@pulumi/aws 7.0.0-alpha.2 → 7.0.0-alpha.3

package/types/input.d.ts

@@ -1336,33 +1336,63 @@ export interface ProviderIgnoreTags {
 export declare namespace accessanalyzer {
     interface AnalyzerConfiguration {
         /**
-         * A block that specifies the configuration of an unused access analyzer for an AWS organization or account. Documented below
+         * Specifies the configuration of an internal access analyzer for an AWS organization or account. This configuration determines how the analyzer evaluates access within your AWS environment. See `internalAccess` Block for details.
+         */
+        internalAccess?: pulumi.Input<inputs.accessanalyzer.AnalyzerConfigurationInternalAccess>;
+        /**
+         * Specifies the configuration of an unused access analyzer for an AWS organization or account. See `unusedAccess` Block for details.
          */
         unusedAccess?: pulumi.Input<inputs.accessanalyzer.AnalyzerConfigurationUnusedAccess>;
     }
+    interface AnalyzerConfigurationInternalAccess {
+        /**
+         * Information about analysis rules for the internal access analyzer. These rules determine which resources and access patterns will be analyzed. See `analysisRule` Block for Internal Access Analyzer for details.
+         */
+        analysisRule?: pulumi.Input<inputs.accessanalyzer.AnalyzerConfigurationInternalAccessAnalysisRule>;
+    }
+    interface AnalyzerConfigurationInternalAccessAnalysisRule {
+        /**
+         * List of rules for the internal access analyzer containing criteria to include in analysis. Only resources that meet the rule criteria will generate findings. See `inclusion` Block for details.
+         */
+        inclusions?: pulumi.Input<pulumi.Input<inputs.accessanalyzer.AnalyzerConfigurationInternalAccessAnalysisRuleInclusion>[]>;
+    }
+    interface AnalyzerConfigurationInternalAccessAnalysisRuleInclusion {
+        /**
+         * List of AWS account IDs to apply to the internal access analysis rule criteria. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.
+         */
+        accountIds?: pulumi.Input<pulumi.Input<string>[]>;
+        /**
+         * List of resource ARNs to apply to the internal access analysis rule criteria. The analyzer will only generate findings for resources that match these ARNs.
+         */
+        resourceArns?: pulumi.Input<pulumi.Input<string>[]>;
+        /**
+         * List of resource types to apply to the internal access analysis rule criteria. The analyzer will only generate findings for resources of these types. Refer to [InternalAccessAnalysisRuleCriteria](https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_InternalAccessAnalysisRuleCriteria.html) in the AWS IAM Access Analyzer API Reference for valid values.
+         */
+        resourceTypes?: pulumi.Input<pulumi.Input<string>[]>;
+    }
     interface AnalyzerConfigurationUnusedAccess {
         /**
-         * A block for analysis rules. Documented below
+         * Information about analysis rules for the analyzer. Analysis rules determine which entities will generate findings based on the criteria you define when you create the rule. See `analysisRule` Block for Unused Access Analyzer for details.
          */
         analysisRule?: pulumi.Input<inputs.accessanalyzer.AnalyzerConfigurationUnusedAccessAnalysisRule>;
         /**
-         * The specified access age in days for which to generate findings for unused access.
+         * Specified access age in days for which to generate findings for unused access.
          */
         unusedAccessAge?: pulumi.Input<number>;
     }
     interface AnalyzerConfigurationUnusedAccessAnalysisRule {
         /**
-         * A block for the analyzer rules containing criteria to exclude from analysis. Documented below
+         * List of rules for the analyzer containing criteria to exclude from analysis. Entities that meet the rule criteria will not generate findings. See `exclusion` Block for details.
          */
         exclusions?: pulumi.Input<pulumi.Input<inputs.accessanalyzer.AnalyzerConfigurationUnusedAccessAnalysisRuleExclusion>[]>;
     }
     interface AnalyzerConfigurationUnusedAccessAnalysisRuleExclusion {
         /**
-         * A list of account IDs to exclude from the analysis.
+         * List of AWS account IDs to apply to the analysis rule criteria. The accounts cannot include the organization analyzer owner account. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.
          */
         accountIds?: pulumi.Input<pulumi.Input<string>[]>;
         /**
-         * A list of key-value pairs for resource tags to exclude from the analysis.
+         * List of key-value pairs for resource tags to exclude from the analysis.
