cdk-comprehend-s3olap 2.0.70 → 2.0.71

package/node_modules/aws-sdk/apis/rds-2014-10-31.min.json

@@ -436,6 +436,7 @@
           "ServerlessV2ScalingConfiguration": {
             "shape": "S2a"
           },
+          "NetworkType": {},
           "SourceRegion": {}
         }
       },
@@ -3016,7 +3017,8 @@
           },
           "ServerlessV2ScalingConfiguration": {
             "shape": "S2a"
-          }
+          },
+          "NetworkType": {}
         }
       },
       "output": {
@@ -3858,7 +3860,8 @@
           "DomainIAMRoleName": {},
           "ServerlessV2ScalingConfiguration": {
             "shape": "S2a"
-          }
+          },
+          "NetworkType": {}
         }
       },
       "output": {
@@ -3932,7 +3935,8 @@
           },
           "ServerlessV2ScalingConfiguration": {
             "shape": "S2a"
-          }
+          },
+          "NetworkType": {}
         }
       },
       "output": {
@@ -4006,7 +4010,8 @@
           },
           "ServerlessV2ScalingConfiguration": {
             "shape": "S2a"
-          }
+          },
+          "NetworkType": {}
         }
       },
       "output": {
@@ -5306,7 +5311,8 @@
               "type": "double"
             }
           }
-        }
+        },
+        "NetworkType": {}
       },
       "wrapper": true
     },

package/node_modules/aws-sdk/clients/appmesh.d.ts

@@ -345,7 +345,7 @@ declare namespace AppMesh {
      */
     attributes?: AwsCloudMapInstanceAttributes;
     /**
-     * The IP version to use to control traffic within the mesh.
+     * The preferred IP version that this virtual node uses. Setting the IP preference on the virtual node only overrides the IP preference set for the mesh on this specific node.
      */
     ipPreference?: IpPreference;
     /**
@@ -922,7 +922,7 @@ declare namespace AppMesh {
      */
     hostname: Hostname;
     /**
-     * The IP version to use to control traffic within the mesh.
+     * The preferred IP version that this virtual node uses. Setting the IP preference on the virtual node only overrides the IP preference set for the mesh on this specific node.
      */
     ipPreference?: IpPreference;
     /**
@@ -951,6 +951,10 @@ declare namespace AppMesh {
   export type EgressFilterType = "ALLOW_ALL"|"DROP_ALL"|string;
   export type ExactHostName = string;
   export interface FileAccessLog {
+    /**
+     * The specified format for the logs. The format is either json_format or text_format.
+     */
+    format?: LoggingFormat;
     /**
      * The file path to write access logs to. You can use /dev/stdout to send access logs to standard out and configure your Envoy container to use a log driver, such as awslogs, to export the access logs to a log storage service such as Amazon CloudWatch Logs. You can also specify a path in the Envoy container's file system to write the files to disk.  <note> <p>The Envoy process must have write permissions to the path that you specify here. Otherwise, Envoy fails to bootstrap properly.</p> </note> 
      */
@@ -1062,6 +1066,10 @@ declare namespace AppMesh {
   }
   export type GatewayRouteStatusCode = "ACTIVE"|"INACTIVE"|"DELETED"|string;
   export interface GatewayRouteTarget {
+    /**
+     * The port number of the gateway route target.
+     */
+    port?: ListenerPort;
     /**
      * An object that represents a virtual service gateway route target.
      */
@@ -1102,6 +1110,10 @@ declare namespace AppMesh {
      * The gateway route metadata to be matched on.
      */
     metadata?: GrpcGatewayRouteMetadataList;
+    /**
+     * The port number to match from the request.
+     */
+    port?: ListenerPort;
     /**
      * The fully qualified domain name for the service to match from the request.
      */
@@ -1204,6 +1216,10 @@ declare namespace AppMesh {
      * The method name to match from the request. If you specify a name, you must also specify a serviceName.
      */
     methodName?: MethodName;
+    /**
+     * The port number to match on.
+     */
+    port?: ListenerPort;
     /**
      * The fully qualified domain name for the service to match from the request.
