aws-cdk-lib 2.114.0__py3-none-any.whl → 2.115.0__py3-none-any.whl

aws_cdk/aws_emr/__init__.py

@@ -9266,21 +9266,69 @@ class CfnSecurityConfiguration(
 
     :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-securityconfiguration.html
     :cloudformationResource: AWS::EMR::SecurityConfiguration
-    :exampleMetadata: fixture=_generated
+    :exampleMetadata: infused
 
     Example::
 
-        # The code below shows an example of how to instantiate this type.
-        # The values are placeholders you should change.
-        from aws_cdk import aws_emr as emr
+        import aws_cdk.aws_emr as emr
         
-        # security_configuration: Any
         
-        cfn_security_configuration = emr.CfnSecurityConfiguration(self, "MyCfnSecurityConfiguration",
-            security_configuration=security_configuration,
+        cfn_security_configuration = emr.CfnSecurityConfiguration(self, "EmrSecurityConfiguration",
+            name="AddStepRuntimeRoleSecConfig",
+            security_configuration=JSON.parse("""
+                    {
+                      "AuthorizationConfiguration": {
+                          "IAMConfiguration": {
+                              "EnableApplicationScopedIAMRole": true,
+                              "ApplicationScopedIAMRoleConfiguration":
+                                  {
+                                      "PropagateSourceIdentity": true
+                                  }
+                          },
+                          "LakeFormationConfiguration": {
+                              "AuthorizedSessionTagValue": "Amazon EMR"
+                          }
+                      }
+                    }""")
+        )
         
-            # the properties below are optional
-            name="name"
+        task = tasks.EmrCreateCluster(self, "Create Cluster",
+            instances=tasks.EmrCreateCluster.InstancesConfigProperty(),
+            name=sfn.TaskInput.from_json_path_at("$.ClusterName").value,
+            security_configuration=cfn_security_configuration.name
+        )
+        
+        execution_role = iam.Role(self, "Role",
+            assumed_by=iam.ArnPrincipal(task.cluster_role.role_arn)
+        )
+        
+        execution_role.assume_role_policy.add_statements(
+            iam.PolicyStatement(
+                effect=iam.Effect.ALLOW,
+                principals=[task.cluster_role
+                ],
+                actions=["sts:SetSourceIdentity"
+                ]
+            ),
+            iam.PolicyStatement(
+                effect=iam.Effect.ALLOW,
+                principals=[task.cluster_role
+                ],
+                actions=["sts:TagSession"
+                ],
+                conditions={
+                    "StringEquals": {
+                        "aws:RequestTag/LakeFormationAuthorizedCaller": "Amazon EMR"
+                    }
+                }
+            ))
+        
+        tasks.EmrAddStep(self, "Task",
+            cluster_id="ClusterId",
+            execution_role_arn=execution_role.role_arn,
+            name="StepName",
+            jar="Jar",
+            action_on_failure=tasks.ActionOnFailure.CONTINUE
         )
     '''
 
@@ -9388,21 +9436,69 @@ class CfnSecurityConfigurationProps:
         :param name: The name of the security configuration.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-securityconfiguration.html
-        :exampleMetadata: fixture=_generated
+        :exampleMetadata: infused
 
         Example::
 
-            # The code below shows an example of how to instantiate this type.
-            # The values are placeholders you should change.
-            from aws_cdk import aws_emr as emr
+            import aws_cdk.aws_emr as emr
             
-            # security_configuration: Any
             
-            cfn_security_configuration_props = emr.CfnSecurityConfigurationProps(
-                security_configuration=security_configuration,
+            cfn_security_configuration = emr.CfnSecurityConfiguration(self, "EmrSecurityConfiguration",
+                name="AddStepRuntimeRoleSecConfig",
+                security_configuration=JSON.parse("""
+                        {
+                          "AuthorizationConfiguration": {
+                              "IAMConfiguration": {
+                                  "EnableApplicationScopedIAMRole": true,
+                                  "ApplicationScopedIAMRoleConfiguration":
+                                      {
+                                          "PropagateSourceIdentity": true
+                                      }
+                              },
+                              "LakeFormationConfiguration": {
+                                  "AuthorizedSessionTagValue": "Amazon EMR"
+                              }
+                          }
+                        }""")
+            )
             