          */
         resourceTags?: pulumi.Input<pulumi.Input<{
             [key: string]: pulumi.Input<string>;
@@ -2379,6 +2409,12 @@ export declare namespace amplify {
          */
         target: pulumi.Input<string>;
     }
+    interface AppJobConfig {
+        /**
+         * Size of the build instance. Valid values: `STANDARD_8GB`, `LARGE_16GB`, and `XLARGE_72GB`. Default: `STANDARD_8GB`.
+         */
+        buildComputeType?: pulumi.Input<string>;
+    }
     interface AppProductionBranch {
         /**
          * Branch name for the production branch.
@@ -14481,6 +14517,10 @@ export declare namespace codebuild {
          * the [CodeBuild User Guide](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html).
          */
         computeType: pulumi.Input<string>;
+        /**
+         * Configuration block. Detailed below.
+         */
+        dockerServer?: pulumi.Input<inputs.codebuild.ProjectEnvironmentDockerServer>;
         /**
          * Configuration block. Detailed below.
          */
@@ -14520,6 +14560,16 @@ export declare namespace codebuild {
          */
         type: pulumi.Input<string>;
     }
+    interface ProjectEnvironmentDockerServer {
+        /**
+         * Compute type for the Docker server. Valid values: `BUILD_GENERAL1_SMALL`, `BUILD_GENERAL1_MEDIUM`, `BUILD_GENERAL1_LARGE`, `BUILD_GENERAL1_XLARGE`, and `BUILD_GENERAL1_2XLARGE`.
+         */
+        computeType: pulumi.Input<string>;
+        /**
+         * List of security group IDs to assign to the Docker server.
+         */
+        securityGroupIds?: pulumi.Input<pulumi.Input<string>[]>;
+    }
     interface ProjectEnvironmentEnvironmentVariable {
         /**
          * Environment variable's name or key.
@@ -26638,7 +26688,7 @@ export declare namespace ecr {
         /**
          * A list of image tag prefixes on which to take action.
          */
-        tagPrefixList?: pulumi.Input<string | pulumi.Input<string>[]>;
+        tagPrefixList?: pulumi.Input<pulumi.Input<string>[]>;
         /**
          * The tag status of the image. Either 'tagged', 'untagged', or 'any'.
          */
@@ -53770,25 +53820,23 @@ export declare namespace lightsail {
          */
         cidrListAliases?: pulumi.Input<pulumi.Input<string>[]>;
         /**
-         * Set of CIDR blocks.
+         * Set of IPv4 addresses or ranges of IPv4 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.
          */
         cidrs?: pulumi.Input<pulumi.Input<string>[]>;
         /**
-         * First port in a range of open ports on an instance.
+         * First port in a range of open ports on an instance. See [PortInfo](https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_PortInfo.html) for details.
          */
         fromPort: pulumi.Input<number>;
         /**
-         * Set of IPv6 CIDR blocks.
+         * Set of IPv6 addresses or ranges of IPv6 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.
          */
         ipv6Cidrs?: pulumi.Input<pulumi.Input<string>[]>;
         /**
-         * IP protocol name. Valid values: `tcp`, `all`, `udp`, `icmp`.
+         * IP protocol name. Valid values: `tcp`, `all`, `udp`, `icmp`, `icmpv6`. See [PortInfo](https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_PortInfo.html) for details.
          */
         protocol: pulumi.Input<string>;
         /**
-         * Last port in a range of open ports on an instance.
-         *
-         * The following arguments are optional:
+         * Last port in a range of open ports on an instance. See [PortInfo](https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_PortInfo.html) for details.
          */
         toPort: pulumi.Input<number>;
     }
@@ -57791,6 +57839,12 @@ export declare namespace networkfirewall {
         tcpIdleTimeoutSeconds?: pulumi.Input<number>;
     }
     interface FirewallPolicyFirewallPolicyStatefulRuleGroupReference {
+        /**
+         * Whether to enable deep threat inspection, which allows AWS to analyze service logs of network traffic processed by these rule groups to identify threat indicators across customers. AWS will use these threat indicators to improve the active threat defense managed rule groups and protect the security of AWS customers and services. This only applies to active threat defense maanaged rule groups.
+         *
+         * For details, refer to [AWS active threat defense for AWS Network Firewall](https://docs.aws.amazon.com/network-firewall/latest/developerguide/aws-managed-rule-groups-atd.html) in the AWS Network Firewall Developer Guide.
