aws-cdk-lib 2.132.1__py3-none-any.whl → 2.134.0__py3-none-any.whl

aws_cdk/aws_connect/__init__.py

@@ -10238,11 +10238,17 @@ class CfnSecurityProfile(
             security_profile_name="securityProfileName",
         
             # the properties below are optional
+            allowed_access_control_hierarchy_group_id="allowedAccessControlHierarchyGroupId",
             allowed_access_control_tags=[CfnTag(
                 key="key",
                 value="value"
             )],
+            applications=[connect.CfnSecurityProfile.ApplicationProperty(
+                application_permissions=["applicationPermissions"],
+                namespace="namespace"
+            )],
             description="description",
+            hierarchy_restricted_resources=["hierarchyRestrictedResources"],
             permissions=["permissions"],
             tag_restricted_resources=["tagRestrictedResources"],
             tags=[CfnTag(
@@ -10259,8 +10265,11 @@ class CfnSecurityProfile(
         *,
         instance_arn: builtins.str,
         security_profile_name: builtins.str,
+        allowed_access_control_hierarchy_group_id: typing.Optional[builtins.str] = None,
         allowed_access_control_tags: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]]]] = None,
+        applications: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union["CfnSecurityProfile.ApplicationProperty", typing.Dict[builtins.str, typing.Any]]]]]] = None,
         description: typing.Optional[builtins.str] = None,
+        hierarchy_restricted_resources: typing.Optional[typing.Sequence[builtins.str]] = None,
         permissions: typing.Optional[typing.Sequence[builtins.str]] = None,
         tag_restricted_resources: typing.Optional[typing.Sequence[builtins.str]] = None,
         tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
@@ -10270,8 +10279,11 @@ class CfnSecurityProfile(
         :param id: Construct identifier for this resource (unique in its scope).
         :param instance_arn: The identifier of the Amazon Connect instance.
         :param security_profile_name: The name for the security profile.
+        :param allowed_access_control_hierarchy_group_id: The identifier of the hierarchy group that a security profile uses to restrict access to resources in Amazon Connect.
         :param allowed_access_control_tags: The list of tags that a security profile uses to restrict access to resources in Amazon Connect.
+        :param applications: A list of third-party applications that the security profile will give access to.
         :param description: The description of the security profile.
+        :param hierarchy_restricted_resources: The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect. Following are acceptable ResourceNames: ``User`` .
         :param permissions: Permissions assigned to the security profile. For a list of valid permissions, see `List of security profile permissions <https://docs.aws.amazon.com/connect/latest/adminguide/security-profile-list.html>`_ .
         :param tag_restricted_resources: The list of resources that a security profile applies tag restrictions to in Amazon Connect.
         :param tags: The tags used to organize, track, or control access for this resource. For example, { "Tags": {"key1":"value1", "key2":"value2"} }.
@@ -10283,8 +10295,11 @@ class CfnSecurityProfile(
         props = CfnSecurityProfileProps(
             instance_arn=instance_arn,
             security_profile_name=security_profile_name,
+            allowed_access_control_hierarchy_group_id=allowed_access_control_hierarchy_group_id,
             allowed_access_control_tags=allowed_access_control_tags,
+            applications=applications,
             description=description,
+            hierarchy_restricted_resources=hierarchy_restricted_resources,
             permissions=permissions,
             tag_restricted_resources=tag_restricted_resources,
             tags=tags,
@@ -10322,6 +10337,24 @@ class CfnSecurityProfile(
         '''The CloudFormation resource type name for this resource class.'''
         return typing.cast(builtins.str, jsii.sget(cls, "CFN_RESOURCE_TYPE_NAME"))
 
