aws-cdk-lib 2.128.0__py3-none-any.whl → 2.129.0__py3-none-any.whl

aws_cdk/aws_autoscaling/__init__.py

@@ -2292,7 +2292,9 @@ class CfnAutoScalingGroup(
     For more information about Amazon EC2 Auto Scaling, see the `Amazon EC2 Auto Scaling User Guide <https://docs.aws.amazon.com/autoscaling/ec2/userguide/what-is-amazon-ec2-auto-scaling.html>`_ .
     .. epigraph::
 
-       Amazon EC2 Auto Scaling configures instances launched as part of an Auto Scaling group using either a `launch template <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html>`_ or a launch configuration. We strongly recommend that you do not use launch configurations. They do not provide full functionality for Amazon EC2 Auto Scaling or Amazon EC2. For more information, see `Launch configurations <https://docs.aws.amazon.com/autoscaling/ec2/userguide/launch-configurations.html>`_ and `Migrate AWS CloudFormation stacks from launch configurations to launch templates <https://docs.aws.amazon.com/autoscaling/ec2/userguide/migrate-launch-configurations-with-cloudformation.html>`_ in the *Amazon EC2 Auto Scaling User Guide* .
+       Amazon EC2 Auto Scaling configures instances launched as part of an Auto Scaling group using either a `launch template <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html>`_ or a launch configuration. We strongly recommend that you do not use launch configurations. For more information, see `Launch configurations <https://docs.aws.amazon.com/autoscaling/ec2/userguide/launch-configurations.html>`_ in the *Amazon EC2 Auto Scaling User Guide* .
+
+       For help migrating from launch configurations to launch templates, see `Migrate AWS CloudFormation stacks from launch configurations to launch templates <https://docs.aws.amazon.com/autoscaling/ec2/userguide/migrate-launch-configurations-with-cloudformation.html>`_ in the *Amazon EC2 Auto Scaling User Guide* .
 
     :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-autoscaling-autoscalinggroup.html
     :cloudformationResource: AWS::AutoScaling::AutoScalingGroup
@@ -3443,7 +3445,7 @@ class CfnAutoScalingGroup(
 
                You must specify ``VCpuCount`` and ``MemoryMiB`` . All other attributes are optional. Any unspecified optional attribute is set to its default.
 
-            For an example template, see `Auto scaling template snippets <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-autoscaling.html>`_ .
+            For an example template, see `Configure Amazon EC2 Auto Scaling resources <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-ec2-auto-scaling.html>`_ .
 
             For more information, see `Creating an Auto Scaling group using attribute-based instance type selection <https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-asg-instance-type-requirements.html>`_ in the *Amazon EC2 Auto Scaling User Guide* . For help determining which instance types match your attributes before you apply them to your Auto Scaling group, see `Preview instance types with specified attributes <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html#ec2fleet-get-instance-types-from-instance-requirements>`_ in the *Amazon EC2 User Guide for Linux Instances* .
 
@@ -4521,7 +4523,7 @@ class CfnAutoScalingGroup(
 
             For information about creating a launch template, see `AWS::EC2::LaunchTemplate <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html>`_ and `Create a launch template for an Auto Scaling group <https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-template.html>`_ in the *Amazon EC2 Auto Scaling User Guide* .
 
-            For examples of launch templates, see `Auto scaling template snippets <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-autoscaling.html>`_ and the `Examples <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate--examples>`_ section in the ``AWS::EC2::LaunchTemplate`` resource.
+            For examples of launch templates, see `Create launch templates <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-ec2-launch-templates.html>`_ .
 
             :param version: The version number of the launch template. Specifying ``$Latest`` or ``$Default`` for the template version number is not supported. However, you can specify ``LatestVersionNumber`` or ``DefaultVersionNumber`` using the ``Fn::GetAtt`` intrinsic function. For more information, see `Fn::GetAtt <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html>`_ . .. epigraph:: For an example of using the ``Fn::GetAtt`` function, see the `Examples <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-autoscaling-autoscalinggroup.html#aws-resource-autoscaling-autoscalinggroup--examples>`_ section of the ``AWS::AutoScaling::AutoScalingGroup`` resource.
             :param launch_template_id: The ID of the launch template. You must specify the ``LaunchTemplateID`` or the ``LaunchTemplateName`` , but not both.
@@ -5359,7 +5361,7 @@ class CfnAutoScalingGroup(
         ) -> None:
             '''A structure that specifies an Amazon SNS notification configuration for the ``NotificationConfigurations`` property of the `AWS::AutoScaling::AutoScalingGroup <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-autoscaling-autoscalinggroup.html>`_ resource.
 
-            For an example template snippet, see `Auto scaling template snippets <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-autoscaling.html>`_ .
+            For an example template snippet, see `Configure Amazon EC2 Auto Scaling resources <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-ec2-auto-scaling.html>`_ .
 
             For more information, see `Get Amazon SNS notifications when your Auto Scaling group scales <https://docs.aws.amazon.com/autoscaling/ec2/userguide/ASGettingNotifications.html>`_ in the *Amazon EC2 Auto Scaling User Guide* .
 
@@ -6444,10 +6446,12 @@ class CfnLaunchConfiguration(
 ):
     '''The ``AWS::AutoScaling::LaunchConfiguration`` resource specifies the launch configuration that can be used by an Auto Scaling group to configure Amazon EC2 instances.
 
