aws-cdk-lib 2.136.1__py3-none-any.whl → 2.138.0__py3-none-any.whl

aws_cdk/aws_cloudwatch/__init__.py

@@ -959,6 +959,7 @@ from .. import (
     IResolvable as _IResolvable_da3f097b,
     IResource as _IResource_c80c4260,
     ITaggable as _ITaggable_36806126,
+    ITaggableV2 as _ITaggableV2_4e6798f8,
     Resource as _Resource_45bc6135,
     ResourceProps as _ResourceProps_15a65b4e,
     TagManager as _TagManager_0a598cb3,
@@ -1320,7 +1321,7 @@ class AlarmStatusWidgetSortBy(enum.Enum):
     '''
 
 
-@jsii.implements(_IInspectable_c2943556)
+@jsii.implements(_IInspectable_c2943556, _ITaggableV2_4e6798f8)
 class CfnAlarm(
     _CfnResource_9df397a6,
     metaclass=jsii.JSIIMeta,
@@ -1389,6 +1390,10 @@ class CfnAlarm(
             ok_actions=["okActions"],
             period=123,
             statistic="statistic",
+            tags=[CfnTag(
+                key="key",
+                value="value"
+            )],
             threshold=123,
             threshold_metric_id="thresholdMetricId",
             treat_missing_data="treatMissingData",
@@ -1418,6 +1423,7 @@ class CfnAlarm(
         ok_actions: typing.Optional[typing.Sequence[builtins.str]] = None,
         period: typing.Optional[jsii.Number] = None,
         statistic: typing.Optional[builtins.str] = None,
+        tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
         threshold: typing.Optional[jsii.Number] = None,
         threshold_metric_id: typing.Optional[builtins.str] = None,
         treat_missing_data: typing.Optional[builtins.str] = None,
@@ -1443,6 +1449,7 @@ class CfnAlarm(
         :param ok_actions: The actions to execute when this alarm transitions to the ``OK`` state from any other state. Each action is specified as an Amazon Resource Name (ARN).
         :param period: The period, in seconds, over which the statistic is applied. This is required for an alarm based on a metric. Valid values are 10, 30, 60, and any multiple of 60. For an alarm based on a math expression, you can't specify ``Period`` , and instead you use the ``Metrics`` parameter. *Minimum:* 10
         :param statistic: The statistic for the metric associated with the alarm, other than percentile. For percentile statistics, use ``ExtendedStatistic`` . For an alarm based on a metric, you must specify either ``Statistic`` or ``ExtendedStatistic`` but not both. For an alarm based on a math expression, you can't specify ``Statistic`` . Instead, you use ``Metrics`` .
+        :param tags: A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the ``cloudwatch:TagResource`` permission. Tags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.
         :param threshold: The value to compare with the specified statistic.
         :param threshold_metric_id: In an alarm based on an anomaly detection model, this is the ID of the ``ANOMALY_DETECTION_BAND`` function used as the threshold for the alarm.
         :param treat_missing_data: Sets how this alarm is to handle missing data points. Valid values are ``breaching`` , ``notBreaching`` , ``ignore`` , and ``missing`` . For more information, see `Configuring How CloudWatch Alarms Treat Missing Data <https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarms-and-missing-data>`_ in the *Amazon CloudWatch User Guide* . If you omit this parameter, the default behavior of ``missing`` is used.
@@ -1470,6 +1477,7 @@ class CfnAlarm(
             ok_actions=ok_actions,
             period=period,
             statistic=statistic,
+            tags=tags,
             threshold=threshold,
             threshold_metric_id=threshold_metric_id,
             treat_missing_data=treat_missing_data,
@@ -1517,6 +1525,12 @@ class CfnAlarm(
         '''
         return typing.cast(builtins.str, jsii.get(self, "attrArn"))
 
+    @builtins.property
+    @jsii.member(jsii_name="cdkTagManager")
+    def cdk_tag_manager(self) -> _TagManager_0a598cb3:
+        '''Tag Manager which manages the tags for this resource.'''
+        return typing.cast(_TagManager_0a598cb3, jsii.get(self, "cdkTagManager"))
+
     @builtins.property
     @jsii.member(jsii_name="cfnProperties")
     def _cfn_properties(self) -> typing.Mapping[builtins.str, typing.Any]:
@@ -1770,6 +1784,19 @@ class CfnAlarm(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "statistic", value)
 