+    @builtins.property
+    @jsii.member(jsii_name="attrLastModifiedRegion")
+    def attr_last_modified_region(self) -> builtins.str:
+        '''The AWS Region where this resource was last modified.
+
+        :cloudformationAttribute: LastModifiedRegion
+        '''
+        return typing.cast(builtins.str, jsii.get(self, "attrLastModifiedRegion"))
+
+    @builtins.property
+    @jsii.member(jsii_name="attrLastModifiedTime")
+    def attr_last_modified_time(self) -> _IResolvable_da3f097b:
+        '''The timestamp when this resource was last modified.
+
+        :cloudformationAttribute: LastModifiedTime
+        '''
+        return typing.cast(_IResolvable_da3f097b, jsii.get(self, "attrLastModifiedTime"))
+
     @builtins.property
     @jsii.member(jsii_name="attrSecurityProfileArn")
     def attr_security_profile_arn(self) -> builtins.str:
@@ -10368,6 +10401,24 @@ class CfnSecurityProfile(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "securityProfileName", value)
 
+    @builtins.property
+    @jsii.member(jsii_name="allowedAccessControlHierarchyGroupId")
+    def allowed_access_control_hierarchy_group_id(
+        self,
+    ) -> typing.Optional[builtins.str]:
+        '''The identifier of the hierarchy group that a security profile uses to restrict access to resources in Amazon Connect.'''
+        return typing.cast(typing.Optional[builtins.str], jsii.get(self, "allowedAccessControlHierarchyGroupId"))
+
+    @allowed_access_control_hierarchy_group_id.setter
+    def allowed_access_control_hierarchy_group_id(
+        self,
+        value: typing.Optional[builtins.str],
+    ) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__8b0f82dacb2707268147290732f6c1267555107e35b8b506a336b00a5f030de1)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "allowedAccessControlHierarchyGroupId", value)
+
     @builtins.property
     @jsii.member(jsii_name="allowedAccessControlTags")
     def allowed_access_control_tags(
@@ -10386,6 +10437,24 @@ class CfnSecurityProfile(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "allowedAccessControlTags", value)
 
+    @builtins.property
+    @jsii.member(jsii_name="applications")
+    def applications(
+        self,
+    ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnSecurityProfile.ApplicationProperty"]]]]:
+        '''A list of third-party applications that the security profile will give access to.'''
+        return typing.cast(typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnSecurityProfile.ApplicationProperty"]]]], jsii.get(self, "applications"))
+
+    @applications.setter
+    def applications(
+        self,
+        value: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnSecurityProfile.ApplicationProperty"]]]],
+    ) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__e31297c3c201035cd5629befaf1f09da3be8968c605549607b25f17835315261)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "applications", value)
+
     @builtins.property
     @jsii.member(jsii_name="description")
     def description(self) -> typing.Optional[builtins.str]:
@@ -10399,6 +10468,24 @@ class CfnSecurityProfile(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "description", value)
 
+    @builtins.property
+    @jsii.member(jsii_name="hierarchyRestrictedResources")
+    def hierarchy_restricted_resources(
+        self,
+    ) -> typing.Optional[typing.List[builtins.str]]:
+        '''The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect.'''
+        return typing.cast(typing.Optional[typing.List[builtins.str]], jsii.get(self, "hierarchyRestrictedResources"))
+
+    @hierarchy_restricted_resources.setter
+    def hierarchy_restricted_resources(
+        self,
+        value: typing.Optional[typing.List[builtins.str]],
+    ) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__22084b5a71b43e42e57329a03ca71f28eb99ce1b07c6cc58e4c267579b7c017d)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "hierarchyRestrictedResources", value)
+
     @builtins.property
     @jsii.member(jsii_name="permissions")
     def permissions(self) -> typing.Optional[typing.List[builtins.str]]:
@@ -10441,6 +10528,84 @@ class CfnSecurityProfile(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "tags", value)
 
