@pulumi/aws 7.5.0-alpha.1755544038 → 7.5.0

package/types/output.d.ts

@@ -7122,6 +7122,194 @@ export declare namespace appstream {
     }
 }
 export declare namespace appsync {
+    interface ApiEventConfig {
+        /**
+         * List of authentication providers. See Auth Providers below.
+         */
+        authProviders?: outputs.appsync.ApiEventConfigAuthProvider[];
+        /**
+         * List of authentication modes for connections. See Auth Modes below.
+         */
+        connectionAuthModes?: outputs.appsync.ApiEventConfigConnectionAuthMode[];
+        /**
+         * List of default authentication modes for publishing. See Auth Modes below.
+         */
+        defaultPublishAuthModes?: outputs.appsync.ApiEventConfigDefaultPublishAuthMode[];
+        /**
+         * List of default authentication modes for subscribing. See Auth Modes below.
+         */
+        defaultSubscribeAuthModes?: outputs.appsync.ApiEventConfigDefaultSubscribeAuthMode[];
+        /**
+         * Logging configuration. See Log Config below.
+         */
+        logConfig?: outputs.appsync.ApiEventConfigLogConfig;
+    }
+    interface ApiEventConfigAuthProvider {
+        /**
+         * Type of authentication provider. Valid values: `AMAZON_COGNITO_USER_POOLS`, `AWS_LAMBDA`, `OPENID_CONNECT`, `API_KEY`.
+         */
+        authType: string;
+        /**
+         * Configuration for Cognito user pool authentication. Required when `authType` is `AMAZON_COGNITO_USER_POOLS`. See Cognito Config below.
+         */
+        cognitoConfig?: outputs.appsync.ApiEventConfigAuthProviderCognitoConfig;
+        /**
+         * Configuration for Lambda authorization. Required when `authType` is `AWS_LAMBDA`. See Lambda Authorizer Config below.
+         */
+        lambdaAuthorizerConfig?: outputs.appsync.ApiEventConfigAuthProviderLambdaAuthorizerConfig;
+        /**
+         * Configuration for OpenID Connect. Required when `authType` is `OPENID_CONNECT`. See OpenID Connect Config below.
+         */
+        openidConnectConfig?: outputs.appsync.ApiEventConfigAuthProviderOpenidConnectConfig;
+    }
+    interface ApiEventConfigAuthProviderCognitoConfig {
+        /**
+         * Regular expression for matching the client ID.
+         */
+        appIdClientRegex?: string;
+        /**
+         * AWS region where the user pool is located.
+         */
+        awsRegion: string;
+        /**
+         * ID of the Cognito user pool.
+         */
+        userPoolId: string;
+    }
+    interface ApiEventConfigAuthProviderLambdaAuthorizerConfig {
+        /**
+         * TTL in seconds for the authorization result cache.
+         */
+        authorizerResultTtlInSeconds: number;
+        /**
+         * URI of the Lambda function for authorization.
+         */
+        authorizerUri: string;
+        /**
+         * Regular expression for identity validation.
+         */
+        identityValidationExpression?: string;
+    }
+    interface ApiEventConfigAuthProviderOpenidConnectConfig {
+        /**
+         * TTL in seconds for the authentication token.
+         */
+        authTtl: number;
+        /**
+         * Client ID for the OpenID Connect provider.
+         */
+        clientId?: string;
+        /**
+         * TTL in seconds for the issued at time.
+         */
+        iatTtl: number;
+        /**
+         * Issuer URL for the OpenID Connect provider.
+         */
+        issuer: string;
+    }
+    interface ApiEventConfigConnectionAuthMode {
+        /**
+         * Type of authentication. Valid values: `API_KEY`, `AWS_IAM`, `AMAZON_COGNITO_USER_POOLS`, `OPENID_CONNECT`, `AWS_LAMBDA`.
