in an S3 bucket that contains Suricata compatible intrusion preventions system (IPS) rules or the Suricata rules as a string. These rules contain **stateful** inspection criteria and the action to take for traffic that matches the criteria.
+         * Stateful inspection criteria, provided in Suricata compatible rules. These rules contain the inspection criteria and the action to take for traffic that matches the criteria, so this type of rule group doesn’t have a separate action setting.
          */
         rulesString?: string;
         /**
@@ -75904,6 +76007,18 @@ export declare namespace s3control {
             [key: string]: string;
         };
     }
+    interface DirectoryBucketAccessPointScopeScope {
+        /**
+         * You can specify a list of API operations as permissions for the access point.
+         */
+        permissions?: string[];
+        /**
+         * You can specify a list of prefixes, but the total length of characters of all prefixes must be less than 256 bytes.
+         *
+         * * For more information on access point scope, see [AWS Documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points-directory-buckets-manage-scope.html).
+         */
+        prefixes?: string[];
+    }
     interface GetMultiRegionAccessPointPublicAccessBlock {
         /**
          * Specifies whether Amazon S3 should block public access control lists (ACLs). When set to `true` causes the following behavior:
@@ -82979,7 +83094,7 @@ export declare namespace ssm {
          */
         key: string;
         /**
-         * A list of instance IDs or tag values. AWS currently limits this list size to one value.
+         * User-defined criteria that maps to Key. A list of instance IDs or tag values.
          */
         values: string[];
     }
@@ -85785,6 +85900,72 @@ export declare namespace vpc {
          */
         hostedZoneId: string;
     }
+    interface RouteServerEndpointTimeouts {
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+         */
+        create?: string;
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
+         */
+        delete?: string;
+    }
+    interface RouteServerPeerBgpOptions {
+        /**
+         * The Border Gateway Protocol (BGP) Autonomous System Number (ASN) for the appliance. Valid values are from 1 to 4294967295. We recommend using a private ASN in the 64512–65534 (16-bit ASN) or 4200000000–4294967294 (32-bit ASN) range.
+         */
+        peerAsn: number;
+        /**
+         * The requested liveness detection protocol for the BGP peer. Valid values are `bgp-keepalive` and `bfd`. Default value is `bgp-keepalive`.
+         *
+         * The following arguments are optional:
+         */
+        peerLivenessDetection: string;
+    }
+    interface RouteServerPeerTimeouts {
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+         */
+        create?: string;
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
+         */
+        delete?: string;
+    }
+    interface RouteServerPropagationTimeouts {
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+         */
+        create?: string;
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
+         */
+        delete?: string;
+    }
+    interface RouteServerTimeouts {
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+         */
+        create?: string;
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
+         */
+        delete?: string;
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+         */
+        update?: string;
+    }
+    interface RouteServerVpcAssociationTimeouts {
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
+         */
+        create?: string;
+        /**
+         * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
+         */
+        delete?: string;
+    }
     interface SecurityGroupVpcAssociationTimeouts {
         /**
          * A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
@@ -86945,6 +87126,10 @@ export declare namespace wafv2 {
          * A logical rule statement used to combine other rule statements with AND logic. See AND Statement below for details.
          */
         andStatement?: outputs.wafv2.RuleGroupRuleStatementAndStatement;
+        /**
+         * Rule statement that inspects web traffic based on the Autonomous System Number (ASN) associated with the request's IP address. See `asnMatchStatement` below for details.
+         */
+        asnMatchStatement?: outputs.wafv2.RuleGroupRuleStatementAsnMatchStatement;
         /**
          * A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.
          */
@@ -87000,6 +87185,26 @@ export declare namespace wafv2 {
          */
         statements: outputs.wafv2.RuleGroupRuleStatement[];
     }
+    interface RuleGroupRuleStatementAsnMatchStatement {
+        /**
+         * List of Autonomous System Numbers (ASNs).
+         */
+        asnLists: number[];
+        /**
+         * Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for more details.
+         */
+        forwardedIpConfig?: outputs.wafv2.RuleGroupRuleStatementAsnMatchStatementForwardedIpConfig;
+    }
+    interface RuleGroupRuleStatementAsnMatchStatementForwardedIpConfig {
+        /**
+         * The match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include: `MATCH` or `NO_MATCH`.