+         */
+        deepThreatInspection?: pulumi.Input<string>;
         /**
          * Configuration block for override values
          */
@@ -67132,6 +67186,41 @@ export declare namespace s3tables {
          */
         minSnapshotsToKeep: pulumi.Input<number>;
     }
+    interface TableMetadata {
+        /**
+         * Contains details about the metadata for an Iceberg table. This block defines the schema structure for the Apache Iceberg table format.
+         * See `iceberg` below.
+         */
+        iceberg: pulumi.Input<inputs.s3tables.TableMetadataIceberg>;
+    }
+    interface TableMetadataIceberg {
+        /**
+         * Schema configuration for the Iceberg table.
+         * See `schema` below.
+         */
+        schema: pulumi.Input<inputs.s3tables.TableMetadataIcebergSchema>;
+    }
+    interface TableMetadataIcebergSchema {
+        /**
+         * List of schema fields for the Iceberg table. Each field defines a column in the table schema.
+         * See `field` below.
+         */
+        fields?: pulumi.Input<pulumi.Input<inputs.s3tables.TableMetadataIcebergSchemaField>[]>;
+    }
+    interface TableMetadataIcebergSchemaField {
+        /**
+         * The name of the field.
+         */
+        name: pulumi.Input<string>;
+        /**
+         * A Boolean value that specifies whether values are required for each row in this field. Defaults to `false`.
+         */
+        required?: pulumi.Input<boolean>;
+        /**
+         * The field type. S3 Tables supports all Apache Iceberg primitive types including: `boolean`, `int`, `long`, `float`, `double`, `decimal(precision,scale)`, `date`, `time`, `timestamp`, `timestamptz`, `string`, `uuid`, `fixed(length)`, `binary`.
+         */
+        type: pulumi.Input<string>;
+    }
 }
 export declare namespace sagemaker {
     interface AppImageConfigCodeEditorAppImageConfig {
@@ -80920,6 +81009,10 @@ export declare namespace wafv2 {
          * Additional configuration for using the Account Creation Fraud Prevention managed rule group. Use this to specify information such as the registration page of your application and the type of content to accept or reject from the client.
          */
         awsManagedRulesAcfpRuleSet?: pulumi.Input<inputs.wafv2.WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSet>;
+        /**
+         * Configuration for using the anti-DDoS managed rule group. See `awsManagedRulesAntiDdosRuleSet` for more details.
+         */
+        awsManagedRulesAntiDdosRuleSet?: pulumi.Input<inputs.wafv2.WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAntiDdosRuleSet>;
         /**
          * Additional configuration for using the Account Takeover Protection managed rule group. Use this to specify information such as the sign-in page of your application and the type of content to accept or reject from the client.
          */
@@ -81089,6 +81182,36 @@ export declare namespace wafv2 {
          */
         successCodes: pulumi.Input<pulumi.Input<number>[]>;
     }
+    interface WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAntiDdosRuleSet {
+        /**
+         * Configuration for the request handling that's applied by the managed rule group rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` during a distributed denial of service (DDoS) attack. See `clientSideActionConfig` for more details.
+         */
+        clientSideActionConfig: pulumi.Input<inputs.wafv2.WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAntiDdosRuleSetClientSideActionConfig>;
+        /**
+         * Sensitivity that the rule group rule DDoSRequests uses when matching against the DDoS suspicion labeling on a request. Valid values are `LOW` (Default), `MEDIUM`, and `HIGH`.
+         */
+        sensitivityToBlock?: pulumi.Input<string>;
+    }
+    interface WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAntiDdosRuleSetClientSideActionConfig {
+        /**
+         * Configuration for the use of the `AWSManagedRulesAntiDDoSRuleSet` rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests`.
+         */
+        challenge: pulumi.Input<inputs.wafv2.WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAntiDdosRuleSetClientSideActionConfigChallenge>;
+    }
+    interface WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAntiDdosRuleSetClientSideActionConfigChallenge {
+        exemptUriRegularExpressions?: pulumi.Input<pulumi.Input<inputs.wafv2.WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAntiDdosRuleSetClientSideActionConfigChallengeExemptUriRegularExpression>[]>;
+        /**
+         * Sensitivity that the rule group rule ChallengeDDoSRequests uses when matching against the DDoS suspicion labeling on a request. Valid values are `LOW`, `MEDIUM` and `HIGH` (Default).
+         */
+        sensitivity?: pulumi.Input<string>;
+        /**
+         * Configuration whether to use the `AWSManagedRulesAntiDDoSRuleSet` rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` in the rule group evaluation. Valid values are `ENABLED` and `DISABLED`.