-    When you update the launch configuration for an Auto Scaling group, CloudFormation deletes that resource and creates a new launch configuration with the updated properties and a new name. Existing instances are not affected. To update existing instances when you update the ``AWS::AutoScaling::LaunchConfiguration`` resource, you can specify an `UpdatePolicy attribute <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html>`_ for the group. You can find sample update policies for rolling updates in `Auto scaling template snippets <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-autoscaling.html>`_ .
+    When you update the launch configuration for an Auto Scaling group, CloudFormation deletes that resource and creates a new launch configuration with the updated properties and a new name. Existing instances are not affected. To update existing instances when you update the ``AWS::AutoScaling::LaunchConfiguration`` resource, you can specify an `UpdatePolicy attribute <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html>`_ for the group. You can find sample update policies for rolling updates in `Configure Amazon EC2 Auto Scaling resources <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-ec2-auto-scaling.html>`_ .
     .. epigraph::
 
-       Amazon EC2 Auto Scaling configures instances launched as part of an Auto Scaling group using either a `launch template <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html>`_ or a launch configuration. We strongly recommend that you do not use launch configurations. They do not provide full functionality for Amazon EC2 Auto Scaling or Amazon EC2. For more information, see `Launch configurations <https://docs.aws.amazon.com/autoscaling/ec2/userguide/launch-configurations.html>`_ and `Migrate AWS CloudFormation stacks from launch configurations to launch templates <https://docs.aws.amazon.com/autoscaling/ec2/userguide/migrate-launch-configurations-with-cloudformation.html>`_ in the *Amazon EC2 Auto Scaling User Guide* .
+       Amazon EC2 Auto Scaling configures instances launched as part of an Auto Scaling group using either a `launch template <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html>`_ or a launch configuration. We strongly recommend that you do not use launch configurations. For more information, see `Launch configurations <https://docs.aws.amazon.com/autoscaling/ec2/userguide/launch-configurations.html>`_ in the *Amazon EC2 Auto Scaling User Guide* .
+
+       For help migrating from launch configurations to launch templates, see `Migrate AWS CloudFormation stacks from launch configurations to launch templates <https://docs.aws.amazon.com/autoscaling/ec2/userguide/migrate-launch-configurations-with-cloudformation.html>`_ in the *Amazon EC2 Auto Scaling User Guide* .
 
     :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-autoscaling-launchconfiguration.html
     :cloudformationResource: AWS::AutoScaling::LaunchConfiguration
@@ -11052,7 +11056,7 @@ class CfnScheduledAction(
 ):
     '''The ``AWS::AutoScaling::ScheduledAction`` resource specifies an Amazon EC2 Auto Scaling scheduled action so that the Auto Scaling group can change the number of instances available for your application in response to predictable load changes.
 
-    When you update a stack with an Auto Scaling group and scheduled action, CloudFormation always sets the min size, max size, and desired capacity properties of your group to the values that are defined in the ``AWS::AutoScaling::AutoScalingGroup`` section of your template. However, you might not want CloudFormation to do that when you have a scheduled action in effect. You can use an `UpdatePolicy attribute <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html>`_ to prevent CloudFormation from changing the min size, max size, or desired capacity property values during a stack update unless you modified the individual values in your template. If you have rolling updates enabled, before you can update the Auto Scaling group, you must suspend scheduled actions by specifying an `UpdatePolicy attribute <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html>`_ for the Auto Scaling group. You can find a sample update policy for rolling updates in `Auto scaling template snippets <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-autoscaling.html>`_ .
+    When you update a stack with an Auto Scaling group and scheduled action, CloudFormation always sets the min size, max size, and desired capacity properties of your group to the values that are defined in the ``AWS::AutoScaling::AutoScalingGroup`` section of your template. However, you might not want CloudFormation to do that when you have a scheduled action in effect. You can use an `UpdatePolicy attribute <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html>`_ to prevent CloudFormation from changing the min size, max size, or desired capacity property values during a stack update unless you modified the individual values in your template. If you have rolling updates enabled, before you can update the Auto Scaling group, you must suspend scheduled actions by specifying an `UpdatePolicy attribute <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html>`_ for the Auto Scaling group. You can find a sample update policy for rolling updates in `Configure Amazon EC2 Auto Scaling resources <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-ec2-auto-scaling.html>`_ .
 
     For more information, see `Scheduled scaling <https://docs.aws.amazon.com/autoscaling/ec2/userguide/schedule_time.html>`_ and `Suspending and resuming scaling processes <https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-suspend-resume-processes.html>`_ in the *Amazon EC2 Auto Scaling User Guide* .
 