+         */
+        fallbackBehavior: string;
+        /**
+         * The name of the HTTP header to use for the IP address.
+         */
+        headerName: string;
+    }
     interface RuleGroupRuleStatementByteMatchStatement {
         /**
          * The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
@@ -87487,6 +87692,10 @@ export declare namespace wafv2 {
          * A logical rule statement used to combine other rule statements with AND logic. See AND Statement below for details.
          */
         andStatement?: outputs.wafv2.RuleGroupRuleStatementRateBasedStatementScopeDownStatementAndStatement;
+        /**
+         * Rule statement that inspects web traffic based on the Autonomous System Number (ASN) associated with the request's IP address. See `asnMatchStatement` below for details.
+         */
+        asnMatchStatement?: outputs.wafv2.RuleGroupRuleStatementRateBasedStatementScopeDownStatementAsnMatchStatement;
         /**
          * A rule statement that defines a string match search for AWS WAF to apply to web requests. See Byte Match Statement below for details.
          */
@@ -87538,6 +87747,26 @@ export declare namespace wafv2 {
          */
         statements: outputs.wafv2.RuleGroupRuleStatement[];
     }
+    interface RuleGroupRuleStatementRateBasedStatementScopeDownStatementAsnMatchStatement {
+        /**
+         * List of Autonomous System Numbers (ASNs).
+         */
+        asnLists: number[];
+        /**
+         * Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See Forwarded IP Config below for more details.
+         */
+        forwardedIpConfig?: outputs.wafv2.RuleGroupRuleStatementRateBasedStatementScopeDownStatementAsnMatchStatementForwardedIpConfig;
+    }
+    interface RuleGroupRuleStatementRateBasedStatementScopeDownStatementAsnMatchStatementForwardedIpConfig {
+        /**
+         * The match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include: `MATCH` or `NO_MATCH`.
+         */
+        fallbackBehavior: string;
+        /**
+         * The name of the HTTP header to use for the IP address.
+         */
+        headerName: string;
+    }
     interface RuleGroupRuleStatementRateBasedStatementScopeDownStatementByteMatchStatement {
         /**
          * The part of a web request that you want AWS WAF to inspect. See Field to Match below for details.
@@ -90463,6 +90692,10 @@ export declare namespace wafv2 {
          * Logical rule statement used to combine other rule statements with AND logic. See `andStatement` below for details.
          */
         andStatement?: outputs.wafv2.WebAclRuleStatementAndStatement;
+        /**
+         * Rule statement that inspects web traffic based on the Autonomous System Number (ASN) associated with the request's IP address. See `asnMatchStatement` below for details.
+         */
+        asnMatchStatement?: outputs.wafv2.WebAclRuleStatementAsnMatchStatement;
         /**
          * Rule statement that defines a string match search for AWS WAF to apply to web requests. See `byteMatchStatement` below for details.
          */
@@ -90526,6 +90759,26 @@ export declare namespace wafv2 {
          */
         statements: outputs.wafv2.WebAclRuleStatement[];
     }
+    interface WebAclRuleStatementAsnMatchStatement {
+        /**
+         * List of Autonomous System Numbers (ASNs).
+         */
+        asnLists: number[];
+        /**
+         * Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See `forwardedIpConfig` below for more details.
+         */
+        forwardedIpConfig?: outputs.wafv2.WebAclRuleStatementAsnMatchStatementForwardedIpConfig;
+    }
+    interface WebAclRuleStatementAsnMatchStatementForwardedIpConfig {
+        /**
+         * Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include: `MATCH` or `NO_MATCH`.
+         */
+        fallbackBehavior: string;
+        /**
+         * Name of the HTTP header to use for the IP address.
+         */
+        headerName: string;
+    }
     interface WebAclRuleStatementByteMatchStatement {
         /**
          * Part of a web request that you want AWS WAF to inspect. See `fieldToMatch` below for details.
@@ -91275,6 +91528,10 @@ export declare namespace wafv2 {
          * Logical rule statement used to combine other rule statements with AND logic. See `andStatement` below for details.