+         */
+        usageOfAction: pulumi.Input<string>;
+    }
+    interface WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAntiDdosRuleSetClientSideActionConfigChallengeExemptUriRegularExpression {
+        regexString?: pulumi.Input<string>;
+    }
     interface WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSet {
         /**
          * Whether or not to allow the use of regular expressions in the login page path.
@@ -81238,9 +81361,6 @@ export declare namespace wafv2 {
          * Instructs AWS WAF to run a Captcha check against the web request. See `captcha` below for details.
          */
         captcha?: pulumi.Input<inputs.wafv2.WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCaptcha>;
-        /**
-         * Instructs AWS WAF to run a check against the request to verify that the request is coming from a legitimate client session. See `challenge` below for details.
-         */
         challenge?: pulumi.Input<inputs.wafv2.WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseChallenge>;
         count?: pulumi.Input<inputs.wafv2.WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCount>;
     }
@@ -84883,9 +85003,6 @@ export declare namespace wafv2 {
          * Instructs AWS WAF to run a Captcha check against the web request. See `captcha` below for details.
          */
         captcha?: pulumi.Input<inputs.wafv2.WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCaptcha>;
-        /**
-         * Instructs AWS WAF to run a check against the request to verify that the request is coming from a legitimate client session. See `challenge` below for details.
-         */
         challenge?: pulumi.Input<inputs.wafv2.WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseChallenge>;
         count?: pulumi.Input<inputs.wafv2.WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCount>;
     }

package/types/input.js.map

@@ -1 +1 @@
-{"version":3,"file":"input.js","sourceRoot":"","sources":["../../types/input.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAmpsBjF,IAAiB,GAAG,CAqhKnB;AArhKD,WAAiB,GAAG;IAgmIhB;;OAEG;IACH,SAAgB,kCAAkC,CAAC,GAAwB;;QACvE,uCACO,GAAG,KACN,WAAW,EAAE,MAAA,CAAC,GAAG,CAAC,WAAW,CAAC,mCAAI,EAAE,IACtC;IACN,CAAC;IALe,sCAAkC,qCAKjD,CAAA;IA4CD;;OAEG;IACH,SAAgB,mCAAmC,CAAC,GAAyB;;QACzE,uCACO,GAAG,KACN,WAAW,EAAE,MAAA,CAAC,GAAG,CAAC,WAAW,CAAC,mCAAI,EAAE,IACtC;IACN,CAAC;IALe,uCAAmC,sCAKlD,CAAA;AAy3BL,CAAC,EArhKgB,GAAG,GAAH,WAAG,KAAH,WAAG,QAqhKnB;AAmhsCD,IAAiB,GAAG,CAwcnB;AAxcD,WAAiB,GAAG;IAyXhB;;OAEG;IACH,SAAgB,sCAAsC,CAAC,GAA4B;;QAC/E,uCACO,GAAG,KACN,WAAW,EAAE,MAAA,CAAC,GAAG,CAAC,WAAW,CAAC,mCAAI,WAAW,IAC/C;IACN,CAAC;IALe,0CAAsC,yCAKrD,CAAA;AAuEL,CAAC,EAxcgB,GAAG,GAAH,WAAG,KAAH,WAAG,QAwcnB"}
+{"version":3,"file":"input.js","sourceRoot":"","sources":["../../types/input.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AA0ssBjF,IAAiB,GAAG,CAqhKnB;AArhKD,WAAiB,GAAG;IAgmIhB;;OAEG;IACH,SAAgB,kCAAkC,CAAC,GAAwB;;QACvE,uCACO,GAAG,KACN,WAAW,EAAE,MAAA,CAAC,GAAG,CAAC,WAAW,CAAC,mCAAI,EAAE,IACtC;IACN,CAAC;IALe,sCAAkC,qCAKjD,CAAA;IA4CD;;OAEG;IACH,SAAgB,mCAAmC,CAAC,GAAyB;;QACzE,uCACO,GAAG,KACN,WAAW,EAAE,MAAA,CAAC,GAAG,CAAC,WAAW,CAAC,mCAAI,EAAE,IACtC;IACN,CAAC;IALe,uCAAmC,sCAKlD,CAAA;AAy3BL,CAAC,EArhKgB,GAAG,GAAH,WAAG,KAAH,WAAG,QAqhKnB;AAuhsCD,IAAiB,GAAG,CAwcnB;AAxcD,WAAiB,GAAG;IAyXhB;;OAEG;IACH,SAAgB,sCAAsC,CAAC,GAA4B;;QAC/E,uCACO,GAAG,KACN,WAAW,EAAE,MAAA,CAAC,GAAG,CAAC,WAAW,CAAC,mCAAI,WAAW,IAC/C;IACN,CAAC;IALe,0CAAsC,yCAKrD,CAAA;AAuEL,CAAC,EAxcgB,GAAG,GAAH,WAAG,KAAH,WAAG,QAwcnB"}

package/types/output.d.ts

@@ -32,33 +32,63 @@ export interface GetRegionsFilter {
 export declare namespace accessanalyzer {
     interface AnalyzerConfiguration {
         /**
-         * A block that specifies the configuration of an unused access analyzer for an AWS organization or account. Documented below
+         * Specifies the configuration of an internal access analyzer for an AWS organization or account. This configuration determines how the analyzer evaluates access within your AWS environment. See `internalAccess` Block for details.