aws_cdk/aws_batch/__init__.py

@@ -2447,6 +2447,9 @@ class CfnJobDefinition(
                 ),
                 privileged=False,
                 readonly_root_filesystem=False,
+                repository_credentials=batch.CfnJobDefinition.RepositoryCredentialsProperty(
+                    credentials_parameter="credentialsParameter"
+                ),
                 resource_requirements=[batch.CfnJobDefinition.ResourceRequirementProperty(
                     type="type",
                     value="value"
@@ -2608,6 +2611,9 @@ class CfnJobDefinition(
                         ),
                         privileged=False,
                         readonly_root_filesystem=False,
+                        repository_credentials=batch.CfnJobDefinition.RepositoryCredentialsProperty(
+                            credentials_parameter="credentialsParameter"
+                        ),
                         resource_requirements=[batch.CfnJobDefinition.ResourceRequirementProperty(
                             type="type",
                             value="value"
@@ -3057,6 +3063,7 @@ class CfnJobDefinition(
             "network_configuration": "networkConfiguration",
             "privileged": "privileged",
             "readonly_root_filesystem": "readonlyRootFilesystem",
+            "repository_credentials": "repositoryCredentials",
             "resource_requirements": "resourceRequirements",
             "runtime_platform": "runtimePlatform",
             "secrets": "secrets",
@@ -3085,6 +3092,7 @@ class CfnJobDefinition(
             network_configuration: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Union["CfnJobDefinition.NetworkConfigurationProperty", typing.Dict[builtins.str, typing.Any]]]] = None,
             privileged: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
             readonly_root_filesystem: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
+            repository_credentials: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Union["CfnJobDefinition.RepositoryCredentialsProperty", typing.Dict[builtins.str, typing.Any]]]] = None,
             resource_requirements: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union["CfnJobDefinition.ResourceRequirementProperty", typing.Dict[builtins.str, typing.Any]]]]]] = None,
             runtime_platform: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Union["CfnJobDefinition.RuntimePlatformProperty", typing.Dict[builtins.str, typing.Any]]]] = None,
             secrets: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union["CfnJobDefinition.SecretProperty", typing.Dict[builtins.str, typing.Any]]]]]] = None,
@@ -3112,6 +3120,7 @@ class CfnJobDefinition(
             :param network_configuration: The network configuration for jobs that are running on Fargate resources. Jobs that are running on EC2 resources must not specify this parameter.
             :param privileged: When this parameter is true, the container is given elevated permissions on the host container instance (similar to the ``root`` user). This parameter maps to ``Privileged`` in the `Create a container <https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container>`_ section of the `Docker Remote API <https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/>`_ and the ``--privileged`` option to `docker run <https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/>`_ . The default value is false. .. epigraph:: This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided, or specified as false.
             :param readonly_root_filesystem: When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ``ReadonlyRootfs`` in the `Create a container <https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container>`_ section of the `Docker Remote API <https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/>`_ and the ``--read-only`` option to ``docker run`` .
+            :param repository_credentials: The private repository authentication credentials to use.
             :param resource_requirements: The type and amount of resources to assign to a container. The supported resources include ``GPU`` , ``MEMORY`` , and ``VCPU`` .
             :param runtime_platform: An object that represents the compute environment architecture for AWS Batch jobs on Fargate.
             :param secrets: The secrets for the container. For more information, see `Specifying sensitive data <https://docs.aws.amazon.com/batch/latest/userguide/specifying-sensitive-data.html>`_ in the *AWS Batch User Guide* .
@@ -3188,6 +3197,9 @@ class CfnJobDefinition(
                     ),
                     privileged=False,
                     readonly_root_filesystem=False,
+                    repository_credentials=batch.CfnJobDefinition.RepositoryCredentialsProperty(
+                        credentials_parameter="credentialsParameter"
+                    ),
                     resource_requirements=[batch.CfnJobDefinition.ResourceRequirementProperty(
                         type="type",
                         value="value"
@@ -3244,6 +3256,7 @@ class CfnJobDefinition(
                 check_type(argname="argument network_configuration", value=network_configuration, expected_type=type_hints["network_configuration"])
                 check_type(argname="argument privileged", value=privileged, expected_type=type_hints["privileged"])
                 check_type(argname="argument readonly_root_filesystem", value=readonly_root_filesystem, expected_type=type_hints["readonly_root_filesystem"])
+                check_type(argname="argument repository_credentials", value=repository_credentials, expected_type=type_hints["repository_credentials"])
                 check_type(argname="argument resource_requirements", value=resource_requirements, expected_type=type_hints["resource_requirements"])
                 check_type(argname="argument runtime_platform", value=runtime_platform, expected_type=type_hints["runtime_platform"])
                 check_type(argname="argument secrets", value=secrets, expected_type=type_hints["secrets"])
@@ -3282,6 +3295,8 @@ class CfnJobDefinition(
                 self._values["privileged"] = privileged
             if readonly_root_filesystem is not None:
                 self._values["readonly_root_filesystem"] = readonly_root_filesystem
+            if repository_credentials is not None:
+                self._values["repository_credentials"] = repository_credentials
             if resource_requirements is not None:
                 self._values["resource_requirements"] = resource_requirements
             if runtime_platform is not None:
@@ -3505,6 +3520,17 @@ class CfnJobDefinition(
             result = self._values.get("readonly_root_filesystem")
             return typing.cast(typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]], result)
 
+        @builtins.property
+        def repository_credentials(
+            self,
+        ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnJobDefinition.RepositoryCredentialsProperty"]]:
+            '''The private repository authentication credentials to use.
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-containerproperties.html#cfn-batch-jobdefinition-containerproperties-repositorycredentials
+            '''
+            result = self._values.get("repository_credentials")
+            return typing.cast(typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnJobDefinition.RepositoryCredentialsProperty"]], result)
+
         @builtins.property
         def resource_requirements(
             self,
@@ -5326,8 +5352,11 @@ class CfnJobDefinition(
     )
     class MetadataProperty:
         def __init__(self, *, labels: typing.Any = None) -> None:
-            '''
-            :param labels: 
+            '''Metadata about the Kubernetes pod.
+
+            For more information, see `Understanding Kubernetes Objects <https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/>`_ in the *Kubernetes documentation* .
+
+            :param labels: Key-value pairs used to identify, sort, and organize cube resources. Can contain up to 63 uppercase letters, lowercase letters, numbers, hyphens (-), and underscores (_). Labels can be added or modified at any time. Each resource can have multiple labels, but each key must be unique for a given object.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-metadata.html
             :exampleMetadata: fixture=_generated
@@ -5353,7 +5382,10 @@ class CfnJobDefinition(
 