          */
         andStatement?: outputs.wafv2.WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementAndStatement;
+        /**
+         * Rule statement that inspects web traffic based on the Autonomous System Number (ASN) associated with the request's IP address. See `asnMatchStatement` below for details.
+         */
+        asnMatchStatement?: outputs.wafv2.WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementAsnMatchStatement;
         /**
          * Rule statement that defines a string match search for AWS WAF to apply to web requests. See `byteMatchStatement` below for details.
          */
@@ -91326,6 +91583,26 @@ export declare namespace wafv2 {
          */
         statements: outputs.wafv2.WebAclRuleStatement[];
     }
+    interface WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementAsnMatchStatement {
+        /**
+         * List of Autonomous System Numbers (ASNs).
+         */
+        asnLists: number[];
+        /**
+         * Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See `forwardedIpConfig` below for more details.
+         */
+        forwardedIpConfig?: outputs.wafv2.WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementAsnMatchStatementForwardedIpConfig;
+    }
+    interface WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementAsnMatchStatementForwardedIpConfig {
+        /**
+         * Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include: `MATCH` or `NO_MATCH`.
+         */
+        fallbackBehavior: string;
+        /**
+         * Name of the HTTP header to use for the IP address.
+         */
+        headerName: string;
+    }
     interface WebAclRuleStatementManagedRuleGroupStatementScopeDownStatementByteMatchStatement {
         /**
          * Part of a web request that you want AWS WAF to inspect. See `fieldToMatch` below for details.
@@ -92891,6 +93168,10 @@ export declare namespace wafv2 {
          * Logical rule statement used to combine other rule statements with AND logic. See `andStatement` below for details.
          */
         andStatement?: outputs.wafv2.WebAclRuleStatementRateBasedStatementScopeDownStatementAndStatement;
+        /**
+         * Rule statement that inspects web traffic based on the Autonomous System Number (ASN) associated with the request's IP address. See `asnMatchStatement` below for details.
+         */
+        asnMatchStatement?: outputs.wafv2.WebAclRuleStatementRateBasedStatementScopeDownStatementAsnMatchStatement;
         /**
          * Rule statement that defines a string match search for AWS WAF to apply to web requests. See `byteMatchStatement` below for details.
          */
@@ -92942,6 +93223,26 @@ export declare namespace wafv2 {
          */
         statements: outputs.wafv2.WebAclRuleStatement[];
     }
+    interface WebAclRuleStatementRateBasedStatementScopeDownStatementAsnMatchStatement {
+        /**
+         * List of Autonomous System Numbers (ASNs).
+         */
+        asnLists: number[];
+        /**
+         * Configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. See `forwardedIpConfig` below for more details.
+         */
+        forwardedIpConfig?: outputs.wafv2.WebAclRuleStatementRateBasedStatementScopeDownStatementAsnMatchStatementForwardedIpConfig;
+    }
+    interface WebAclRuleStatementRateBasedStatementScopeDownStatementAsnMatchStatementForwardedIpConfig {
+        /**
+         * Match status to assign to the web request if the request doesn't have a valid IP address in the specified position. Valid values include: `MATCH` or `NO_MATCH`.
+         */
+        fallbackBehavior: string;
+        /**
+         * Name of the HTTP header to use for the IP address.
+         */
+        headerName: string;
+    }
     interface WebAclRuleStatementRateBasedStatementScopeDownStatementByteMatchStatement {
         /**
          * Part of a web request that you want AWS WAF to inspect. See `fieldToMatch` below for details.
@@ -95835,6 +96136,88 @@ export declare namespace workspaces {
          */
         source: string;
     }
+    interface WebDataProtectionSettingsInlineRedactionConfiguration {
+        /**
+         * The global confidence level for the inline redaction configuration. This indicates the certainty of data type matches in the redaction process. Values range from 1 (low confidence) to 3 (high confidence).
+         */
+        globalConfidenceLevel?: number;
+        /**
+         * The global enforced URL configuration for the inline redaction configuration.
+         */
+        globalEnforcedUrls?: string[];
+        /**
+         * The global exempt URL configuration for the inline redaction configuration.