+    @jsii.data_type(
+        jsii_type="aws-cdk-lib.aws_connect.CfnSecurityProfile.ApplicationProperty",
+        jsii_struct_bases=[],
+        name_mapping={
+            "application_permissions": "applicationPermissions",
+            "namespace": "namespace",
+        },
+    )
+    class ApplicationProperty:
+        def __init__(
+            self,
+            *,
+            application_permissions: typing.Sequence[builtins.str],
+            namespace: builtins.str,
+        ) -> None:
+            '''This API is in preview release for Amazon Connect and is subject to change.
+
+            A third-party application's metadata.
+
+            :param application_permissions: The permissions that the agent is granted on the application. Only the ``ACCESS`` permission is supported.
+            :param namespace: Namespace of the application that you want to give access to.
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-connect-securityprofile-application.html
+            :exampleMetadata: fixture=_generated
+
+            Example::
+
+                # The code below shows an example of how to instantiate this type.
+                # The values are placeholders you should change.
+                from aws_cdk import aws_connect as connect
+                
+                application_property = connect.CfnSecurityProfile.ApplicationProperty(
+                    application_permissions=["applicationPermissions"],
+                    namespace="namespace"
+                )
+            '''
+            if __debug__:
+                type_hints = typing.get_type_hints(_typecheckingstub__b880e1a466e4d120081a7c103809b59a07385a4cee88474da2f4f00bae13c71a)
+                check_type(argname="argument application_permissions", value=application_permissions, expected_type=type_hints["application_permissions"])
+                check_type(argname="argument namespace", value=namespace, expected_type=type_hints["namespace"])
+            self._values: typing.Dict[builtins.str, typing.Any] = {
+                "application_permissions": application_permissions,
+                "namespace": namespace,
+            }
+
+        @builtins.property
+        def application_permissions(self) -> typing.List[builtins.str]:
+            '''The permissions that the agent is granted on the application.
+
+            Only the ``ACCESS`` permission is supported.
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-connect-securityprofile-application.html#cfn-connect-securityprofile-application-applicationpermissions
+            '''
+            result = self._values.get("application_permissions")
+            assert result is not None, "Required property 'application_permissions' is missing"
+            return typing.cast(typing.List[builtins.str], result)
+
+        @builtins.property
+        def namespace(self) -> builtins.str:
+            '''Namespace of the application that you want to give access to.
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-connect-securityprofile-application.html#cfn-connect-securityprofile-application-namespace
+            '''
+            result = self._values.get("namespace")
+            assert result is not None, "Required property 'namespace' is missing"
+            return typing.cast(builtins.str, result)
+
+        def __eq__(self, rhs: typing.Any) -> builtins.bool:
+            return isinstance(rhs, self.__class__) and rhs._values == self._values
+
+        def __ne__(self, rhs: typing.Any) -> builtins.bool:
+            return not (rhs == self)
+
+        def __repr__(self) -> str:
+            return "ApplicationProperty(%s)" % ", ".join(
+                k + "=" + repr(v) for k, v in self._values.items()
+            )
+
 
 @jsii.data_type(
     jsii_type="aws-cdk-lib.aws_connect.CfnSecurityProfileProps",
@@ -10448,8 +10613,11 @@ class CfnSecurityProfile(
     name_mapping={
         "instance_arn": "instanceArn",
         "security_profile_name": "securityProfileName",
+        "allowed_access_control_hierarchy_group_id": "allowedAccessControlHierarchyGroupId",
         "allowed_access_control_tags": "allowedAccessControlTags",
+        "applications": "applications",
         "description": "description",
+        "hierarchy_restricted_resources": "hierarchyRestrictedResources",
         "permissions": "permissions",
         "tag_restricted_resources": "tagRestrictedResources",
         "tags": "tags",
@@ -10461,8 +10629,11 @@ class CfnSecurityProfileProps:
         *,
         instance_arn: builtins.str,
         security_profile_name: builtins.str,
+        allowed_access_control_hierarchy_group_id: typing.Optional[builtins.str] = None,
         allowed_access_control_tags: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]]]] = None,
+        applications: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[CfnSecurityProfile.ApplicationProperty, typing.Dict[builtins.str, typing.Any]]]]]] = None,
         description: typing.Optional[builtins.str] = None,
+        hierarchy_restricted_resources: typing.Optional[typing.Sequence[builtins.str]] = None,
         permissions: typing.Optional[typing.Sequence[builtins.str]] = None,
         tag_restricted_resources: typing.Optional[typing.Sequence[builtins.str]] = None,
         tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
@@ -10471,8 +10642,11 @@ class CfnSecurityProfileProps:
 