+         */
+        internalAccess?: outputs.accessanalyzer.AnalyzerConfigurationInternalAccess;
+        /**
+         * Specifies the configuration of an unused access analyzer for an AWS organization or account. See `unusedAccess` Block for details.
          */
         unusedAccess?: outputs.accessanalyzer.AnalyzerConfigurationUnusedAccess;
     }
+    interface AnalyzerConfigurationInternalAccess {
+        /**
+         * Information about analysis rules for the internal access analyzer. These rules determine which resources and access patterns will be analyzed. See `analysisRule` Block for Internal Access Analyzer for details.
+         */
+        analysisRule?: outputs.accessanalyzer.AnalyzerConfigurationInternalAccessAnalysisRule;
+    }
+    interface AnalyzerConfigurationInternalAccessAnalysisRule {
+        /**
+         * List of rules for the internal access analyzer containing criteria to include in analysis. Only resources that meet the rule criteria will generate findings. See `inclusion` Block for details.
+         */
+        inclusions?: outputs.accessanalyzer.AnalyzerConfigurationInternalAccessAnalysisRuleInclusion[];
+    }
+    interface AnalyzerConfigurationInternalAccessAnalysisRuleInclusion {
+        /**
+         * List of AWS account IDs to apply to the internal access analysis rule criteria. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.
+         */
+        accountIds?: string[];
+        /**
+         * List of resource ARNs to apply to the internal access analysis rule criteria. The analyzer will only generate findings for resources that match these ARNs.
+         */
+        resourceArns?: string[];
+        /**
+         * List of resource types to apply to the internal access analysis rule criteria. The analyzer will only generate findings for resources of these types. Refer to [InternalAccessAnalysisRuleCriteria](https://docs.aws.amazon.com/access-analyzer/latest/APIReference/API_InternalAccessAnalysisRuleCriteria.html) in the AWS IAM Access Analyzer API Reference for valid values.
+         */
+        resourceTypes?: string[];
+    }
     interface AnalyzerConfigurationUnusedAccess {
         /**
-         * A block for analysis rules. Documented below
+         * Information about analysis rules for the analyzer. Analysis rules determine which entities will generate findings based on the criteria you define when you create the rule. See `analysisRule` Block for Unused Access Analyzer for details.
          */
         analysisRule?: outputs.accessanalyzer.AnalyzerConfigurationUnusedAccessAnalysisRule;
         /**
-         * The specified access age in days for which to generate findings for unused access.
+         * Specified access age in days for which to generate findings for unused access.
          */
         unusedAccessAge?: number;
     }
     interface AnalyzerConfigurationUnusedAccessAnalysisRule {
         /**
-         * A block for the analyzer rules containing criteria to exclude from analysis. Documented below
+         * List of rules for the analyzer containing criteria to exclude from analysis. Entities that meet the rule criteria will not generate findings. See `exclusion` Block for details.
          */
         exclusions?: outputs.accessanalyzer.AnalyzerConfigurationUnusedAccessAnalysisRuleExclusion[];
     }
     interface AnalyzerConfigurationUnusedAccessAnalysisRuleExclusion {
         /**
-         * A list of account IDs to exclude from the analysis.
+         * List of AWS account IDs to apply to the analysis rule criteria. The accounts cannot include the organization analyzer owner account. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers.
          */
         accountIds?: string[];
         /**
-         * A list of key-value pairs for resource tags to exclude from the analysis.