+         */
+        globalExemptUrls?: string[];
+        /**
+         * The inline redaction patterns to be enabled for the inline redaction configuration. Detailed below.
+         */
+        inlineRedactionPatterns?: outputs.workspaces.WebDataProtectionSettingsInlineRedactionConfigurationInlineRedactionPattern[];
+    }
+    interface WebDataProtectionSettingsInlineRedactionConfigurationInlineRedactionPattern {
+        /**
+         * The built-in pattern from the list of preconfigured patterns. Either a `customPattern` or `builtInPatternId` is required.
+         */
+        builtInPatternId?: string;
+        /**
+         * The confidence level for inline redaction pattern. This indicates the certainty of data type matches in the redaction process. Values range from 1 (low confidence) to 3 (high confidence).
+         */
+        confidenceLevel?: number;
+        /**
+         * The configuration for a custom pattern. Either a `customPattern` or `builtInPatternId` is required. Detailed below.
+         */
+        customPattern?: outputs.workspaces.WebDataProtectionSettingsInlineRedactionConfigurationInlineRedactionPatternCustomPattern;
+        /**
+         * The enforced URL configuration for the inline redaction pattern.
+         */
+        enforcedUrls?: string[];
+        /**
+         * The exempt URL configuration for the inline redaction pattern.
+         */
+        exemptUrls?: string[];
+        /**
+         * The redaction placeholder that will replace the redacted text in session. Detailed below.
+         */
+        redactionPlaceHolders?: outputs.workspaces.WebDataProtectionSettingsInlineRedactionConfigurationInlineRedactionPatternRedactionPlaceHolder[];
+    }
+    interface WebDataProtectionSettingsInlineRedactionConfigurationInlineRedactionPatternCustomPattern {
+        /**
+         * The keyword regex for the customer pattern.
+         */
+        keywordRegex?: string;
+        /**
+         * The pattern description for the customer pattern.
+         */
+        patternDescription?: string;
+        /**
+         * The pattern name for the custom pattern.
+         */
+        patternName: string;
+        /**
+         * The pattern regex for the customer pattern. The format must follow JavaScript regex format.
+         */
+        patternRegex: string;
+    }
+    interface WebDataProtectionSettingsInlineRedactionConfigurationInlineRedactionPatternRedactionPlaceHolder {
+        /**
+         * The redaction placeholder text that will replace the redacted text in session for the custom text redaction placeholder type.
+         */
+        redactionPlaceHolderText?: string;
+        /**
+         * The redaction placeholder type that will replace the redacted text in session. Currently, only `CustomText` is supported.
+         */
+        redactionPlaceHolderType: string;
+    }
+    interface WebIpAccessSettingsIpRule {
+        /**
+         * The description of the IP access settings.
+         */
+        description?: string;
+        /**
+         * The IP range of the IP rule.
+         */
+        ipRange: string;
+    }
     interface WebUserSettingsCookieSynchronizationConfiguration {
         /**
          * List of cookie specifications that are allowed to be synchronized to the remote browser.
@@ -95914,6 +96297,146 @@ export declare namespace workspaces {
         userVolumeSizeGib?: number;
     }
 }
+export declare namespace workspacesweb {
+    interface DataProtectionSettingsInlineRedactionConfiguration {
+        /**
+         * The global confidence level for the inline redaction configuration. This indicates the certainty of data type matches in the redaction process. Values range from 1 (low confidence) to 3 (high confidence).
+         */
+        globalConfidenceLevel?: number;
+        /**
+         * The global enforced URL configuration for the inline redaction configuration.
+         */
+        globalEnforcedUrls?: string[];
+        /**
+         * The global exempt URL configuration for the inline redaction configuration.
+         */
+        globalExemptUrls?: string[];
+        /**
+         * The inline redaction patterns to be enabled for the inline redaction configuration. Detailed below.
+         */
+        inlineRedactionPatterns?: outputs.workspacesweb.DataProtectionSettingsInlineRedactionConfigurationInlineRedactionPattern[];
+    }
+    interface DataProtectionSettingsInlineRedactionConfigurationInlineRedactionPattern {
+        /**
+         * The built-in pattern from the list of preconfigured patterns. Either a `customPattern` or `builtInPatternId` is required.