+         */
+        authType: string;
+    }
+    interface ApiEventConfigDefaultPublishAuthMode {
+        /**
+         * Type of authentication. Valid values: `API_KEY`, `AWS_IAM`, `AMAZON_COGNITO_USER_POOLS`, `OPENID_CONNECT`, `AWS_LAMBDA`.
+         */
+        authType: string;
+    }
+    interface ApiEventConfigDefaultSubscribeAuthMode {
+        /**
+         * Type of authentication. Valid values: `API_KEY`, `AWS_IAM`, `AMAZON_COGNITO_USER_POOLS`, `OPENID_CONNECT`, `AWS_LAMBDA`.
+         */
+        authType: string;
+    }
+    interface ApiEventConfigLogConfig {
+        /**
+         * ARN of the IAM role for CloudWatch logs.
+         */
+        cloudwatchLogsRoleArn: string;
+        /**
+         * Log level. Valid values: `NONE`, `ERROR`, `ALL`, `INFO`, `DEBUG`.
+         */
+        logLevel: string;
+    }
+    interface ChannelNamespaceHandlerConfigs {
+        /**
+         * Handler configuration. See Handler Config below.
+         */
+        onPublish?: outputs.appsync.ChannelNamespaceHandlerConfigsOnPublish;
+        /**
+         * Handler configuration. See Handler Config below.
+         */
+        onSubscribe?: outputs.appsync.ChannelNamespaceHandlerConfigsOnSubscribe;
+    }
+    interface ChannelNamespaceHandlerConfigsOnPublish {
+        /**
+         * Behavior for the handler. Valid values: `CODE`, `DIRECT`.
+         */
+        behavior: string;
+        /**
+         * Integration data source configuration for the handler. See Integration below.
+         */
+        integration?: outputs.appsync.ChannelNamespaceHandlerConfigsOnPublishIntegration;
+    }
+    interface ChannelNamespaceHandlerConfigsOnPublishIntegration {
+        /**
+         * Unique name of the data source that has been configured on the API.
+         */
+        dataSourceName: string;
+        /**
+         * Configuration for a Lambda data source. See Lambda Config below.
+         */
+        lambdaConfig?: outputs.appsync.ChannelNamespaceHandlerConfigsOnPublishIntegrationLambdaConfig;
+    }
+    interface ChannelNamespaceHandlerConfigsOnPublishIntegrationLambdaConfig {
+        /**
+         * Invocation type for a Lambda data source. Valid values: `REQUEST_RESPONSE`, `EVENT`.
+         */
+        invokeType?: string;
+    }
+    interface ChannelNamespaceHandlerConfigsOnSubscribe {
+        /**
+         * Behavior for the handler. Valid values: `CODE`, `DIRECT`.
+         */
+        behavior: string;
+        /**
+         * Integration data source configuration for the handler. See Integration below.
+         */
+        integration?: outputs.appsync.ChannelNamespaceHandlerConfigsOnSubscribeIntegration;
+    }
+    interface ChannelNamespaceHandlerConfigsOnSubscribeIntegration {
+        /**
+         * Unique name of the data source that has been configured on the API.
+         */
+        dataSourceName: string;
+        /**
+         * Configuration for a Lambda data source. See Lambda Config below.
+         */
+        lambdaConfig?: outputs.appsync.ChannelNamespaceHandlerConfigsOnSubscribeIntegrationLambdaConfig;
+    }
+    interface ChannelNamespaceHandlerConfigsOnSubscribeIntegrationLambdaConfig {
+        /**
+         * Invocation type for a Lambda data source. Valid values: `REQUEST_RESPONSE`, `EVENT`.
+         */
+        invokeType?: string;
+    }
+    interface ChannelNamespacePublishAuthMode {
+        /**
+         * Type of authentication. Valid values: `API_KEY`, `AWS_IAM`, `AMAZON_COGNITO_USER_POOLS`, `OPENID_CONNECT`, `AWS_LAMBDA`.