         :param instance_arn: The identifier of the Amazon Connect instance.
         :param security_profile_name: The name for the security profile.
+        :param allowed_access_control_hierarchy_group_id: The identifier of the hierarchy group that a security profile uses to restrict access to resources in Amazon Connect.
         :param allowed_access_control_tags: The list of tags that a security profile uses to restrict access to resources in Amazon Connect.
+        :param applications: A list of third-party applications that the security profile will give access to.
         :param description: The description of the security profile.
+        :param hierarchy_restricted_resources: The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect. Following are acceptable ResourceNames: ``User`` .
         :param permissions: Permissions assigned to the security profile. For a list of valid permissions, see `List of security profile permissions <https://docs.aws.amazon.com/connect/latest/adminguide/security-profile-list.html>`_ .
         :param tag_restricted_resources: The list of resources that a security profile applies tag restrictions to in Amazon Connect.
         :param tags: The tags used to organize, track, or control access for this resource. For example, { "Tags": {"key1":"value1", "key2":"value2"} }.
@@ -10491,11 +10665,17 @@ class CfnSecurityProfileProps:
                 security_profile_name="securityProfileName",
             
                 # the properties below are optional
+                allowed_access_control_hierarchy_group_id="allowedAccessControlHierarchyGroupId",
                 allowed_access_control_tags=[CfnTag(
                     key="key",
                     value="value"
                 )],
+                applications=[connect.CfnSecurityProfile.ApplicationProperty(
+                    application_permissions=["applicationPermissions"],
+                    namespace="namespace"
+                )],
                 description="description",
+                hierarchy_restricted_resources=["hierarchyRestrictedResources"],
                 permissions=["permissions"],
                 tag_restricted_resources=["tagRestrictedResources"],
                 tags=[CfnTag(
@@ -10508,8 +10688,11 @@ class CfnSecurityProfileProps:
             type_hints = typing.get_type_hints(_typecheckingstub__8a8ad9faa5e934c4966c739f0b5e3756a03460ba17b7caf0aca4e26118e04c95)
             check_type(argname="argument instance_arn", value=instance_arn, expected_type=type_hints["instance_arn"])
             check_type(argname="argument security_profile_name", value=security_profile_name, expected_type=type_hints["security_profile_name"])
+            check_type(argname="argument allowed_access_control_hierarchy_group_id", value=allowed_access_control_hierarchy_group_id, expected_type=type_hints["allowed_access_control_hierarchy_group_id"])
             check_type(argname="argument allowed_access_control_tags", value=allowed_access_control_tags, expected_type=type_hints["allowed_access_control_tags"])
+            check_type(argname="argument applications", value=applications, expected_type=type_hints["applications"])
             check_type(argname="argument description", value=description, expected_type=type_hints["description"])
+            check_type(argname="argument hierarchy_restricted_resources", value=hierarchy_restricted_resources, expected_type=type_hints["hierarchy_restricted_resources"])
             check_type(argname="argument permissions", value=permissions, expected_type=type_hints["permissions"])
             check_type(argname="argument tag_restricted_resources", value=tag_restricted_resources, expected_type=type_hints["tag_restricted_resources"])
             check_type(argname="argument tags", value=tags, expected_type=type_hints["tags"])
@@ -10517,10 +10700,16 @@ class CfnSecurityProfileProps:
             "instance_arn": instance_arn,
             "security_profile_name": security_profile_name,
         }
+        if allowed_access_control_hierarchy_group_id is not None:
+            self._values["allowed_access_control_hierarchy_group_id"] = allowed_access_control_hierarchy_group_id
         if allowed_access_control_tags is not None:
             self._values["allowed_access_control_tags"] = allowed_access_control_tags
+        if applications is not None:
+            self._values["applications"] = applications
         if description is not None:
             self._values["description"] = description
+        if hierarchy_restricted_resources is not None:
+            self._values["hierarchy_restricted_resources"] = hierarchy_restricted_resources
         if permissions is not None:
             self._values["permissions"] = permissions
         if tag_restricted_resources is not None:
@@ -10548,6 +10737,17 @@ class CfnSecurityProfileProps:
         assert result is not None, "Required property 'security_profile_name' is missing"
         return typing.cast(builtins.str, result)
 