      */
@@ -1366,6 +1382,10 @@ declare namespace AppMesh {
      * The path to match on.
      */
     path?: HttpPathMatch;
+    /**
+     * The port number to match on.
+     */
+    port?: ListenerPort;
     /**
      * Specifies the path to match requests with. This parameter must always start with /, which by itself matches all requests to the virtual service name. You can also match for path-based routing of requests. For example, if your virtual service name is my-service.local and you want the route to match requests to my-service.local/metrics, your prefix should be /metrics.
      */
@@ -1502,6 +1522,10 @@ declare namespace AppMesh {
      * The client request path to match on.
      */
     path?: HttpPathMatch;
+    /**
+     * The port number to match on.
+     */
+    port?: ListenerPort;
     /**
      * Specifies the path to match requests with. This parameter must always start with /, which by itself matches all requests to the virtual service name. You can also match for path-based routing of requests. For example, if your virtual service name is my-service.local and you want the route to match requests to my-service.local/metrics, your prefix should be /metrics.
      */
@@ -1527,6 +1551,19 @@ declare namespace AppMesh {
     perRequest?: Duration;
   }
   export type IpPreference = "IPv6_PREFERRED"|"IPv4_PREFERRED"|"IPv4_ONLY"|"IPv6_ONLY"|string;
+  export type JsonFormat = JsonFormatRef[];
+  export interface JsonFormatRef {
+    /**
+     * The specified key for the JSON.
+     */
+    key: JsonKey;
+    /**
+     * The specified value for the JSON.
+     */
+    value: JsonValue;
+  }
+  export type JsonKey = string;
+  export type JsonValue = string;
   export interface ListGatewayRoutesInput {
     /**
      * The maximum number of results returned by ListGatewayRoutes in paginated output. When you use this parameter, ListGatewayRoutes returns only limit results in a single page along with a nextToken response element. You can see the remaining results of the initial request by sending another ListGatewayRoutes request with the returned nextToken value. This value can be between 1 and 100. If you don't use this parameter, ListGatewayRoutes returns up to 100 results and a nextToken value if applicable.
@@ -1780,6 +1817,7 @@ declare namespace AppMesh {
      */
     tls?: ListenerTls;
   }
+  export type ListenerPort = number;
   export interface ListenerTimeout {
     /**
      * An object that represents types of timeouts. 
@@ -1876,6 +1914,16 @@ declare namespace AppMesh {
      */
     accessLog?: AccessLog;
   }
+  export interface LoggingFormat {
+    /**
+     * 
+     */
+    json?: JsonFormat;
+    /**
+     * 
+     */
+    text?: TextFormat;
+  }
   export type Long = number;
   export interface MatchRange {
     /**
@@ -2190,6 +2238,10 @@ declare namespace AppMesh {
      * The action to take if a match is determined.
      */
     action: TcpRouteAction;
+    /**
+     * An object that represents the criteria for determining a request match.
+     */
+    match?: TcpRouteMatch;
     /**
      * An object that represents types of timeouts. 
      */
@@ -2201,16 +2253,23 @@ declare namespace AppMesh {
      */
     weightedTargets: WeightedTargets;
   }
+  export interface TcpRouteMatch {
+    /**
+     * The port number to match on.
+     */
+    port?: ListenerPort;
+  }
   export interface TcpTimeout {
     /**
      * An object that represents an idle timeout. An idle timeout bounds the amount of time that a connection may be idle. The default value is none.
      */
     idle?: Duration;
   }
+  export type TextFormat = string;
   export type Timestamp = Date;
   export interface TlsValidationContext {
     /**
-     * A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context.
+     * A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context. If you don't specify SANs on the terminating mesh endpoint, the Envoy proxy for that node doesn't verify the SAN on a peer client certificate. If you don't specify SANs on the originating mesh endpoint, the SAN on the certificate provided by the terminating endpoint must match the mesh endpoint service discovery configuration. Since SPIRE vended certificates have a SPIFFE ID as a name, you must set the SAN since the name doesn't match the service discovery name.