-                # the properties below are optional
-                name="name"
+            task = tasks.EmrCreateCluster(self, "Create Cluster",
+                instances=tasks.EmrCreateCluster.InstancesConfigProperty(),
+                name=sfn.TaskInput.from_json_path_at("$.ClusterName").value,
+                security_configuration=cfn_security_configuration.name
+            )
+            
+            execution_role = iam.Role(self, "Role",
+                assumed_by=iam.ArnPrincipal(task.cluster_role.role_arn)
+            )
+            
+            execution_role.assume_role_policy.add_statements(
+                iam.PolicyStatement(
+                    effect=iam.Effect.ALLOW,
+                    principals=[task.cluster_role
+                    ],
+                    actions=["sts:SetSourceIdentity"
+                    ]
+                ),
+                iam.PolicyStatement(
+                    effect=iam.Effect.ALLOW,
+                    principals=[task.cluster_role
+                    ],
+                    actions=["sts:TagSession"
+                    ],
+                    conditions={
+                        "StringEquals": {
+                            "aws:RequestTag/LakeFormationAuthorizedCaller": "Amazon EMR"
+                        }
+                    }
+                ))
+            
+            tasks.EmrAddStep(self, "Task",
+                cluster_id="ClusterId",
+                execution_role_arn=execution_role.role_arn,
+                name="StepName",
+                jar="Jar",
+                action_on_failure=tasks.ActionOnFailure.CONTINUE
             )
         '''
         if __debug__:
@@ -9963,12 +10059,16 @@ class CfnStudio(
         
             # the properties below are optional
             description="description",
+            encryption_key_arn="encryptionKeyArn",
+            idc_instance_arn="idcInstanceArn",
+            idc_user_assignment="idcUserAssignment",
             idp_auth_url="idpAuthUrl",
             idp_relay_state_parameter_name="idpRelayStateParameterName",
             tags=[CfnTag(
                 key="key",
                 value="value"
             )],
+            trusted_identity_propagation_enabled=False,
             user_role="userRole"
         )
     '''
@@ -9987,9 +10087,13 @@ class CfnStudio(
         vpc_id: builtins.str,
         workspace_security_group_id: builtins.str,
         description: typing.Optional[builtins.str] = None,
+        encryption_key_arn: typing.Optional[builtins.str] = None,
+        idc_instance_arn: typing.Optional[builtins.str] = None,
+        idc_user_assignment: typing.Optional[builtins.str] = None,
         idp_auth_url: typing.Optional[builtins.str] = None,
         idp_relay_state_parameter_name: typing.Optional[builtins.str] = None,
         tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
+        trusted_identity_propagation_enabled: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
         user_role: typing.Optional[builtins.str] = None,
     ) -> None:
         '''
@@ -10004,9 +10108,13 @@ class CfnStudio(
         :param vpc_id: The ID of the Amazon Virtual Private Cloud (Amazon VPC) to associate with the Studio.
         :param workspace_security_group_id: The ID of the Workspace security group associated with the Amazon EMR Studio. The Workspace security group allows outbound network traffic to resources in the Engine security group and to the internet.
         :param description: A detailed description of the Amazon EMR Studio.
+        :param encryption_key_arn: 
+        :param idc_instance_arn: The ARN of the IAM Identity Center instance to create the Studio application.
+        :param idc_user_assignment: Specifies whether IAM Identity Center user assignment is REQUIRED or OPTIONAL. If the value is set to REQUIRED, users must be explicitly assigned to the Studio application to access the Studio.
         :param idp_auth_url: Your identity provider's authentication endpoint. Amazon EMR Studio redirects federated users to this endpoint for authentication when logging in to a Studio with the Studio URL.
         :param idp_relay_state_parameter_name: The name of your identity provider's ``RelayState`` parameter.
         :param tags: An array of key-value pairs to apply to this resource. For more information, see `Tag <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html>`_ .
+        :param trusted_identity_propagation_enabled: A Boolean indicating whether to enable Trusted identity propagation for the Studio. The default value is false.
         :param user_role: The Amazon Resource Name (ARN) of the IAM user role that will be assumed by users and groups logged in to a Studio. The permissions attached to this IAM role can be scoped down for each user or group using session policies. You only need to specify ``UserRole`` when you set ``AuthMode`` to ``SSO`` .
         '''
         if __debug__:
@@ -10023,9 +10131,13 @@ class CfnStudio(
             vpc_id=vpc_id,
             workspace_security_group_id=workspace_security_group_id,
             description=description,
+            encryption_key_arn=encryption_key_arn,
+            idc_instance_arn=idc_instance_arn,
+            idc_user_assignment=idc_user_assignment,
             idp_auth_url=idp_auth_url,
             idp_relay_state_parameter_name=idp_relay_state_parameter_name,
             tags=tags,
+            trusted_identity_propagation_enabled=trusted_identity_propagation_enabled,
             user_role=user_role,
         )
 