+    @builtins.property
+    @jsii.member(jsii_name="tags")
+    def tags(self) -> typing.Optional[typing.List[_CfnTag_f6864754]]:
+        '''A list of key-value pairs to associate with the alarm.'''
+        return typing.cast(typing.Optional[typing.List[_CfnTag_f6864754]], jsii.get(self, "tags"))
+
+    @tags.setter
+    def tags(self, value: typing.Optional[typing.List[_CfnTag_f6864754]]) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__895712e62b896ed30b8848bddfdb970fd334934c19393e2eb8ad06392ecf8af9)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "tags", value)
+
     @builtins.property
     @jsii.member(jsii_name="threshold")
     def threshold(self) -> typing.Optional[jsii.Number]:
@@ -2337,6 +2364,7 @@ class CfnAlarm(
         "ok_actions": "okActions",
         "period": "period",
         "statistic": "statistic",
+        "tags": "tags",
         "threshold": "threshold",
         "threshold_metric_id": "thresholdMetricId",
         "treat_missing_data": "treatMissingData",
@@ -2364,6 +2392,7 @@ class CfnAlarmProps:
         ok_actions: typing.Optional[typing.Sequence[builtins.str]] = None,
         period: typing.Optional[jsii.Number] = None,
         statistic: typing.Optional[builtins.str] = None,
+        tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
         threshold: typing.Optional[jsii.Number] = None,
         threshold_metric_id: typing.Optional[builtins.str] = None,
         treat_missing_data: typing.Optional[builtins.str] = None,
@@ -2388,6 +2417,7 @@ class CfnAlarmProps:
         :param ok_actions: The actions to execute when this alarm transitions to the ``OK`` state from any other state. Each action is specified as an Amazon Resource Name (ARN).
         :param period: The period, in seconds, over which the statistic is applied. This is required for an alarm based on a metric. Valid values are 10, 30, 60, and any multiple of 60. For an alarm based on a math expression, you can't specify ``Period`` , and instead you use the ``Metrics`` parameter. *Minimum:* 10
         :param statistic: The statistic for the metric associated with the alarm, other than percentile. For percentile statistics, use ``ExtendedStatistic`` . For an alarm based on a metric, you must specify either ``Statistic`` or ``ExtendedStatistic`` but not both. For an alarm based on a math expression, you can't specify ``Statistic`` . Instead, you use ``Metrics`` .
+        :param tags: A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the ``cloudwatch:TagResource`` permission. Tags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.
         :param threshold: The value to compare with the specified statistic.
         :param threshold_metric_id: In an alarm based on an anomaly detection model, this is the ID of the ``ANOMALY_DETECTION_BAND`` function used as the threshold for the alarm.
         :param treat_missing_data: Sets how this alarm is to handle missing data points. Valid values are ``breaching`` , ``notBreaching`` , ``ignore`` , and ``missing`` . For more information, see `Configuring How CloudWatch Alarms Treat Missing Data <https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarms-and-missing-data>`_ in the *Amazon CloudWatch User Guide* . If you omit this parameter, the default behavior of ``missing`` is used.
@@ -2449,6 +2479,10 @@ class CfnAlarmProps:
                 ok_actions=["okActions"],
                 period=123,
                 statistic="statistic",
+                tags=[CfnTag(
+                    key="key",
+                    value="value"
+                )],
                 threshold=123,
                 threshold_metric_id="thresholdMetricId",
                 treat_missing_data="treatMissingData",
@@ -2474,6 +2508,7 @@ class CfnAlarmProps:
             check_type(argname="argument ok_actions", value=ok_actions, expected_type=type_hints["ok_actions"])
             check_type(argname="argument period", value=period, expected_type=type_hints["period"])
             check_type(argname="argument statistic", value=statistic, expected_type=type_hints["statistic"])
+            check_type(argname="argument tags", value=tags, expected_type=type_hints["tags"])
             check_type(argname="argument threshold", value=threshold, expected_type=type_hints["threshold"])
             check_type(argname="argument threshold_metric_id", value=threshold_metric_id, expected_type=type_hints["threshold_metric_id"])
             check_type(argname="argument treat_missing_data", value=treat_missing_data, expected_type=type_hints["treat_missing_data"])
@@ -2512,6 +2547,8 @@ class CfnAlarmProps:
             self._values["period"] = period
         if statistic is not None:
             self._values["statistic"] = statistic
+        if tags is not None:
+            self._values["tags"] = tags
         if threshold is not None:
             self._values["threshold"] = threshold
         if threshold_metric_id is not None:
@@ -2735,6 +2772,19 @@ class CfnAlarmProps:
         result = self._values.get("statistic")
         return typing.cast(typing.Optional[builtins.str], result)
 