      */
     subjectAlternativeNames?: SubjectAlternativeNames;
     /**
@@ -2536,6 +2595,10 @@ declare namespace AppMesh {
     virtualGatewayName: ResourceName;
   }
   export interface VirtualGatewayFileAccessLog {
+    /**
+     * The specified format for the virtual gateway access logs. It can be either json_format or text_format.
+     */
+    format?: LoggingFormat;
     /**
      * The file path to write access logs to. You can use /dev/stdout to send access logs to standard out and configure your Envoy container to use a log driver, such as awslogs, to export the access logs to a log storage service such as Amazon CloudWatch Logs. You can also specify a path in the Envoy container's file system to write the files to disk.
      */
@@ -3105,6 +3168,10 @@ declare namespace AppMesh {
   }
   export type VirtualServiceStatusCode = "ACTIVE"|"INACTIVE"|"DELETED"|string;
   export interface WeightedTarget {
+    /**
+     * The targeted port of the weighted object.
+     */
+    port?: ListenerPort;
     /**
      * The virtual node to associate with the weighted target.
      */

package/node_modules/aws-sdk/clients/kendra.d.ts

@@ -504,7 +504,7 @@ declare namespace Kendra {
   export type AccessControlConfigurationSummaryList = AccessControlConfigurationSummary[];
   export interface AccessControlListConfiguration {
     /**
-     * Path to the Amazon Web Services S3 bucket that contains the ACL files.
+     * Path to the Amazon S3 bucket that contains the ACL files.
      */
     KeyPath?: S3ObjectKey;
   }
@@ -1003,6 +1003,10 @@ declare namespace Kendra {
      * A list of regular expression patterns to exclude certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are excluded from the index. Content that doesn't match the patterns is included in the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index.
      */
     ExclusionPatterns?: DataSourceInclusionsExclusionsStrings;
+    /**
+     * Configuration information to connect to your Confluence URL instance via a web proxy. You can use this option for Confluence Server. You must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is "a.example.com" and the port is 443, the standard port for HTTPS. Web proxy credentials are optional and you can use them to connect to a web proxy server that requires basic authentication of user name and password. To store web proxy credentials, you use a secret in Secrets Manager. It is recommended that you follow best security practices when configuring your web proxy. This includes setting up throttling, setting up logging and monitoring, and applying security patches on a regular basis. If you use your web proxy with multiple data sources, sync jobs that occur at the same time could strain the load on your proxy. It is recommended you prepare your proxy beforehand for any security and load requirements.
+     */
+    ProxyConfiguration?: ProxyConfiguration;
   }
   export interface ConfluencePageConfiguration {
     /**
@@ -1158,7 +1162,7 @@ declare namespace Kendra {
   }
   export interface CreateDataSourceRequest {
     /**
-     * A unique name for the data source connector. A data source name can't be changed without deleting and recreating the data source connector.
+     * A name for the data source connector.
      */
     Name: DataSourceName;
     /**
@@ -1173,6 +1177,10 @@ declare namespace Kendra {
      * Configuration information to connect to your data source repository. You can't specify the Configuration parameter when the Type parameter is set to CUSTOM. If you do, you receive a ValidationException exception. The Configuration parameter is required for all other data sources.
      */
     Configuration?: DataSourceConfiguration;
+    /**
+     * Configuration information for an Amazon Virtual Private Cloud to connect to your data source. For more information, see Configuring a VPC.
+     */
+    VpcConfiguration?: DataSourceVpcConfiguration;
     /**
      * A description for the data source connector.
      */
@@ -1488,6 +1496,10 @@ declare namespace Kendra {
      * Provides the configuration information to connect to Alfresco as your data source.
      */
     AlfrescoConfiguration?: AlfrescoConfiguration;
+    /**
+     * Provides a template for the configuration information to connect to your data source.