+         * List of key-value pairs for resource tags to exclude from the analysis.
          */
         resourceTags?: {
             [key: string]: string;
@@ -1225,6 +1255,12 @@ export declare namespace amplify {
          */
         target: string;
     }
+    interface AppJobConfig {
+        /**
+         * Size of the build instance. Valid values: `STANDARD_8GB`, `LARGE_16GB`, and `XLARGE_72GB`. Default: `STANDARD_8GB`.
+         */
+        buildComputeType: string;
+    }
     interface AppProductionBranch {
         /**
          * Branch name for the production branch.
@@ -16159,6 +16195,10 @@ export declare namespace codebuild {
          * the [CodeBuild User Guide](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html).
          */
         computeType: string;
+        /**
+         * Configuration block. Detailed below.
+         */
+        dockerServer?: outputs.codebuild.ProjectEnvironmentDockerServer;
         /**
          * Configuration block. Detailed below.
          */
@@ -16198,6 +16238,16 @@ export declare namespace codebuild {
          */
         type: string;
     }
+    interface ProjectEnvironmentDockerServer {
+        /**
+         * Compute type for the Docker server. Valid values: `BUILD_GENERAL1_SMALL`, `BUILD_GENERAL1_MEDIUM`, `BUILD_GENERAL1_LARGE`, `BUILD_GENERAL1_XLARGE`, and `BUILD_GENERAL1_2XLARGE`.
+         */
+        computeType: string;
+        /**
+         * List of security group IDs to assign to the Docker server.
+         */
+        securityGroupIds?: string[];
+    }
     interface ProjectEnvironmentEnvironmentVariable {
         /**
          * Environment variable's name or key.
@@ -60991,25 +61041,23 @@ export declare namespace lightsail {
          */
         cidrListAliases: string[];
         /**
-         * Set of CIDR blocks.
+         * Set of IPv4 addresses or ranges of IPv4 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.
          */
         cidrs: string[];
         /**
-         * First port in a range of open ports on an instance.
+         * First port in a range of open ports on an instance. See [PortInfo](https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_PortInfo.html) for details.
          */
         fromPort: number;
         /**
-         * Set of IPv6 CIDR blocks.
+         * Set of IPv6 addresses or ranges of IPv6 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.
          */
         ipv6Cidrs: string[];
         /**
-         * IP protocol name. Valid values: `tcp`, `all`, `udp`, `icmp`.
+         * IP protocol name. Valid values: `tcp`, `all`, `udp`, `icmp`, `icmpv6`. See [PortInfo](https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_PortInfo.html) for details.
          */
         protocol: string;
         /**
-         * Last port in a range of open ports on an instance.
-         *
-         * The following arguments are optional:
+         * Last port in a range of open ports on an instance. See [PortInfo](https://docs.aws.amazon.com/lightsail/2016-11-28/api-reference/API_PortInfo.html) for details.
          */
         toPort: number;
     }
@@ -65409,6 +65457,12 @@ export declare namespace networkfirewall {
         tcpIdleTimeoutSeconds?: number;
     }
     interface FirewallPolicyFirewallPolicyStatefulRuleGroupReference {
+        /**
+         * Whether to enable deep threat inspection, which allows AWS to analyze service logs of network traffic processed by these rule groups to identify threat indicators across customers. AWS will use these threat indicators to improve the active threat defense managed rule groups and protect the security of AWS customers and services. This only applies to active threat defense maanaged rule groups.
+         *
+         * For details, refer to [AWS active threat defense for AWS Network Firewall](https://docs.aws.amazon.com/network-firewall/latest/developerguide/aws-managed-rule-groups-atd.html) in the AWS Network Firewall Developer Guide.
+         */
+        deepThreatInspection: string;
         /**
          * Configuration block for override values
          */
@@ -65574,6 +65628,7 @@ export declare namespace networkfirewall {
         streamExceptionPolicy: string;
     }
     interface GetFirewallPolicyFirewallPolicyStatefulRuleGroupReference {
+        deepThreatInspection: string;
         overrides?: outputs.networkfirewall.GetFirewallPolicyFirewallPolicyStatefulRuleGroupReferenceOverride[];
         priority: number;
         resourceArn: string;
@@ -75618,6 +75673,41 @@ export declare namespace s3tables {
          */
         minSnapshotsToKeep: number;
     }
+    interface TableMetadata {
+        /**
+         * Contains details about the metadata for an Iceberg table. This block defines the schema structure for the Apache Iceberg table format.