+         */
+        authType: string;
+    }
+    interface ChannelNamespaceSubscribeAuthMode {
+        /**
+         * Type of authentication. Valid values: `API_KEY`, `AWS_IAM`, `AMAZON_COGNITO_USER_POOLS`, `OPENID_CONNECT`, `AWS_LAMBDA`.
+         */
+        authType: string;
+    }
     interface DataSourceDynamodbConfig {
         /**
          * The DeltaSyncConfig for a versioned data source. See `deltaSyncConfig` Block for details.
@@ -18881,7 +19069,7 @@ export declare namespace cognito {
         /**
          * The notify configuration used to construct email notifications. See details below.
          */
-        notifyConfiguration: outputs.cognito.RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfiguration;
+        notifyConfiguration?: outputs.cognito.RiskConfigurationAccountTakeoverRiskConfigurationNotifyConfiguration;
     }
     interface RiskConfigurationAccountTakeoverRiskConfigurationActions {
         /**
@@ -26361,6 +26549,10 @@ export declare namespace dynamodb {
          * Whether this global table will be using `STRONG` consistency mode or `EVENTUAL` consistency mode. Default value is `EVENTUAL`.
          */
         consistencyMode?: string;
+        /**
+         * Whether deletion protection is enabled (true) or disabled (false) on the replica. Default is `false`.
+         */
+        deletionProtectionEnabled: boolean;
         /**
          * ARN of the CMK that should be used for the AWS KMS encryption.
          * This argument should only be used if the key is different from the default KMS-managed DynamoDB key, `alias/aws/dynamodb`.
@@ -65496,7 +65688,7 @@ export declare namespace mq {
 export declare namespace msk {
     interface ClusterBrokerNodeGroupInfo {
         /**
-         * The distribution of broker nodes across availability zones ([documentation](https://docs.aws.amazon.com/msk/1.0/apireference/clusters.html#clusters-model-brokerazdistribution)). Currently the only valid value is `DEFAULT`.
+         * The distribution of broker nodes across availability zones ([documentation](https://docs.aws.amazon.com/msk/1.0/apireference/clusters.html#clusters-model-brokerazdistribution)). Currently, the only valid value is `DEFAULT`.
          */
         azDistribution?: string;
         /**
@@ -65504,7 +65696,7 @@ export declare namespace msk {
          */
         clientSubnets: string[];
         /**
-         * Information about the cluster access configuration. See below. For security reasons, you can't turn on public access while creating an MSK cluster. However, you can update an existing cluster to make it publicly accessible. You can also create a new cluster and then update it to make it publicly accessible ([documentation](https://docs.aws.amazon.com/msk/latest/developerguide/public-access.html)).
+         * Information about the cluster access configuration. See brokerNodeGroupInfo connectivity_info Argument Reference below. For security reasons, you can't turn on public access while creating an MSK cluster. However, you can update an existing cluster to make it publicly accessible. You can also create a new cluster and then update it to make it publicly accessible ([documentation](https://docs.aws.amazon.com/msk/latest/developerguide/public-access.html)).
          */
         connectivityInfo: outputs.msk.ClusterBrokerNodeGroupInfoConnectivityInfo;
         /**
@@ -65516,17 +65708,17 @@ export declare namespace msk {
          */
         securityGroups: string[];
         /**
-         * A block that contains information about storage volumes attached to MSK broker nodes. See below.
+         * A block that contains information about storage volumes attached to MSK broker nodes. See brokerNodeGroupInfo storage_info Argument Reference below.
          */
         storageInfo: outputs.msk.ClusterBrokerNodeGroupInfoStorageInfo;
     }
     interface ClusterBrokerNodeGroupInfoConnectivityInfo {
         /**
-         * Access control settings for brokers. See below.
+         * Access control settings for brokers. See connectivityInfo public_access Argument Reference below.
          */
         publicAccess: outputs.msk.ClusterBrokerNodeGroupInfoConnectivityInfoPublicAccess;
         /**
-         * VPC connectivity access control for brokers. See below.