         @builtins.property
         def labels(self) -> typing.Any:
-            '''
+            '''Key-value pairs used to identify, sort, and organize cube resources.
+
+            Can contain up to 63 uppercase letters, lowercase letters, numbers, hyphens (-), and underscores (_). Labels can be added or modified at any time. Each resource can have multiple labels, but each key must be unique for a given object.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-metadata.html#cfn-batch-jobdefinition-metadata-labels
             '''
             result = self._values.get("labels")
@@ -5625,6 +5657,9 @@ class CfnJobDefinition(
                             ),
                             privileged=False,
                             readonly_root_filesystem=False,
+                            repository_credentials=batch.CfnJobDefinition.RepositoryCredentialsProperty(
+                                credentials_parameter="credentialsParameter"
+                            ),
                             resource_requirements=[batch.CfnJobDefinition.ResourceRequirementProperty(
                                 type="type",
                                 value="value"
@@ -5812,6 +5847,9 @@ class CfnJobDefinition(
                         ),
                         privileged=False,
                         readonly_root_filesystem=False,
+                        repository_credentials=batch.CfnJobDefinition.RepositoryCredentialsProperty(
+                            credentials_parameter="credentialsParameter"
+                        ),
                         resource_requirements=[batch.CfnJobDefinition.ResourceRequirementProperty(
                             type="type",
                             value="value"
@@ -5919,13 +5957,14 @@ class CfnJobDefinition(
             service_account_name: typing.Optional[builtins.str] = None,
             volumes: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union["CfnJobDefinition.EksVolumeProperty", typing.Dict[builtins.str, typing.Any]]]]]] = None,
         ) -> None:
-            '''
-            :param containers: 
-            :param dns_policy: 
-            :param host_network: 
-            :param metadata: 
-            :param service_account_name: 
-            :param volumes: 
+            '''The properties for the pod.
+
+            :param containers: The properties of the container that's used on the Amazon EKS pod.
+            :param dns_policy: The DNS policy for the pod. The default value is ``ClusterFirst`` . If the ``hostNetwork`` parameter is not specified, the default is ``ClusterFirstWithHostNet`` . ``ClusterFirst`` indicates that any DNS query that does not match the configured cluster domain suffix is forwarded to the upstream nameserver inherited from the node. For more information, see `Pod's DNS policy <https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy>`_ in the *Kubernetes documentation* . Valid values: ``Default`` | ``ClusterFirst`` | ``ClusterFirstWithHostNet``
+            :param host_network: Indicates if the pod uses the hosts' network IP address. The default value is ``true`` . Setting this to ``false`` enables the Kubernetes pod networking model. Most AWS Batch workloads are egress-only and don't require the overhead of IP allocation for each pod for incoming connections. For more information, see `Host namespaces <https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#host-namespaces>`_ and `Pod networking <https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/workloads/pods/#pod-networking>`_ in the *Kubernetes documentation* .
+            :param metadata: Metadata about the Kubernetes pod. For more information, see `Understanding Kubernetes Objects <https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/>`_ in the *Kubernetes documentation* .
+            :param service_account_name: The name of the service account that's used to run the pod. For more information, see `Kubernetes service accounts <https://docs.aws.amazon.com/eks/latest/userguide/service-accounts.html>`_ and `Configure a Kubernetes service account to assume an IAM role <https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html>`_ in the *Amazon EKS User Guide* and `Configure service accounts for pods <https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/>`_ in the *Kubernetes documentation* .
+            :param volumes: Specifies the volumes for a job definition that uses Amazon EKS resources.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-podproperties.html
             :exampleMetadata: fixture=_generated
@@ -6024,7 +6063,8 @@ class CfnJobDefinition(
         def containers(
             self,
         ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnJobDefinition.EksContainerProperty"]]]]:
-            '''
+            '''The properties of the container that's used on the Amazon EKS pod.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-podproperties.html#cfn-batch-jobdefinition-podproperties-containers
             '''
             result = self._values.get("containers")
@@ -6032,7 +6072,12 @@ class CfnJobDefinition(
 
         @builtins.property
         def dns_policy(self) -> typing.Optional[builtins.str]:
-            '''
+            '''The DNS policy for the pod.
+
+            The default value is ``ClusterFirst`` . If the ``hostNetwork`` parameter is not specified, the default is ``ClusterFirstWithHostNet`` . ``ClusterFirst`` indicates that any DNS query that does not match the configured cluster domain suffix is forwarded to the upstream nameserver inherited from the node. For more information, see `Pod's DNS policy <https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy>`_ in the *Kubernetes documentation* .
+
+            Valid values: ``Default`` | ``ClusterFirst`` | ``ClusterFirstWithHostNet``
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-podproperties.html#cfn-batch-jobdefinition-podproperties-dnspolicy
             '''
             result = self._values.get("dns_policy")
@@ -6042,7 +6087,10 @@ class CfnJobDefinition(
         def host_network(
             self,
         ) -> typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]]:
-            '''
+            '''Indicates if the pod uses the hosts' network IP address.
+
+            The default value is ``true`` . Setting this to ``false`` enables the Kubernetes pod networking model. Most AWS Batch workloads are egress-only and don't require the overhead of IP allocation for each pod for incoming connections. For more information, see `Host namespaces <https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#host-namespaces>`_ and `Pod networking <https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/workloads/pods/#pod-networking>`_ in the *Kubernetes documentation* .
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-podproperties.html#cfn-batch-jobdefinition-podproperties-hostnetwork
             '''
             result = self._values.get("host_network")
@@ -6052,7 +6100,10 @@ class CfnJobDefinition(
         def metadata(
             self,
         ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnJobDefinition.MetadataProperty"]]:
-            '''
+            '''Metadata about the Kubernetes pod.
+
+            For more information, see `Understanding Kubernetes Objects <https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/>`_ in the *Kubernetes documentation* .
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-podproperties.html#cfn-batch-jobdefinition-podproperties-metadata
             '''
             result = self._values.get("metadata")
@@ -6060,7 +6111,10 @@ class CfnJobDefinition(
 