+         * See `iceberg` below.
+         */
+        iceberg: outputs.s3tables.TableMetadataIceberg;
+    }
+    interface TableMetadataIceberg {
+        /**
+         * Schema configuration for the Iceberg table.
+         * See `schema` below.
+         */
+        schema: outputs.s3tables.TableMetadataIcebergSchema;
+    }
+    interface TableMetadataIcebergSchema {
+        /**
+         * List of schema fields for the Iceberg table. Each field defines a column in the table schema.
+         * See `field` below.
+         */
+        fields?: outputs.s3tables.TableMetadataIcebergSchemaField[];
+    }
+    interface TableMetadataIcebergSchemaField {
+        /**
+         * The name of the field.
+         */
+        name: string;
+        /**
+         * A Boolean value that specifies whether values are required for each row in this field. Defaults to `false`.
+         */
+        required: boolean;
+        /**
+         * The field type. S3 Tables supports all Apache Iceberg primitive types including: `boolean`, `int`, `long`, `float`, `double`, `decimal(precision,scale)`, `date`, `time`, `timestamp`, `timestamptz`, `string`, `uuid`, `fixed(length)`, `binary`.
+         */
+        type: string;
+    }
 }
 export declare namespace sagemaker {
     interface AppImageConfigCodeEditorAppImageConfig {
@@ -90224,6 +90314,10 @@ export declare namespace wafv2 {
          * Additional configuration for using the Account Creation Fraud Prevention managed rule group. Use this to specify information such as the registration page of your application and the type of content to accept or reject from the client.
          */
         awsManagedRulesAcfpRuleSet?: outputs.wafv2.WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAcfpRuleSet;
+        /**
+         * Configuration for using the anti-DDoS managed rule group. See `awsManagedRulesAntiDdosRuleSet` for more details.
+         */
+        awsManagedRulesAntiDdosRuleSet?: outputs.wafv2.WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAntiDdosRuleSet;
         /**
          * Additional configuration for using the Account Takeover Protection managed rule group. Use this to specify information such as the sign-in page of your application and the type of content to accept or reject from the client.
          */
@@ -90393,6 +90487,36 @@ export declare namespace wafv2 {
          */
         successCodes: number[];
     }
+    interface WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAntiDdosRuleSet {
+        /**
+         * Configuration for the request handling that's applied by the managed rule group rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` during a distributed denial of service (DDoS) attack. See `clientSideActionConfig` for more details.
+         */
+        clientSideActionConfig: outputs.wafv2.WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAntiDdosRuleSetClientSideActionConfig;
+        /**
+         * Sensitivity that the rule group rule DDoSRequests uses when matching against the DDoS suspicion labeling on a request. Valid values are `LOW` (Default), `MEDIUM`, and `HIGH`.
+         */
+        sensitivityToBlock?: string;
+    }
+    interface WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAntiDdosRuleSetClientSideActionConfig {
+        /**
+         * Configuration for the use of the `AWSManagedRulesAntiDDoSRuleSet` rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests`.
+         */
+        challenge: outputs.wafv2.WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAntiDdosRuleSetClientSideActionConfigChallenge;
+    }
+    interface WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAntiDdosRuleSetClientSideActionConfigChallenge {
+        exemptUriRegularExpressions?: outputs.wafv2.WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAntiDdosRuleSetClientSideActionConfigChallengeExemptUriRegularExpression[];
+        /**
+         * Sensitivity that the rule group rule ChallengeDDoSRequests uses when matching against the DDoS suspicion labeling on a request. Valid values are `LOW`, `MEDIUM` and `HIGH` (Default).
+         */
+        sensitivity?: string;
+        /**
+         * Configuration whether to use the `AWSManagedRulesAntiDDoSRuleSet` rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` in the rule group evaluation. Valid values are `ENABLED` and `DISABLED`.
+         */
+        usageOfAction: string;
+    }
+    interface WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAntiDdosRuleSetClientSideActionConfigChallengeExemptUriRegularExpression {
+        regexString?: string;
+    }
     interface WebAclRuleStatementManagedRuleGroupStatementManagedRuleGroupConfigAwsManagedRulesAtpRuleSet {
         /**
          * Whether or not to allow the use of regular expressions in the login page path.
@@ -90542,9 +90666,6 @@ export declare namespace wafv2 {
          * Instructs AWS WAF to run a Captcha check against the web request. See `captcha` below for details.