@@ -10222,6 +10334,44 @@ class CfnStudio(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "description", value)
 
+    @builtins.property
+    @jsii.member(jsii_name="encryptionKeyArn")
+    def encryption_key_arn(self) -> typing.Optional[builtins.str]:
+        return typing.cast(typing.Optional[builtins.str], jsii.get(self, "encryptionKeyArn"))
+
+    @encryption_key_arn.setter
+    def encryption_key_arn(self, value: typing.Optional[builtins.str]) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__a934c05c196d0eda57d2ba0bd9c2811612942f47baa70b9def4583964bf21ef7)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "encryptionKeyArn", value)
+
+    @builtins.property
+    @jsii.member(jsii_name="idcInstanceArn")
+    def idc_instance_arn(self) -> typing.Optional[builtins.str]:
+        '''The ARN of the IAM Identity Center instance to create the Studio application.'''
+        return typing.cast(typing.Optional[builtins.str], jsii.get(self, "idcInstanceArn"))
+
+    @idc_instance_arn.setter
+    def idc_instance_arn(self, value: typing.Optional[builtins.str]) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__ac14b0d933a01aa925ef079cc75e4ff2fb649c283f4c3356a21f14dae6f52d24)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "idcInstanceArn", value)
+
+    @builtins.property
+    @jsii.member(jsii_name="idcUserAssignment")
+    def idc_user_assignment(self) -> typing.Optional[builtins.str]:
+        '''Specifies whether IAM Identity Center user assignment is REQUIRED or OPTIONAL.'''
+        return typing.cast(typing.Optional[builtins.str], jsii.get(self, "idcUserAssignment"))
+
+    @idc_user_assignment.setter
+    def idc_user_assignment(self, value: typing.Optional[builtins.str]) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__a96ab30aad484feea76068949481bec25db0a532494456bfbb1db494aebf3926)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "idcUserAssignment", value)
+
     @builtins.property
     @jsii.member(jsii_name="idpAuthUrl")
     def idp_auth_url(self) -> typing.Optional[builtins.str]:
@@ -10264,6 +10414,24 @@ class CfnStudio(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "tagsRaw", value)
 