         @builtins.property
         def service_account_name(self) -> typing.Optional[builtins.str]:
-            '''
+            '''The name of the service account that's used to run the pod.
+
+            For more information, see `Kubernetes service accounts <https://docs.aws.amazon.com/eks/latest/userguide/service-accounts.html>`_ and `Configure a Kubernetes service account to assume an IAM role <https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html>`_ in the *Amazon EKS User Guide* and `Configure service accounts for pods <https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/>`_ in the *Kubernetes documentation* .
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-podproperties.html#cfn-batch-jobdefinition-podproperties-serviceaccountname
             '''
             result = self._values.get("service_account_name")
@@ -6070,7 +6124,8 @@ class CfnJobDefinition(
         def volumes(
             self,
         ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnJobDefinition.EksVolumeProperty"]]]]:
-            '''
+            '''Specifies the volumes for a job definition that uses Amazon EKS resources.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-podproperties.html#cfn-batch-jobdefinition-podproperties-volumes
             '''
             result = self._values.get("volumes")
@@ -6087,6 +6142,58 @@ class CfnJobDefinition(
                 k + "=" + repr(v) for k, v in self._values.items()
             )
 
+    @jsii.data_type(
+        jsii_type="aws-cdk-lib.aws_batch.CfnJobDefinition.RepositoryCredentialsProperty",
+        jsii_struct_bases=[],
+        name_mapping={"credentials_parameter": "credentialsParameter"},
+    )
+    class RepositoryCredentialsProperty:
+        def __init__(self, *, credentials_parameter: builtins.str) -> None:
+            '''The repository credentials for private registry authentication.
+
+            :param credentials_parameter: The Amazon Resource Name (ARN) of the secret containing the private repository credentials.
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-repositorycredentials.html
+            :exampleMetadata: fixture=_generated
+
+            Example::
+
+                # The code below shows an example of how to instantiate this type.
+                # The values are placeholders you should change.
+                from aws_cdk import aws_batch as batch
+                
+                repository_credentials_property = batch.CfnJobDefinition.RepositoryCredentialsProperty(
+                    credentials_parameter="credentialsParameter"
+                )
+            '''
+            if __debug__:
+                type_hints = typing.get_type_hints(_typecheckingstub__efadf8b71047617519478ed3105db0ddee37f23729febb81c4d534eed7eba9dd)
+                check_type(argname="argument credentials_parameter", value=credentials_parameter, expected_type=type_hints["credentials_parameter"])
+            self._values: typing.Dict[builtins.str, typing.Any] = {
+                "credentials_parameter": credentials_parameter,
+            }
+
+        @builtins.property
+        def credentials_parameter(self) -> builtins.str:
+            '''The Amazon Resource Name (ARN) of the secret containing the private repository credentials.
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-repositorycredentials.html#cfn-batch-jobdefinition-repositorycredentials-credentialsparameter
+            '''
+            result = self._values.get("credentials_parameter")
+            assert result is not None, "Required property 'credentials_parameter' is missing"
+            return typing.cast(builtins.str, result)
+
+        def __eq__(self, rhs: typing.Any) -> builtins.bool:
+            return isinstance(rhs, self.__class__) and rhs._values == self._values
+
+        def __ne__(self, rhs: typing.Any) -> builtins.bool:
+            return not (rhs == self)
+
+        def __repr__(self) -> str:
+            return "RepositoryCredentialsProperty(%s)" % ", ".join(
+                k + "=" + repr(v) for k, v in self._values.items()
+            )
+
     @jsii.data_type(
         jsii_type="aws-cdk-lib.aws_batch.CfnJobDefinition.ResourceRequirementProperty",
         jsii_struct_bases=[],
@@ -7199,6 +7306,9 @@ class CfnJobDefinitionProps:
                     ),
                     privileged=False,
                     readonly_root_filesystem=False,
+                    repository_credentials=batch.CfnJobDefinition.RepositoryCredentialsProperty(
+                        credentials_parameter="credentialsParameter"
+                    ),
                     resource_requirements=[batch.CfnJobDefinition.ResourceRequirementProperty(
                         type="type",
                         value="value"
@@ -7360,6 +7470,9 @@ class CfnJobDefinitionProps:
                             ),
                             privileged=False,
                             readonly_root_filesystem=False,
+                            repository_credentials=batch.CfnJobDefinition.RepositoryCredentialsProperty(
+                                credentials_parameter="credentialsParameter"
+                            ),
                             resource_requirements=[batch.CfnJobDefinition.ResourceRequirementProperty(
                                 type="type",
                                 value="value"
@@ -21843,6 +21956,7 @@ def _typecheckingstub__09b3c38642739790560033cae597f009c106d353ddc5faf85f6a7bf48
     network_configuration: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Union[CfnJobDefinition.NetworkConfigurationProperty, typing.Dict[builtins.str, typing.Any]]]] = None,
     privileged: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
     readonly_root_filesystem: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
+    repository_credentials: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Union[CfnJobDefinition.RepositoryCredentialsProperty, typing.Dict[builtins.str, typing.Any]]]] = None,
     resource_requirements: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[CfnJobDefinition.ResourceRequirementProperty, typing.Dict[builtins.str, typing.Any]]]]]] = None,
     runtime_platform: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Union[CfnJobDefinition.RuntimePlatformProperty, typing.Dict[builtins.str, typing.Any]]]] = None,
     secrets: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[CfnJobDefinition.SecretProperty, typing.Dict[builtins.str, typing.Any]]]]]] = None,
@@ -22051,6 +22165,13 @@ def _typecheckingstub__75127ae5a1697c34be5f24dcb69fa5c36a3498e1b2c284babc814c444
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__efadf8b71047617519478ed3105db0ddee37f23729febb81c4d534eed7eba9dd(
+    *,
+    credentials_parameter: builtins.str,
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__7384d4b3b97f8aebbaa3dfe7ec74991276f6b53d6e1885662f675369f1d0166c(
     *,
     type: typing.Optional[builtins.str] = None,