+    @builtins.property
+    def allowed_access_control_hierarchy_group_id(
+        self,
+    ) -> typing.Optional[builtins.str]:
+        '''The identifier of the hierarchy group that a security profile uses to restrict access to resources in Amazon Connect.
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-connect-securityprofile.html#cfn-connect-securityprofile-allowedaccesscontrolhierarchygroupid
+        '''
+        result = self._values.get("allowed_access_control_hierarchy_group_id")
+        return typing.cast(typing.Optional[builtins.str], result)
+
     @builtins.property
     def allowed_access_control_tags(
         self,
@@ -10559,6 +10759,17 @@ class CfnSecurityProfileProps:
         result = self._values.get("allowed_access_control_tags")
         return typing.cast(typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, _CfnTag_f6864754]]]], result)
 
+    @builtins.property
+    def applications(
+        self,
+    ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, CfnSecurityProfile.ApplicationProperty]]]]:
+        '''A list of third-party applications that the security profile will give access to.
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-connect-securityprofile.html#cfn-connect-securityprofile-applications
+        '''
+        result = self._values.get("applications")
+        return typing.cast(typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, CfnSecurityProfile.ApplicationProperty]]]], result)
+
     @builtins.property
     def description(self) -> typing.Optional[builtins.str]:
         '''The description of the security profile.
@@ -10568,6 +10779,19 @@ class CfnSecurityProfileProps:
         result = self._values.get("description")
         return typing.cast(typing.Optional[builtins.str], result)
 