          */
         captcha?: outputs.wafv2.WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCaptcha;
-        /**
-         * Instructs AWS WAF to run a check against the request to verify that the request is coming from a legitimate client session. See `challenge` below for details.
-         */
         challenge?: outputs.wafv2.WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseChallenge;
         count?: outputs.wafv2.WebAclRuleStatementManagedRuleGroupStatementRuleActionOverrideActionToUseCount;
     }
@@ -94187,9 +94308,6 @@ export declare namespace wafv2 {
          * Instructs AWS WAF to run a Captcha check against the web request. See `captcha` below for details.
          */
         captcha?: outputs.wafv2.WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCaptcha;
-        /**
-         * Instructs AWS WAF to run a check against the request to verify that the request is coming from a legitimate client session. See `challenge` below for details.
-         */
         challenge?: outputs.wafv2.WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseChallenge;
         count?: outputs.wafv2.WebAclRuleStatementRuleGroupReferenceStatementRuleActionOverrideActionToUseCount;
     }

package/types/output.js.map

@@ -1 +1 @@
-{"version":3,"file":"output.js","sourceRoot":"","sources":["../../types/output.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AA4j2BjF,IAAiB,GAAG,CA0rMnB;AA1rMD,WAAiB,GAAG;IAowKhB;;OAEG;IACH,SAAgB,kCAAkC,CAAC,GAAwB;;QACvE,uCACO,GAAG,KACN,WAAW,EAAE,MAAA,CAAC,GAAG,CAAC,WAAW,CAAC,mCAAI,EAAE,IACtC;IACN,CAAC;IALe,sCAAkC,qCAKjD,CAAA;IA4CD;;OAEG;IACH,SAAgB,mCAAmC,CAAC,GAAyB;;QACzE,uCACO,GAAG,KACN,WAAW,EAAE,MAAA,CAAC,GAAG,CAAC,WAAW,CAAC,mCAAI,EAAE,IACtC;IACN,CAAC;IALe,uCAAmC,sCAKlD,CAAA;AA03BL,CAAC,EA1rMgB,GAAG,GAAH,WAAG,KAAH,WAAG,QA0rMnB;AAy6xCD,IAAiB,GAAG,CA4cnB;AA5cD,WAAiB,GAAG;IA4XhB;;OAEG;IACH,SAAgB,sCAAsC,CAAC,GAA4B;;QAC/E,uCACO,GAAG,KACN,WAAW,EAAE,MAAA,CAAC,GAAG,CAAC,WAAW,CAAC,mCAAI,WAAW,IAC/C;IACN,CAAC;IALe,0CAAsC,yCAKrD,CAAA;AAwEL,CAAC,EA5cgB,GAAG,GAAH,WAAG,KAAH,WAAG,QA4cnB"}
+{"version":3,"file":"output.js","sourceRoot":"","sources":["../../types/output.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAmn2BjF,IAAiB,GAAG,CA0rMnB;AA1rMD,WAAiB,GAAG;IAowKhB;;OAEG;IACH,SAAgB,kCAAkC,CAAC,GAAwB;;QACvE,uCACO,GAAG,KACN,WAAW,EAAE,MAAA,CAAC,GAAG,CAAC,WAAW,CAAC,mCAAI,EAAE,IACtC;IACN,CAAC;IALe,sCAAkC,qCAKjD,CAAA;IA4CD;;OAEG;IACH,SAAgB,mCAAmC,CAAC,GAAyB;;QACzE,uCACO,GAAG,KACN,WAAW,EAAE,MAAA,CAAC,GAAG,CAAC,WAAW,CAAC,mCAAI,EAAE,IACtC;IACN,CAAC;IALe,uCAAmC,sCAKlD,CAAA;AA03BL,CAAC,EA1rMgB,GAAG,GAAH,WAAG,KAAH,WAAG,QA0rMnB;AA86xCD,IAAiB,GAAG,CA4cnB;AA5cD,WAAiB,GAAG;IA4XhB;;OAEG;IACH,SAAgB,sCAAsC,CAAC,GAA4B;;QAC/E,uCACO,GAAG,KACN,WAAW,EAAE,MAAA,CAAC,GAAG,CAAC,WAAW,CAAC,mCAAI,WAAW,IAC/C;IACN,CAAC;IALe,0CAAsC,yCAKrD,CAAA;AAwEL,CAAC,EA5cgB,GAAG,GAAH,WAAG,KAAH,WAAG,QA4cnB"}