+     */
+    TemplateConfiguration?: TemplateConfiguration;
   }
   export type DataSourceDateFieldFormat = string;
   export type DataSourceFieldName = string;
@@ -1623,7 +1635,7 @@ declare namespace Kendra {
     IndexFieldName: IndexFieldName;
   }
   export type DataSourceToIndexFieldMappingList = DataSourceToIndexFieldMapping[];
-  export type DataSourceType = "S3"|"SHAREPOINT"|"DATABASE"|"SALESFORCE"|"ONEDRIVE"|"SERVICENOW"|"CUSTOM"|"CONFLUENCE"|"GOOGLEDRIVE"|"WEBCRAWLER"|"WORKDOCS"|"FSX"|"SLACK"|"BOX"|"QUIP"|"JIRA"|"GITHUB"|"ALFRESCO"|string;
+  export type DataSourceType = "S3"|"SHAREPOINT"|"DATABASE"|"SALESFORCE"|"ONEDRIVE"|"SERVICENOW"|"CUSTOM"|"CONFLUENCE"|"GOOGLEDRIVE"|"WEBCRAWLER"|"WORKDOCS"|"FSX"|"SLACK"|"BOX"|"QUIP"|"JIRA"|"GITHUB"|"ALFRESCO"|"TEMPLATE"|string;
   export interface DataSourceVpcConfiguration {
     /**
      * A list of identifiers for subnets within your Amazon VPC. The subnets should be able to connect to each other in the VPC, and they should have outgoing access to the Internet through a NAT device.
@@ -1801,7 +1813,7 @@ declare namespace Kendra {
      */
     IndexId?: IndexId;
     /**
-     * The name that you gave the data source when it was created.
+     * The name for the data source.
      */
     Name?: DataSourceName;
     /**
@@ -1812,6 +1824,10 @@ declare namespace Kendra {
      * Configuration details for the data source. This shows how the data source is configured. The configuration options for a data source depend on the data source provider.
      */
     Configuration?: DataSourceConfiguration;
+    /**
+     * Configuration information for an Amazon Virtual Private Cloud to connect to your data source. For more information, see Configuring a VPC.
+     */
+    VpcConfiguration?: DataSourceVpcConfiguration;
     /**
      * The Unix timestamp of when the data source was created.
      */
@@ -3826,7 +3842,7 @@ declare namespace Kendra {
      */
     CrawlAttachments?: Boolean;
     /**
-     * The identifiers of the Quip folders you want to index.
+     * The identifiers of the Quip folders you want to index. You can find in your browser URL when you access your folder in Quip. For example, https://quip-company.com/zlLuOVNSarTL/folder-name.
      */
     FolderIds?: FolderIdList;
     /**
@@ -4261,6 +4277,10 @@ declare namespace Kendra {
      * Whether you want to connect to SharePoint using basic authentication of user name and password, or OAuth authentication of user name, password, client ID, and client secret. You can use OAuth authentication for SharePoint Online.
      */
     AuthenticationType?: SharePointOnlineAuthenticationType;
+    /**
+     * Configuration information to connect to your Microsoft SharePoint site URLs via instance via a web proxy. You can use this option for SharePoint Server. You must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is "a.example.com" and the port is 443, the standard port for HTTPS. Web proxy credentials are optional and you can use them to connect to a web proxy server that requires basic authentication of user name and password. To store web proxy credentials, you use a secret in Secrets Manager. It is recommended that you follow best security practices when configuring your web proxy. This includes setting up throttling, setting up logging and monitoring, and applying security patches on a regular basis. If you use your web proxy with multiple data sources, sync jobs that occur at the same time could strain the load on your proxy. It is recommended you prepare your proxy beforehand for any security and load requirements.
+     */
+    ProxyConfiguration?: ProxyConfiguration;
   }
   export type SharePointOnlineAuthenticationType = "HTTP_BASIC"|"OAUTH2"|string;
   export type SharePointUrlList = Url[];
@@ -4509,6 +4529,14 @@ declare namespace Kendra {
   }
   export type TagValue = string;
   export type TeamId = string;
+  export interface Template {
+  }
+  export interface TemplateConfiguration {
+    /**
+     * The template schema used for the data source. The following links to the template schema for data sources where templates are supported:    Zendesk template schema   
+     */
+    Template?: Template;
+  }
   export type TenantDomain = string;
   export interface TextDocumentStatistics {
     /**
@@ -4617,7 +4645,7 @@ declare namespace Kendra {
      */
     Id: DataSourceId;
     /**
-     * A new name for the data source connector. You must first delete the data source and re-create it to change the name of the data source.