aws_cdk/aws_cleanrooms/__init__.py

@@ -229,8 +229,7 @@ class CfnAnalysisTemplate(
     @builtins.property
     @jsii.member(jsii_name="attrSchema")
     def attr_schema(self) -> _IResolvable_da3f097b:
-        '''Returns the entire `schema object <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cleanrooms-analysistemplate-analysisschema.html>`_ .
-
+        '''
         :cloudformationAttribute: Schema
         '''
         return typing.cast(_IResolvable_da3f097b, jsii.get(self, "attrSchema"))

aws_cdk/aws_cloudformation/__init__.py

@@ -3363,8 +3363,7 @@ class CfnStack(
     @builtins.property
     @jsii.member(jsii_name="attrOutputs")
     def attr_outputs(self) -> _IResolvable_da3f097b:
-        '''Returns a list of output structures.
-
+        '''
         :cloudformationAttribute: Outputs
         '''
         return typing.cast(_IResolvable_da3f097b, jsii.get(self, "attrOutputs"))
@@ -5826,14 +5825,7 @@ class CfnWaitCondition(
     @builtins.property
     @jsii.member(jsii_name="attrData")
     def attr_data(self) -> _IResolvable_da3f097b:
-        '''A JSON object that contains the ``UniqueId`` and ``Data`` values from the wait condition signal(s) for the specified wait condition.
-
-        For more information about wait condition signals, see `Wait condition signal JSON format <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-waitcondition.html#using-cfn-waitcondition-signaljson>`_ .
-
-        Example return value for a wait condition with 2 signals:
-
-        ``{ "Signal1" : "Step 1 complete." , "Signal2" : "Step 2 complete." }``
-
+        '''
         :cloudformationAttribute: Data
         '''
         return typing.cast(_IResolvable_da3f097b, jsii.get(self, "attrData"))

aws_cdk/aws_cloudfront/__init__.py

@@ -6172,7 +6172,7 @@ class CfnDistribution(
             :param s3_origin: 
             :param staging: A Boolean that indicates whether this is a staging distribution. When this value is ``true`` , this is a staging distribution. When this value is ``false`` , this is not a staging distribution.
             :param viewer_certificate: A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers.
-            :param web_acl_id: A unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF , use the ACL ARN, for example ``arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a`` . To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example ``473e64fd-f30b-4765-81a0-62ad96dd167a`` . AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about AWS WAF , see the `AWS WAF Developer Guide <https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html>`_ . Default: - ""
+            :param web_acl_id: A unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF , use the ACL ARN, for example ``arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111`` . To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example ``a1b2c3d4-5678-90ab-cdef-EXAMPLE11111`` . AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about AWS WAF , see the `AWS WAF Developer Guide <https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html>`_ . Default: - ""
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html
             :exampleMetadata: fixture=_generated
@@ -6711,7 +6711,7 @@ class CfnDistribution(
         def web_acl_id(self) -> typing.Optional[builtins.str]:
             '''A unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution.
 
-            To specify a web ACL created using the latest version of AWS WAF , use the ACL ARN, for example ``arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a`` . To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example ``473e64fd-f30b-4765-81a0-62ad96dd167a`` .
+            To specify a web ACL created using the latest version of AWS WAF , use the ACL ARN, for example ``arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111`` . To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example ``a1b2c3d4-5678-90ab-cdef-EXAMPLE11111`` .
 
             AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about AWS WAF , see the `AWS WAF Developer Guide <https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html>`_ .
 
@@ -8342,7 +8342,7 @@ class CfnDistribution(
 
             If the origin is a custom origin or an S3 bucket that is configured as a website endpoint, use the ``CustomOriginConfig`` element instead.
 