+         * VPC connectivity access control for brokers. See connectivityInfo vpc_connectivity Argument Reference below.
          */
         vpcConnectivity: outputs.msk.ClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivity;
     }
@@ -65538,17 +65730,17 @@ export declare namespace msk {
     }
     interface ClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivity {
         /**
-         * Configuration block for specifying a client authentication. See below.
+         * Configuration block for specifying a client authentication. See clientAuthentication Argument Reference below.
          */
         clientAuthentication: outputs.msk.ClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivityClientAuthentication;
     }
     interface ClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivityClientAuthentication {
         /**
-         * Configuration block for specifying SASL client authentication. See below.
+         * Configuration block for specifying SASL client authentication. See clientAuthentication sasl Argument Reference below.
          */
         sasl: outputs.msk.ClusterBrokerNodeGroupInfoConnectivityInfoVpcConnectivityClientAuthenticationSasl;
         /**
-         * Configuration block for specifying TLS client authentication. See below.
+         * Configuration block for specifying TLS client authentication. See clientAuthentication tls Argument Reference below.
          */
         tls: boolean;
     }
@@ -65558,13 +65750,13 @@ export declare namespace msk {
     }
     interface ClusterBrokerNodeGroupInfoStorageInfo {
         /**
-         * A block that contains EBS volume information. See below.
+         * A block that contains EBS volume information. See storageInfo ebs_storage_info Argument Reference below.
          */
         ebsStorageInfo?: outputs.msk.ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfo;
     }
     interface ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfo {
         /**
-         * A block that contains EBS volume provisioned throughput information. To provision storage throughput, you must choose broker type kafka.m5.4xlarge or larger. See below.
+         * A block that contains EBS volume provisioned throughput information. To provision storage throughput, you must choose broker type kafka.m5.4xlarge or larger. See ebsStorageInfo provisioned_throughput Argument Reference below.
          */
         provisionedThroughput?: outputs.msk.ClusterBrokerNodeGroupInfoStorageInfoEbsStorageInfoProvisionedThroughput;
         /**
@@ -65581,11 +65773,11 @@ export declare namespace msk {
     }
     interface ClusterClientAuthentication {
         /**
-         * Configuration block for specifying SASL client authentication. See below.
+         * Configuration block for specifying SASL client authentication. See clientAuthentication sasl Argument Reference below.
          */
         sasl?: outputs.msk.ClusterClientAuthenticationSasl;
         /**
-         * Configuration block for specifying TLS client authentication. See below.
+         * Configuration block for specifying TLS client authentication. See clientAuthentication tls Argument Reference below.
          */
         tls?: outputs.msk.ClusterClientAuthenticationTls;
         /**
@@ -65619,7 +65811,7 @@ export declare namespace msk {
          */
         encryptionAtRestKmsKeyArn: string;
         /**
-         * Configuration block to specify encryption in transit. See below.
+         * Configuration block to specify encryption in transit. See encryptionInfo encryption_in_transit Argument Reference below.
          */
         encryptionInTransit?: outputs.msk.ClusterEncryptionInfoEncryptionInTransit;
     }
@@ -65635,13 +65827,22 @@ export declare namespace msk {
     }
     interface ClusterLoggingInfo {
         /**
-         * Configuration block for Broker Logs settings for logging info. See below.
+         * Configuration block for Broker Logs settings for logging info. See loggingInfo broker_logs Argument Reference below.
          */
         brokerLogs: outputs.msk.ClusterLoggingInfoBrokerLogs;
     }
     interface ClusterLoggingInfoBrokerLogs {
+        /**
+         * Configuration block for Cloudwatch Logs settings. See loggingInfo broker_logs cloudwatchLogs Argument Reference below.
+         */
         cloudwatchLogs?: outputs.msk.ClusterLoggingInfoBrokerLogsCloudwatchLogs;
+        /**
+         * Configuration block for Kinesis Data Firehose settings. See loggingInfo broker_logs firehose Argument Reference below.