+    @builtins.property
+    def tags(self) -> typing.Optional[typing.List[_CfnTag_f6864754]]:
+        '''A list of key-value pairs to associate with the alarm.
+
+        You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the ``cloudwatch:TagResource`` permission.
+
+        Tags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudwatch-alarm.html#cfn-cloudwatch-alarm-tags
+        '''
+        result = self._values.get("tags")
+        return typing.cast(typing.Optional[typing.List[_CfnTag_f6864754]], result)
+
     @builtins.property
     def threshold(self) -> typing.Optional[jsii.Number]:
         '''The value to compare with the specified statistic.
@@ -3846,7 +3896,7 @@ class CfnAnomalyDetector(
 
             If you have enabled unified cross-account observability, and this account is a monitoring account, the metric can be in the same account or a source account.
 
-            :param account_id: 
+            :param account_id: If the CloudWatch metric that provides the time series that the anomaly detector uses as input is in another account, specify that account ID here. If you omit this parameter, the current account is used.
             :param dimensions: The metric dimensions to create the anomaly detection model for.
             :param metric_name: The name of the metric to create the anomaly detection model for.
             :param namespace: The namespace of the metric to create the anomaly detection model for.
@@ -3893,7 +3943,10 @@ class CfnAnomalyDetector(
 
         @builtins.property
         def account_id(self) -> typing.Optional[builtins.str]:
-            '''
+            '''If the CloudWatch metric that provides the time series that the anomaly detector uses as input is in another account, specify that account ID here.
+
+            If you omit this parameter, the current account is used.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudwatch-anomalydetector-singlemetricanomalydetector.html#cfn-cloudwatch-anomalydetector-singlemetricanomalydetector-accountid
             '''
             result = self._values.get("account_id")
@@ -4159,7 +4212,7 @@ class CfnAnomalyDetectorProps:
         )
 
 
-@jsii.implements(_IInspectable_c2943556)
+@jsii.implements(_IInspectable_c2943556, _ITaggableV2_4e6798f8)
 class CfnCompositeAlarm(
     _CfnResource_9df397a6,
     metaclass=jsii.JSIIMeta,
@@ -4173,8 +4226,6 @@ class CfnCompositeAlarm(
 
     Using composite alarms can reduce alarm noise. You can create multiple metric alarms, and also create a composite alarm and set up alerts only for the composite alarm. For example, you could create a composite alarm that goes into ALARM state only when more than one of the underlying metric alarms are in ALARM state.
 
-    Currently, the only alarm actions that can be taken by composite alarms are notifying SNS topics.
-
     When this operation creates an alarm, the alarm state is immediately set to INSUFFICIENT_DATA. The alarm is then evaluated and its state is set appropriately. Any actions associated with the new state are then executed. For a composite alarm, this initial time after creation is the only time that the alarm can be in INSUFFICIENT_DATA state.
 