+         */
+        builtInPatternId?: string;
+        /**
+         * The confidence level for inline redaction pattern. This indicates the certainty of data type matches in the redaction process. Values range from 1 (low confidence) to 3 (high confidence).
+         */
+        confidenceLevel?: number;
+        /**
+         * The configuration for a custom pattern. Either a `customPattern` or `builtInPatternId` is required. Detailed below.
+         */
+        customPattern?: outputs.workspacesweb.DataProtectionSettingsInlineRedactionConfigurationInlineRedactionPatternCustomPattern;
+        /**
+         * The enforced URL configuration for the inline redaction pattern.
+         */
+        enforcedUrls?: string[];
+        /**
+         * The exempt URL configuration for the inline redaction pattern.
+         */
+        exemptUrls?: string[];
+        /**
+         * The redaction placeholder that will replace the redacted text in session. Detailed below.
+         */
+        redactionPlaceHolders?: outputs.workspacesweb.DataProtectionSettingsInlineRedactionConfigurationInlineRedactionPatternRedactionPlaceHolder[];
+    }
+    interface DataProtectionSettingsInlineRedactionConfigurationInlineRedactionPatternCustomPattern {
+        /**
+         * The keyword regex for the customer pattern.
+         */
+        keywordRegex?: string;
+        /**
+         * The pattern description for the customer pattern.
+         */
+        patternDescription?: string;
+        /**
+         * The pattern name for the custom pattern.
+         */
+        patternName: string;
+        /**
+         * The pattern regex for the customer pattern. The format must follow JavaScript regex format.
+         */
+        patternRegex: string;
+    }
+    interface DataProtectionSettingsInlineRedactionConfigurationInlineRedactionPatternRedactionPlaceHolder {
+        /**
+         * The redaction placeholder text that will replace the redacted text in session for the custom text redaction placeholder type.
+         */
+        redactionPlaceHolderText?: string;
+        /**
+         * The redaction placeholder type that will replace the redacted text in session. Currently, only `CustomText` is supported.
+         */
+        redactionPlaceHolderType: string;
+    }
+    interface IpAccessSettingsIpRule {
+        /**
+         * The description of the IP access settings.
+         */
+        description?: string;
+        /**
+         * The IP range of the IP rule.
+         */
+        ipRange: string;
+    }
+    interface UserSettingsCookieSynchronizationConfiguration {
+        /**
+         * List of cookie specifications that are allowed to be synchronized to the remote browser.
+         */
+        allowlists?: outputs.workspacesweb.UserSettingsCookieSynchronizationConfigurationAllowlist[];
+        /**
+         * List of cookie specifications that are blocked from being synchronized to the remote browser.
+         */
+        blocklists?: outputs.workspacesweb.UserSettingsCookieSynchronizationConfigurationBlocklist[];
+    }
+    interface UserSettingsCookieSynchronizationConfigurationAllowlist {
+        /**
+         * Domain of the cookie.
+         */
+        domain: string;
+        /**
+         * Name of the cookie.
+         */
+        name?: string;
+        /**
+         * Path of the cookie.
+         */
+        path?: string;
+    }
+    interface UserSettingsCookieSynchronizationConfigurationBlocklist {
+        /**
+         * Domain of the cookie.
+         */
+        domain: string;
+        /**
+         * Name of the cookie.
+         */
+        name?: string;
+        /**
+         * Path of the cookie.
+         */
+        path?: string;
+    }
+    interface UserSettingsToolbarConfiguration {
+        /**
+         * List of toolbar items to be hidden.
+         */
+        hiddenToolbarItems?: string[];
+        /**
+         * Maximum display resolution that is allowed for the session.
+         */
+        maxDisplayResolution?: string;
+        /**
+         * Type of toolbar displayed during the session.
+         */
+        toolbarType?: string;
+        /**
+         * Visual mode of the toolbar.
+         */
+        visualMode?: string;
+    }
+}
 export declare namespace xray {
     interface GroupInsightsConfiguration {
         /**