-            :param origin_access_identity: The CloudFront origin access identity to associate with the origin. Use an origin access identity to configure the origin so that viewers can *only* access objects in an Amazon S3 bucket through CloudFront. The format of the value is: origin-access-identity/cloudfront/ *ID-of-origin-access-identity* where ``*ID-of-origin-access-identity*`` is the value that CloudFront returned in the ``ID`` element when you created the origin access identity. If you want viewers to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty ``OriginAccessIdentity`` element. To delete the origin access identity from an existing distribution, update the distribution configuration and include an empty ``OriginAccessIdentity`` element. To replace the origin access identity, update the distribution configuration and specify the new origin access identity. For more information about the origin access identity, see `Serving Private Content through CloudFront <https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html>`_ in the *Amazon CloudFront Developer Guide* . Default: - ""
+            :param origin_access_identity: .. epigraph:: If you're using origin access control (OAC) instead of origin access identity, specify an empty ``OriginAccessIdentity`` element. For more information, see `Restricting access to an AWS <https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-origin.html>`_ in the *Amazon CloudFront Developer Guide* . The CloudFront origin access identity to associate with the origin. Use an origin access identity to configure the origin so that viewers can *only* access objects in an Amazon S3 bucket through CloudFront. The format of the value is: ``origin-access-identity/cloudfront/ID-of-origin-access-identity`` The ``*ID-of-origin-access-identity*`` is the value that CloudFront returned in the ``ID`` element when you created the origin access identity. If you want viewers to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty ``OriginAccessIdentity`` element. To delete the origin access identity from an existing distribution, update the distribution configuration and include an empty ``OriginAccessIdentity`` element. To replace the origin access identity, update the distribution configuration and specify the new origin access identity. For more information about the origin access identity, see `Serving Private Content through CloudFront <https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html>`_ in the *Amazon CloudFront Developer Guide* . Default: - ""
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-s3originconfig.html
             :exampleMetadata: fixture=_generated
@@ -8366,13 +8366,17 @@ class CfnDistribution(
 
         @builtins.property
         def origin_access_identity(self) -> typing.Optional[builtins.str]:
-            '''The CloudFront origin access identity to associate with the origin.
+            '''.. epigraph::
+
+   If you're using origin access control (OAC) instead of origin access identity, specify an empty ``OriginAccessIdentity`` element.
+
+            For more information, see `Restricting access to an AWS <https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-origin.html>`_ in the *Amazon CloudFront Developer Guide* .
 
-            Use an origin access identity to configure the origin so that viewers can *only* access objects in an Amazon S3 bucket through CloudFront. The format of the value is:
+            The CloudFront origin access identity to associate with the origin. Use an origin access identity to configure the origin so that viewers can *only* access objects in an Amazon S3 bucket through CloudFront. The format of the value is:
 
-            origin-access-identity/cloudfront/ *ID-of-origin-access-identity*
+            ``origin-access-identity/cloudfront/ID-of-origin-access-identity``
 
-            where ``*ID-of-origin-access-identity*`` is the value that CloudFront returned in the ``ID`` element when you created the origin access identity.
+            The ``*ID-of-origin-access-identity*`` is the value that CloudFront returned in the ``ID`` element when you created the origin access identity.
 
             If you want viewers to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty ``OriginAccessIdentity`` element.
 
@@ -9058,7 +9062,10 @@ class CfnFunction(
     @builtins.property
     @jsii.member(jsii_name="attrFunctionMetadataFunctionArn")
     def attr_function_metadata_function_arn(self) -> builtins.str:
-        '''
+        '''The Amazon Resource Name (ARN) of the function.
+
+        The ARN uniquely identifies the function.
+
         :cloudformationAttribute: FunctionMetadata.FunctionARN
         '''
         return typing.cast(builtins.str, jsii.get(self, "attrFunctionMetadataFunctionArn"))