+    @builtins.property
+    def hierarchy_restricted_resources(
+        self,
+    ) -> typing.Optional[typing.List[builtins.str]]:
+        '''The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect.
+
+        Following are acceptable ResourceNames: ``User`` .
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-connect-securityprofile.html#cfn-connect-securityprofile-hierarchyrestrictedresources
+        '''
+        result = self._values.get("hierarchy_restricted_resources")
+        return typing.cast(typing.Optional[typing.List[builtins.str]], result)
+
     @builtins.property
     def permissions(self) -> typing.Optional[typing.List[builtins.str]]:
         '''Permissions assigned to the security profile.
@@ -15335,8 +15559,11 @@ def _typecheckingstub__3e088a4b4379aab0e18ddc67fbe352d07789383efb957a27db08764dc
     *,
     instance_arn: builtins.str,
     security_profile_name: builtins.str,
+    allowed_access_control_hierarchy_group_id: typing.Optional[builtins.str] = None,
     allowed_access_control_tags: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]]]] = None,
+    applications: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[CfnSecurityProfile.ApplicationProperty, typing.Dict[builtins.str, typing.Any]]]]]] = None,
     description: typing.Optional[builtins.str] = None,
+    hierarchy_restricted_resources: typing.Optional[typing.Sequence[builtins.str]] = None,
     permissions: typing.Optional[typing.Sequence[builtins.str]] = None,
     tag_restricted_resources: typing.Optional[typing.Sequence[builtins.str]] = None,
     tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
@@ -15368,18 +15595,36 @@ def _typecheckingstub__c494cc473b7dcb10d47e5e6898ba1be788ee0a6eeb210dae180c62e7b
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__8b0f82dacb2707268147290732f6c1267555107e35b8b506a336b00a5f030de1(
+    value: typing.Optional[builtins.str],
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__077ab92a2b57c565722ae2a0fff7719378cf0f3194b2c2b620c43393660a0fd5(
     value: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, _CfnTag_f6864754]]]],
 ) -> None:
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__e31297c3c201035cd5629befaf1f09da3be8968c605549607b25f17835315261(
+    value: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, CfnSecurityProfile.ApplicationProperty]]]],
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__590e303d4355b23e0035628d91db2ef4ef87c1c2276e23fdbfacd943d8c73472(
     value: typing.Optional[builtins.str],
 ) -> None:
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__22084b5a71b43e42e57329a03ca71f28eb99ce1b07c6cc58e4c267579b7c017d(
+    value: typing.Optional[typing.List[builtins.str]],
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__6057e31a0dc905719aff4c2ffcf4e2eb667ddbf01175ba8a63d9c849c1d9fc7e(
     value: typing.Optional[typing.List[builtins.str]],
 ) -> None:
@@ -15398,12 +15643,23 @@ def _typecheckingstub__78637aba17fc3177a3492b596a6faf951a63fa4d3e768396f5b976aea
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__b880e1a466e4d120081a7c103809b59a07385a4cee88474da2f4f00bae13c71a(
+    *,
+    application_permissions: typing.Sequence[builtins.str],
+    namespace: builtins.str,
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__8a8ad9faa5e934c4966c739f0b5e3756a03460ba17b7caf0aca4e26118e04c95(
     *,
     instance_arn: builtins.str,
     security_profile_name: builtins.str,
+    allowed_access_control_hierarchy_group_id: typing.Optional[builtins.str] = None,
     allowed_access_control_tags: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]]]] = None,
+    applications: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[CfnSecurityProfile.ApplicationProperty, typing.Dict[builtins.str, typing.Any]]]]]] = None,
     description: typing.Optional[builtins.str] = None,
+    hierarchy_restricted_resources: typing.Optional[typing.Sequence[builtins.str]] = None,
     permissions: typing.Optional[typing.Sequence[builtins.str]] = None,
     tag_restricted_resources: typing.Optional[typing.Sequence[builtins.str]] = None,
     tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,

aws_cdk/aws_controltower/__init__.py

@@ -863,7 +863,7 @@ class CfnLandingZone(
         '''
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
-        :param manifest: The landing zone ``manifest.yaml`` text file that specifies the landing zone configurations.
+        :param manifest: The landing zone manifest JSON text file that specifies the landing zone configurations.
         :param version: The landing zone's current deployed version.
         :param tags: Tags to be applied to the landing zone.
         '''
@@ -966,7 +966,7 @@ class CfnLandingZone(
     @builtins.property
     @jsii.member(jsii_name="manifest")
     def manifest(self) -> typing.Any:
-        '''The landing zone ``manifest.yaml`` text file that specifies the landing zone configurations.'''
+        '''The landing zone manifest JSON text file that specifies the landing zone configurations.'''
         return typing.cast(typing.Any, jsii.get(self, "manifest"))
 
     @manifest.setter
@@ -1018,7 +1018,7 @@ class CfnLandingZoneProps:
     ) -> None:
         '''Properties for defining a ``CfnLandingZone``.
 
-        :param manifest: The landing zone ``manifest.yaml`` text file that specifies the landing zone configurations.
+        :param manifest: The landing zone manifest JSON text file that specifies the landing zone configurations.
         :param version: The landing zone's current deployed version.
         :param tags: Tags to be applied to the landing zone.
 
@@ -1058,7 +1058,7 @@ class CfnLandingZoneProps:
 
     @builtins.property
     def manifest(self) -> typing.Any:
-        '''The landing zone ``manifest.yaml`` text file that specifies the landing zone configurations.
+        '''The landing zone manifest JSON text file that specifies the landing zone configurations.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-controltower-landingzone.html#cfn-controltower-landingzone-manifest
         '''