     When you update an existing alarm, its state is left unchanged, but the update completely overwrites the previous configuration of the alarm.
@@ -4201,7 +4252,11 @@ class CfnCompositeAlarm(
             alarm_description="alarmDescription",
             alarm_name="alarmName",
             insufficient_data_actions=["insufficientDataActions"],
-            ok_actions=["okActions"]
+            ok_actions=["okActions"],
+            tags=[CfnTag(
+                key="key",
+                value="value"
+            )]
         )
     '''
 
@@ -4220,6 +4275,7 @@ class CfnCompositeAlarm(
         alarm_name: typing.Optional[builtins.str] = None,
         insufficient_data_actions: typing.Optional[typing.Sequence[builtins.str]] = None,
         ok_actions: typing.Optional[typing.Sequence[builtins.str]] = None,
+        tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
     ) -> None:
         '''
         :param scope: Scope in which this resource is defined.
@@ -4234,6 +4290,7 @@ class CfnCompositeAlarm(
         :param alarm_name: The name for the composite alarm. This name must be unique within your AWS account.
         :param insufficient_data_actions: The actions to execute when this alarm transitions to the INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see `PutCompositeAlarm <https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html>`_ in the *Amazon CloudWatch API Reference* .
         :param ok_actions: The actions to execute when this alarm transitions to the OK state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see `PutCompositeAlarm <https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html>`_ in the *Amazon CloudWatch API Reference* .
+        :param tags: A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the ``cloudwatch:TagResource`` permission. Tags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__5c24d10326e3cd470724ecbde5d50ff23fdf44dc88f809d9a181a5cd867e5cf3)
@@ -4250,6 +4307,7 @@ class CfnCompositeAlarm(
             alarm_name=alarm_name,
             insufficient_data_actions=insufficient_data_actions,
             ok_actions=ok_actions,
+            tags=tags,
         )
 
         jsii.create(self.__class__, self, [scope, id, props])
@@ -4293,6 +4351,12 @@ class CfnCompositeAlarm(
         '''
         return typing.cast(builtins.str, jsii.get(self, "attrArn"))
 
+    @builtins.property
+    @jsii.member(jsii_name="cdkTagManager")
+    def cdk_tag_manager(self) -> _TagManager_0a598cb3:
+        '''Tag Manager which manages the tags for this resource.'''
+        return typing.cast(_TagManager_0a598cb3, jsii.get(self, "cdkTagManager"))
+
     @builtins.property
     @jsii.member(jsii_name="cfnProperties")
     def _cfn_properties(self) -> typing.Mapping[builtins.str, typing.Any]:
@@ -4442,6 +4506,19 @@ class CfnCompositeAlarm(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "okActions", value)
 
+    @builtins.property
+    @jsii.member(jsii_name="tags")
+    def tags(self) -> typing.Optional[typing.List[_CfnTag_f6864754]]:
+        '''A list of key-value pairs to associate with the alarm.'''
+        return typing.cast(typing.Optional[typing.List[_CfnTag_f6864754]], jsii.get(self, "tags"))
+
+    @tags.setter
+    def tags(self, value: typing.Optional[typing.List[_CfnTag_f6864754]]) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__457680b612885bf2c4b88aebcb2510b437690fdf7d6235bf00d83846c1ee3452)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "tags", value)
+
 
 @jsii.data_type(
     jsii_type="aws-cdk-lib.aws_cloudwatch.CfnCompositeAlarmProps",
@@ -4457,6 +4534,7 @@ class CfnCompositeAlarm(
         "alarm_name": "alarmName",
         "insufficient_data_actions": "insufficientDataActions",
         "ok_actions": "okActions",
+        "tags": "tags",
     },
 )
 class CfnCompositeAlarmProps:
@@ -4473,6 +4551,7 @@ class CfnCompositeAlarmProps:
         alarm_name: typing.Optional[builtins.str] = None,
         insufficient_data_actions: typing.Optional[typing.Sequence[builtins.str]] = None,
         ok_actions: typing.Optional[typing.Sequence[builtins.str]] = None,
+        tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
     ) -> None:
         '''Properties for defining a ``CfnCompositeAlarm``.
 