+    @builtins.property
+    @jsii.member(jsii_name="trustedIdentityPropagationEnabled")
+    def trusted_identity_propagation_enabled(
+        self,
+    ) -> typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]]:
+        '''A Boolean indicating whether to enable Trusted identity propagation for the Studio.'''
+        return typing.cast(typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]], jsii.get(self, "trustedIdentityPropagationEnabled"))
+
+    @trusted_identity_propagation_enabled.setter
+    def trusted_identity_propagation_enabled(
+        self,
+        value: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]],
+    ) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__d97a907912a2a6d42177e06668874b62f8bb494e07b5e9659287db646faa1236)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "trustedIdentityPropagationEnabled", value)
+
     @builtins.property
     @jsii.member(jsii_name="userRole")
     def user_role(self) -> typing.Optional[builtins.str]:
@@ -10291,9 +10459,13 @@ class CfnStudio(
         "vpc_id": "vpcId",
         "workspace_security_group_id": "workspaceSecurityGroupId",
         "description": "description",
+        "encryption_key_arn": "encryptionKeyArn",
+        "idc_instance_arn": "idcInstanceArn",
+        "idc_user_assignment": "idcUserAssignment",
         "idp_auth_url": "idpAuthUrl",
         "idp_relay_state_parameter_name": "idpRelayStateParameterName",
         "tags": "tags",
+        "trusted_identity_propagation_enabled": "trustedIdentityPropagationEnabled",
         "user_role": "userRole",
     },
 )
@@ -10310,9 +10482,13 @@ class CfnStudioProps:
         vpc_id: builtins.str,
         workspace_security_group_id: builtins.str,
         description: typing.Optional[builtins.str] = None,
+        encryption_key_arn: typing.Optional[builtins.str] = None,
+        idc_instance_arn: typing.Optional[builtins.str] = None,
+        idc_user_assignment: typing.Optional[builtins.str] = None,
         idp_auth_url: typing.Optional[builtins.str] = None,
         idp_relay_state_parameter_name: typing.Optional[builtins.str] = None,
         tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
+        trusted_identity_propagation_enabled: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
         user_role: typing.Optional[builtins.str] = None,
     ) -> None:
         '''Properties for defining a ``CfnStudio``.
@@ -10326,9 +10502,13 @@ class CfnStudioProps:
         :param vpc_id: The ID of the Amazon Virtual Private Cloud (Amazon VPC) to associate with the Studio.
         :param workspace_security_group_id: The ID of the Workspace security group associated with the Amazon EMR Studio. The Workspace security group allows outbound network traffic to resources in the Engine security group and to the internet.
         :param description: A detailed description of the Amazon EMR Studio.
+        :param encryption_key_arn: 
+        :param idc_instance_arn: The ARN of the IAM Identity Center instance to create the Studio application.
+        :param idc_user_assignment: Specifies whether IAM Identity Center user assignment is REQUIRED or OPTIONAL. If the value is set to REQUIRED, users must be explicitly assigned to the Studio application to access the Studio.
         :param idp_auth_url: Your identity provider's authentication endpoint. Amazon EMR Studio redirects federated users to this endpoint for authentication when logging in to a Studio with the Studio URL.
         :param idp_relay_state_parameter_name: The name of your identity provider's ``RelayState`` parameter.
         :param tags: An array of key-value pairs to apply to this resource. For more information, see `Tag <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html>`_ .
+        :param trusted_identity_propagation_enabled: A Boolean indicating whether to enable Trusted identity propagation for the Studio. The default value is false.
         :param user_role: The Amazon Resource Name (ARN) of the IAM user role that will be assumed by users and groups logged in to a Studio. The permissions attached to this IAM role can be scoped down for each user or group using session policies. You only need to specify ``UserRole`` when you set ``AuthMode`` to ``SSO`` .
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-studio.html
@@ -10352,12 +10532,16 @@ class CfnStudioProps:
             