aws_cdk/aws_cloudfront/experimental/__init__.py

@@ -150,6 +150,7 @@ class EdgeFunction(
         function_name: typing.Optional[builtins.str] = None,
         initial_policy: typing.Optional[typing.Sequence[_PolicyStatement_0fe33853]] = None,
         insights_version: typing.Optional[_LambdaInsightsVersion_9dfbfef9] = None,
+        ipv6_allowed_for_dual_stack: typing.Optional[builtins.bool] = None,
         layers: typing.Optional[typing.Sequence[_ILayerVersion_5ac127c8]] = None,
         log_format: typing.Optional[builtins.str] = None,
         logging_format: typing.Optional[_LoggingFormat_30be8e01] = None,
@@ -202,6 +203,7 @@ class EdgeFunction(
         :param function_name: A name for the function. Default: - AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
         :param initial_policy: Initial policy statements to add to the created Lambda Role. You can call ``addToRolePolicy`` to the created lambda to add statements post creation. Default: - No policy statements are added to the created Lambda role.
         :param insights_version: Specify the version of CloudWatch Lambda insights to use for monitoring. Default: - No Lambda Insights
+        :param ipv6_allowed_for_dual_stack: Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. Only used if 'vpc' is supplied. Default: false
         :param layers: A list of layers to add to the function's execution environment. You can configure your Lambda function to pull in additional code during initialization in the form of layers. Layers are packages of libraries or other dependencies that can be used by multiple functions. Default: - No layers.
         :param log_format: Sets the logFormat for the function. Default: "Text"
         :param logging_format: Sets the loggingFormat for the function. Default: LoggingFormat.TEXT
@@ -256,6 +258,7 @@ class EdgeFunction(
             function_name=function_name,
             initial_policy=initial_policy,
             insights_version=insights_version,
+            ipv6_allowed_for_dual_stack=ipv6_allowed_for_dual_stack,
             layers=layers,
             log_format=log_format,
             logging_format=logging_format,
@@ -875,6 +878,7 @@ class EdgeFunction(
         "function_name": "functionName",
         "initial_policy": "initialPolicy",
         "insights_version": "insightsVersion",
+        "ipv6_allowed_for_dual_stack": "ipv6AllowedForDualStack",
         "layers": "layers",
         "log_format": "logFormat",
         "logging_format": "loggingFormat",
@@ -929,6 +933,7 @@ class EdgeFunctionProps(_FunctionProps_a308e854):
         function_name: typing.Optional[builtins.str] = None,
         initial_policy: typing.Optional[typing.Sequence[_PolicyStatement_0fe33853]] = None,
         insights_version: typing.Optional[_LambdaInsightsVersion_9dfbfef9] = None,
+        ipv6_allowed_for_dual_stack: typing.Optional[builtins.bool] = None,
         layers: typing.Optional[typing.Sequence[_ILayerVersion_5ac127c8]] = None,
         log_format: typing.Optional[builtins.str] = None,
         logging_format: typing.Optional[_LoggingFormat_30be8e01] = None,
@@ -980,6 +985,7 @@ class EdgeFunctionProps(_FunctionProps_a308e854):
         :param function_name: A name for the function. Default: - AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
         :param initial_policy: Initial policy statements to add to the created Lambda Role. You can call ``addToRolePolicy`` to the created lambda to add statements post creation. Default: - No policy statements are added to the created Lambda role.
         :param insights_version: Specify the version of CloudWatch Lambda insights to use for monitoring. Default: - No Lambda Insights
+        :param ipv6_allowed_for_dual_stack: Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. Only used if 'vpc' is supplied. Default: false
         :param layers: A list of layers to add to the function's execution environment. You can configure your Lambda function to pull in additional code during initialization in the form of layers. Layers are packages of libraries or other dependencies that can be used by multiple functions. Default: - No layers.
         :param log_format: Sets the logFormat for the function. Default: "Text"
         :param logging_format: Sets the loggingFormat for the function. Default: LoggingFormat.TEXT
@@ -1062,6 +1068,7 @@ class EdgeFunctionProps(_FunctionProps_a308e854):
             check_type(argname="argument function_name", value=function_name, expected_type=type_hints["function_name"])
             check_type(argname="argument initial_policy", value=initial_policy, expected_type=type_hints["initial_policy"])
             check_type(argname="argument insights_version", value=insights_version, expected_type=type_hints["insights_version"])
+            check_type(argname="argument ipv6_allowed_for_dual_stack", value=ipv6_allowed_for_dual_stack, expected_type=type_hints["ipv6_allowed_for_dual_stack"])
             check_type(argname="argument layers", value=layers, expected_type=type_hints["layers"])
             check_type(argname="argument log_format", value=log_format, expected_type=type_hints["log_format"])
             check_type(argname="argument logging_format", value=logging_format, expected_type=type_hints["logging_format"])
@@ -1138,6 +1145,8 @@ class EdgeFunctionProps(_FunctionProps_a308e854):
             self._values["initial_policy"] = initial_policy
         if insights_version is not None:
             self._values["insights_version"] = insights_version
+        if ipv6_allowed_for_dual_stack is not None:
+            self._values["ipv6_allowed_for_dual_stack"] = ipv6_allowed_for_dual_stack
         if layers is not None:
             self._values["layers"] = layers
         if log_format is not None:
@@ -1433,6 +1442,17 @@ class EdgeFunctionProps(_FunctionProps_a308e854):
         result = self._values.get("insights_version")
         return typing.cast(typing.Optional[_LambdaInsightsVersion_9dfbfef9], result)
 
+    @builtins.property
+    def ipv6_allowed_for_dual_stack(self) -> typing.Optional[builtins.bool]:
+        '''Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
+
+        Only used if 'vpc' is supplied.
+
+        :default: false
+        '''
+        result = self._values.get("ipv6_allowed_for_dual_stack")
+        return typing.cast(typing.Optional[builtins.bool], result)
+
     @builtins.property
     def layers(self) -> typing.Optional[typing.List[_ILayerVersion_5ac127c8]]:
         '''A list of layers to add to the function's execution environment.
@@ -1809,6 +1829,7 @@ def _typecheckingstub__b2f96e5632f259adb036f7aba2bbc7c19fd9840c647d67a10a8135cb3
     function_name: typing.Optional[builtins.str] = None,
     initial_policy: typing.Optional[typing.Sequence[_PolicyStatement_0fe33853]] = None,
     insights_version: typing.Optional[_LambdaInsightsVersion_9dfbfef9] = None,
+    ipv6_allowed_for_dual_stack: typing.Optional[builtins.bool] = None,
     layers: typing.Optional[typing.Sequence[_ILayerVersion_5ac127c8]] = None,
     log_format: typing.Optional[builtins.str] = None,
     logging_format: typing.Optional[_LoggingFormat_30be8e01] = None,
@@ -1964,6 +1985,7 @@ def _typecheckingstub__709cdcb05c7a5fc7f7bcd1d72557097c39c5c534076a00b6b8db807bd
     function_name: typing.Optional[builtins.str] = None,
     initial_policy: typing.Optional[typing.Sequence[_PolicyStatement_0fe33853]] = None,
     insights_version: typing.Optional[_LambdaInsightsVersion_9dfbfef9] = None,
+    ipv6_allowed_for_dual_stack: typing.Optional[builtins.bool] = None,
     layers: typing.Optional[typing.Sequence[_ILayerVersion_5ac127c8]] = None,
     log_format: typing.Optional[builtins.str] = None,
     logging_format: typing.Optional[_LoggingFormat_30be8e01] = None,