+     * A new name for the data source connector.
      */
     Name?: DataSourceName;
     /**
@@ -4628,6 +4656,10 @@ declare namespace Kendra {
      * Configuration information you want to update for the data source connector.
      */
     Configuration?: DataSourceConfiguration;
+    /**
+     * Configuration information for an Amazon Virtual Private Cloud to connect to your data source. For more information, see Configuring a VPC.
+     */
+    VpcConfiguration?: DataSourceVpcConfiguration;
     /**
      * A new description for the data source connector.
      */

package/node_modules/aws-sdk/clients/lakeformation.d.ts

@@ -20,6 +20,14 @@ declare class LakeFormation extends Service {
    * Attaches one or more LF-tags to an existing resource.
    */
   addLFTagsToResource(callback?: (err: AWSError, data: LakeFormation.Types.AddLFTagsToResourceResponse) => void): Request<LakeFormation.Types.AddLFTagsToResourceResponse, AWSError>;
+  /**
+   * Allows a caller to assume an IAM role decorated as the SAML user specified in the SAML assertion included in the request. This decoration allows Lake Formation to enforce access policies against the SAML users and groups. This API operation requires SAML federation setup in the caller’s account as it can only be called with valid SAML assertions. Lake Formation does not scope down the permission of the assumed role. All permissions attached to the role via the SAML federation setup will be included in the role session.   This decorated role is expected to access data in Amazon S3 by getting temporary access from Lake Formation which is authorized via the virtual API GetDataAccess. Therefore, all SAML roles that can be assumed via AssumeDecoratedRoleWithSAML must at a minimum include lakeformation:GetDataAccess in their role policies. A typical IAM policy attached to such a role would look as follows: 
+   */
+  assumeDecoratedRoleWithSAML(params: LakeFormation.Types.AssumeDecoratedRoleWithSAMLRequest, callback?: (err: AWSError, data: LakeFormation.Types.AssumeDecoratedRoleWithSAMLResponse) => void): Request<LakeFormation.Types.AssumeDecoratedRoleWithSAMLResponse, AWSError>;
+  /**
+   * Allows a caller to assume an IAM role decorated as the SAML user specified in the SAML assertion included in the request. This decoration allows Lake Formation to enforce access policies against the SAML users and groups. This API operation requires SAML federation setup in the caller’s account as it can only be called with valid SAML assertions. Lake Formation does not scope down the permission of the assumed role. All permissions attached to the role via the SAML federation setup will be included in the role session.   This decorated role is expected to access data in Amazon S3 by getting temporary access from Lake Formation which is authorized via the virtual API GetDataAccess. Therefore, all SAML roles that can be assumed via AssumeDecoratedRoleWithSAML must at a minimum include lakeformation:GetDataAccess in their role policies. A typical IAM policy attached to such a role would look as follows: 
+   */
+  assumeDecoratedRoleWithSAML(callback?: (err: AWSError, data: LakeFormation.Types.AssumeDecoratedRoleWithSAMLResponse) => void): Request<LakeFormation.Types.AssumeDecoratedRoleWithSAMLResponse, AWSError>;
   /**
    * Batch operation to grant permissions to the principal.
    */
@@ -77,11 +85,11 @@ declare class LakeFormation extends Service {
    */
   deleteDataCellsFilter(callback?: (err: AWSError, data: LakeFormation.Types.DeleteDataCellsFilterResponse) => void): Request<LakeFormation.Types.DeleteDataCellsFilterResponse, AWSError>;
   /**
-   * Deletes the specified LF-tag key name. If the attribute key does not exist or the LF-tag does not exist, then the operation will not do anything. If the attribute key exists, then the operation checks if any resources are tagged with this attribute key, if yes, the API throws a 400 Exception with the message "Delete not allowed" as the LF-tag key is still attached with resources. You can consider untagging resources with this LF-tag key.