                 # the properties below are optional
                 description="description",
+                encryption_key_arn="encryptionKeyArn",
+                idc_instance_arn="idcInstanceArn",
+                idc_user_assignment="idcUserAssignment",
                 idp_auth_url="idpAuthUrl",
                 idp_relay_state_parameter_name="idpRelayStateParameterName",
                 tags=[CfnTag(
                     key="key",
                     value="value"
                 )],
+                trusted_identity_propagation_enabled=False,
                 user_role="userRole"
             )
         '''
@@ -10372,9 +10556,13 @@ class CfnStudioProps:
             check_type(argname="argument vpc_id", value=vpc_id, expected_type=type_hints["vpc_id"])
             check_type(argname="argument workspace_security_group_id", value=workspace_security_group_id, expected_type=type_hints["workspace_security_group_id"])
             check_type(argname="argument description", value=description, expected_type=type_hints["description"])
+            check_type(argname="argument encryption_key_arn", value=encryption_key_arn, expected_type=type_hints["encryption_key_arn"])
+            check_type(argname="argument idc_instance_arn", value=idc_instance_arn, expected_type=type_hints["idc_instance_arn"])
+            check_type(argname="argument idc_user_assignment", value=idc_user_assignment, expected_type=type_hints["idc_user_assignment"])
             check_type(argname="argument idp_auth_url", value=idp_auth_url, expected_type=type_hints["idp_auth_url"])
             check_type(argname="argument idp_relay_state_parameter_name", value=idp_relay_state_parameter_name, expected_type=type_hints["idp_relay_state_parameter_name"])
             check_type(argname="argument tags", value=tags, expected_type=type_hints["tags"])
+            check_type(argname="argument trusted_identity_propagation_enabled", value=trusted_identity_propagation_enabled, expected_type=type_hints["trusted_identity_propagation_enabled"])
             check_type(argname="argument user_role", value=user_role, expected_type=type_hints["user_role"])
         self._values: typing.Dict[builtins.str, typing.Any] = {
             "auth_mode": auth_mode,
@@ -10388,12 +10576,20 @@ class CfnStudioProps:
         }
         if description is not None:
             self._values["description"] = description
+        if encryption_key_arn is not None:
+            self._values["encryption_key_arn"] = encryption_key_arn
+        if idc_instance_arn is not None:
+            self._values["idc_instance_arn"] = idc_instance_arn
+        if idc_user_assignment is not None:
+            self._values["idc_user_assignment"] = idc_user_assignment
         if idp_auth_url is not None:
             self._values["idp_auth_url"] = idp_auth_url
         if idp_relay_state_parameter_name is not None:
             self._values["idp_relay_state_parameter_name"] = idp_relay_state_parameter_name
         if tags is not None:
             self._values["tags"] = tags
+        if trusted_identity_propagation_enabled is not None:
+            self._values["trusted_identity_propagation_enabled"] = trusted_identity_propagation_enabled
         if user_role is not None:
             self._values["user_role"] = user_role
 
@@ -10494,6 +10690,34 @@ class CfnStudioProps:
         result = self._values.get("description")
         return typing.cast(typing.Optional[builtins.str], result)
 
+    @builtins.property
+    def encryption_key_arn(self) -> typing.Optional[builtins.str]:
+        '''
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-studio.html#cfn-emr-studio-encryptionkeyarn
+        '''
+        result = self._values.get("encryption_key_arn")
+        return typing.cast(typing.Optional[builtins.str], result)
+
+    @builtins.property
+    def idc_instance_arn(self) -> typing.Optional[builtins.str]:
+        '''The ARN of the IAM Identity Center instance to create the Studio application.
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-studio.html#cfn-emr-studio-idcinstancearn
+        '''
+        result = self._values.get("idc_instance_arn")
+        return typing.cast(typing.Optional[builtins.str], result)
+
+    @builtins.property
+    def idc_user_assignment(self) -> typing.Optional[builtins.str]:
+        '''Specifies whether IAM Identity Center user assignment is REQUIRED or OPTIONAL.
+
+        If the value is set to REQUIRED, users must be explicitly assigned to the Studio application to access the Studio.
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-studio.html#cfn-emr-studio-idcuserassignment
+        '''
+        result = self._values.get("idc_user_assignment")
+        return typing.cast(typing.Optional[builtins.str], result)
+
     @builtins.property
     def idp_auth_url(self) -> typing.Optional[builtins.str]:
         '''Your identity provider's authentication endpoint.
@@ -10525,6 +10749,19 @@ class CfnStudioProps:
         result = self._values.get("tags")
         return typing.cast(typing.Optional[typing.List[_CfnTag_f6864754]], result)
 