+         */
         firehose?: outputs.msk.ClusterLoggingInfoBrokerLogsFirehose;
+        /**
+         * Configuration block for S3 settings. See loggingInfo broker_logs s3 Argument Reference below.
+         */
         s3?: outputs.msk.ClusterLoggingInfoBrokerLogsS3;
     }
     interface ClusterLoggingInfoBrokerLogsCloudwatchLogs {
@@ -65671,17 +65872,17 @@ export declare namespace msk {
     }
     interface ClusterOpenMonitoring {
         /**
-         * Configuration block for Prometheus settings for open monitoring. See below.
+         * Configuration block for Prometheus settings for open monitoring. See openMonitoring prometheus Argument Reference below.
          */
         prometheus: outputs.msk.ClusterOpenMonitoringPrometheus;
     }
     interface ClusterOpenMonitoringPrometheus {
         /**
-         * Configuration block for JMX Exporter. See below.
+         * Configuration block for JMX Exporter. See openMonitoring prometheus jmxExporter Argument Reference below.
          */
         jmxExporter?: outputs.msk.ClusterOpenMonitoringPrometheusJmxExporter;
         /**
-         * Configuration block for Node Exporter. See below.
+         * Configuration block for Node Exporter. See openMonitoring prometheus nodeExporter Argument Reference below.
          */
         nodeExporter?: outputs.msk.ClusterOpenMonitoringPrometheusNodeExporter;
     }
@@ -66623,9 +66824,13 @@ export declare namespace networkfirewall {
         definitions: string[];
     }
     interface GetFirewallPolicyFirewallPolicyStatefulEngineOption {
+        flowTimeouts: outputs.networkfirewall.GetFirewallPolicyFirewallPolicyStatefulEngineOptionFlowTimeout[];
         ruleOrder: string;
         streamExceptionPolicy: string;
     }
+    interface GetFirewallPolicyFirewallPolicyStatefulEngineOptionFlowTimeout {
+        tcpIdleTimeoutSeconds: number;
+    }
     interface GetFirewallPolicyFirewallPolicyStatefulRuleGroupReference {
         deepThreatInspection: string;
         overrides?: outputs.networkfirewall.GetFirewallPolicyFirewallPolicyStatefulRuleGroupReferenceOverride[];

package/types/output.js.map

@@ -1 +1 @@
-{"version":3,"file":"output.js","sourceRoot":"","sources":["../../types/output.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAy82EjF,IAAiB,GAAG,CA4cnB;AA5cD,WAAiB,GAAG;IA4XhB;;OAEG;IACH,SAAgB,sCAAsC,CAAC,GAA4B;;QAC/E,uCACO,GAAG,KACN,WAAW,EAAE,MAAA,CAAC,GAAG,CAAC,WAAW,CAAC,mCAAI,WAAW,IAC/C;IACN,CAAC;IALe,0CAAsC,yCAKrD,CAAA;AAwEL,CAAC,EA5cgB,GAAG,GAAH,WAAG,KAAH,WAAG,QA4cnB"}
+{"version":3,"file":"output.js","sourceRoot":"","sources":["../../types/output.ts"],"names":[],"mappings":";AAAA,sEAAsE;AACtE,iFAAiF;;;AAyq3EjF,IAAiB,GAAG,CA4cnB;AA5cD,WAAiB,GAAG;IA4XhB;;OAEG;IACH,SAAgB,sCAAsC,CAAC,GAA4B;;QAC/E,uCACO,GAAG,KACN,WAAW,EAAE,MAAA,CAAC,GAAG,CAAC,WAAW,CAAC,mCAAI,WAAW,IAC/C;IACN,CAAC;IALe,0CAAsC,yCAKrD,CAAA;AAwEL,CAAC,EA5cgB,GAAG,GAAH,WAAG,KAAH,WAAG,QA4cnB"}