+   * Deletes the specified LF-tag given a key name. If the input parameter tag key was not found, then the operation will throw an exception. When you delete an LF-tag, the LFTagPolicy attached to the LF-tag becomes invalid. If the deleted LF-tag was still assigned to any resource, the tag policy attach to the deleted LF-tag will no longer be applied to the resource.
    */
   deleteLFTag(params: LakeFormation.Types.DeleteLFTagRequest, callback?: (err: AWSError, data: LakeFormation.Types.DeleteLFTagResponse) => void): Request<LakeFormation.Types.DeleteLFTagResponse, AWSError>;
   /**
-   * Deletes the specified LF-tag key name. If the attribute key does not exist or the LF-tag does not exist, then the operation will not do anything. If the attribute key exists, then the operation checks if any resources are tagged with this attribute key, if yes, the API throws a 400 Exception with the message "Delete not allowed" as the LF-tag key is still attached with resources. You can consider untagging resources with this LF-tag key.
+   * Deletes the specified LF-tag given a key name. If the input parameter tag key was not found, then the operation will throw an exception. When you delete an LF-tag, the LFTagPolicy attached to the LF-tag becomes invalid. If the deleted LF-tag was still assigned to any resource, the tag policy attach to the deleted LF-tag will no longer be applied to the resource.
    */
   deleteLFTag(callback?: (err: AWSError, data: LakeFormation.Types.DeleteLFTagResponse) => void): Request<LakeFormation.Types.DeleteLFTagResponse, AWSError>;
   /**
@@ -407,6 +415,42 @@ declare namespace LakeFormation {
   }
   export interface AllRowsWildcard {
   }
+  export interface AssumeDecoratedRoleWithSAMLRequest {
+    /**
+     * A SAML assertion consisting of an assertion statement for the user who needs temporary credentials. This must match the SAML assertion that was issued to IAM. This must be Base64 encoded.
+     */
+    SAMLAssertion: SAMLAssertionString;
+    /**
+     * The role that represents an IAM principal whose scope down policy allows it to call credential vending APIs such as GetTemporaryTableCredentials. The caller must also have iam:PassRole permission on this role. 
+     */
+    RoleArn: IAMRoleArn;
+    /**
+     * The Amazon Resource Name (ARN) of the SAML provider in IAM that describes the IdP.
+     */
+    PrincipalArn: IAMSAMLProviderArn;
+    /**
+     * The time period, between 900 and 43,200 seconds, for the timeout of the temporary credentials.
+     */
+    DurationSeconds?: CredentialTimeoutDurationSecondInteger;
+  }
+  export interface AssumeDecoratedRoleWithSAMLResponse {
+    /**
+     * The access key ID for the temporary credentials. (The access key consists of an access key ID and a secret key).
+     */
+    AccessKeyId?: AccessKeyIdString;
+    /**
+     * The secret key for the temporary credentials. (The access key consists of an access key ID and a secret key).
+     */
+    SecretAccessKey?: SecretAccessKeyString;
+    /**
+     * The session token for the temporary credentials.
+     */
+    SessionToken?: SessionTokenString;
+    /**
+     * The date and time when the temporary credentials expire.
+     */
+    Expiration?: ExpirationTimestamp;
+  }
   export interface AuditContext {
     /**
      * The filter engine can populate the 'AdditionalAuditContext' information with the request ID for you to track. This information will be displayed in CloudTrail log in your account.
@@ -1154,6 +1198,7 @@ declare namespace LakeFormation {
   export interface GrantPermissionsResponse {
   }
   export type IAMRoleArn = string;
+  export type IAMSAMLProviderArn = string;
   export type Identifier = string;
   export type Integer = number;
   export interface LFTag {
@@ -1652,6 +1697,7 @@ declare namespace LakeFormation {
      */
     AllRowsWildcard?: AllRowsWildcard;
   }
+  export type SAMLAssertionString = string;
   export interface SearchDatabasesByLFTagsRequest {
     /**
      * A continuation token, if this is not the first call to retrieve this list.