+    @builtins.property
+    def trusted_identity_propagation_enabled(
+        self,
+    ) -> typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]]:
+        '''A Boolean indicating whether to enable Trusted identity propagation for the Studio.
+
+        The default value is false.
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-studio.html#cfn-emr-studio-trustedidentitypropagationenabled
+        '''
+        result = self._values.get("trusted_identity_propagation_enabled")
+        return typing.cast(typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]], result)
+
     @builtins.property
     def user_role(self) -> typing.Optional[builtins.str]:
         '''The Amazon Resource Name (ARN) of the IAM user role that will be assumed by users and groups logged in to a Studio.
@@ -12032,9 +12269,13 @@ def _typecheckingstub__9e5fa63dd56ed829e4898f84009809f50f4125ac18a4dd04d19284202
     vpc_id: builtins.str,
     workspace_security_group_id: builtins.str,
     description: typing.Optional[builtins.str] = None,
+    encryption_key_arn: typing.Optional[builtins.str] = None,
+    idc_instance_arn: typing.Optional[builtins.str] = None,
+    idc_user_assignment: typing.Optional[builtins.str] = None,
     idp_auth_url: typing.Optional[builtins.str] = None,
     idp_relay_state_parameter_name: typing.Optional[builtins.str] = None,
     tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
+    trusted_identity_propagation_enabled: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
     user_role: typing.Optional[builtins.str] = None,
 ) -> None:
     """Type checking stubs"""
@@ -12106,6 +12347,24 @@ def _typecheckingstub__b57cfedf6d1b9357fb99a22fb68853be1bf68349d342ae1b382a911a5
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__a934c05c196d0eda57d2ba0bd9c2811612942f47baa70b9def4583964bf21ef7(
+    value: typing.Optional[builtins.str],
+) -> None:
+    """Type checking stubs"""
+    pass
+
+def _typecheckingstub__ac14b0d933a01aa925ef079cc75e4ff2fb649c283f4c3356a21f14dae6f52d24(
+    value: typing.Optional[builtins.str],
+) -> None:
+    """Type checking stubs"""
+    pass
+
+def _typecheckingstub__a96ab30aad484feea76068949481bec25db0a532494456bfbb1db494aebf3926(
+    value: typing.Optional[builtins.str],
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__5bdf046decc7d9dcf4942916a9fd82f3ddf403adfc79905c187b32915e71a92e(
     value: typing.Optional[builtins.str],
 ) -> None:
@@ -12124,6 +12383,12 @@ def _typecheckingstub__93c87ee05567302bb00141c45d4f778440c0196380fbcf0ea86580e0f
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__d97a907912a2a6d42177e06668874b62f8bb494e07b5e9659287db646faa1236(
+    value: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]],
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__4497b6d90d344f7cce9a12d862f813109f2ee695a175caef4ea9fba74f1175a8(
     value: typing.Optional[builtins.str],
 ) -> None:
@@ -12141,9 +12406,13 @@ def _typecheckingstub__e54f46221565a48807a50ddbb87f328aa43352455931a5089f5484c22
     vpc_id: builtins.str,
     workspace_security_group_id: builtins.str,
     description: typing.Optional[builtins.str] = None,
+    encryption_key_arn: typing.Optional[builtins.str] = None,
+    idc_instance_arn: typing.Optional[builtins.str] = None,
+    idc_user_assignment: typing.Optional[builtins.str] = None,
     idp_auth_url: typing.Optional[builtins.str] = None,
     idp_relay_state_parameter_name: typing.Optional[builtins.str] = None,
     tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
+    trusted_identity_propagation_enabled: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
     user_role: typing.Optional[builtins.str] = None,
 ) -> None:
     """Type checking stubs"""

aws_cdk/aws_eventschemas/__init__.py

@@ -173,7 +173,7 @@ class CfnDiscoverer(
     @builtins.property
     @jsii.member(jsii_name="attrState")
     def attr_state(self) -> builtins.str:
-        '''Defines the current state of the discoverer.
+        '''The state of the discoverer.
 
         :cloudformationAttribute: State
         '''