@@ -4486,6 +4565,7 @@ class CfnCompositeAlarmProps:
         :param alarm_name: The name for the composite alarm. This name must be unique within your AWS account.
         :param insufficient_data_actions: The actions to execute when this alarm transitions to the INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see `PutCompositeAlarm <https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html>`_ in the *Amazon CloudWatch API Reference* .
         :param ok_actions: The actions to execute when this alarm transitions to the OK state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see `PutCompositeAlarm <https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html>`_ in the *Amazon CloudWatch API Reference* .
+        :param tags: A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the ``cloudwatch:TagResource`` permission. Tags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudwatch-compositealarm.html
         :exampleMetadata: fixture=_generated
@@ -4508,7 +4588,11 @@ class CfnCompositeAlarmProps:
                 alarm_description="alarmDescription",
                 alarm_name="alarmName",
                 insufficient_data_actions=["insufficientDataActions"],
-                ok_actions=["okActions"]
+                ok_actions=["okActions"],
+                tags=[CfnTag(
+                    key="key",
+                    value="value"
+                )]
             )
         '''
         if __debug__:
@@ -4523,6 +4607,7 @@ class CfnCompositeAlarmProps:
             check_type(argname="argument alarm_name", value=alarm_name, expected_type=type_hints["alarm_name"])
             check_type(argname="argument insufficient_data_actions", value=insufficient_data_actions, expected_type=type_hints["insufficient_data_actions"])
             check_type(argname="argument ok_actions", value=ok_actions, expected_type=type_hints["ok_actions"])
+            check_type(argname="argument tags", value=tags, expected_type=type_hints["tags"])
         self._values: typing.Dict[builtins.str, typing.Any] = {
             "alarm_rule": alarm_rule,
         }
@@ -4544,6 +4629,8 @@ class CfnCompositeAlarmProps:
             self._values["insufficient_data_actions"] = insufficient_data_actions
         if ok_actions is not None:
             self._values["ok_actions"] = ok_actions
+        if tags is not None:
+            self._values["tags"] = tags
 
     @builtins.property
     def alarm_rule(self) -> builtins.str:
@@ -4676,6 +4763,19 @@ class CfnCompositeAlarmProps:
         result = self._values.get("ok_actions")
         return typing.cast(typing.Optional[typing.List[builtins.str]], result)
 
+    @builtins.property
+    def tags(self) -> typing.Optional[typing.List[_CfnTag_f6864754]]:
+        '''A list of key-value pairs to associate with the alarm.
+
+        You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the ``cloudwatch:TagResource`` permission.
+
+        Tags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudwatch-compositealarm.html#cfn-cloudwatch-compositealarm-tags
+        '''
+        result = self._values.get("tags")
+        return typing.cast(typing.Optional[typing.List[_CfnTag_f6864754]], result)
+
     def __eq__(self, rhs: typing.Any) -> builtins.bool:
         return isinstance(rhs, self.__class__) and rhs._values == self._values
 
@@ -14821,6 +14921,7 @@ def _typecheckingstub__5adc477b9cef758736625389f1a51dec08eb7b348be35f42b0e37d6d4
     ok_actions: typing.Optional[typing.Sequence[builtins.str]] = None,
     period: typing.Optional[jsii.Number] = None,
     statistic: typing.Optional[builtins.str] = None,
+    tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
     threshold: typing.Optional[jsii.Number] = None,
     threshold_metric_id: typing.Optional[builtins.str] = None,
     treat_missing_data: typing.Optional[builtins.str] = None,
@@ -14943,6 +15044,12 @@ def _typecheckingstub__233ab7996f3717f1bae1d0b9c6063cfa83de67875ac91777906dbd686
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__895712e62b896ed30b8848bddfdb970fd334934c19393e2eb8ad06392ecf8af9(
+    value: typing.Optional[typing.List[_CfnTag_f6864754]],
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__5fbcb41a59e8a1cba566cf0b26b3129b32d1bb58de6d5fcb5045e9d2ddf908de(
     value: typing.Optional[jsii.Number],
 ) -> None:
@@ -15026,6 +15133,7 @@ def _typecheckingstub__bc643fb1b5f1f1f0e0d9896a5988171163c1f79adc28d1e921bdf85f1
     ok_actions: typing.Optional[typing.Sequence[builtins.str]] = None,
     period: typing.Optional[jsii.Number] = None,
     statistic: typing.Optional[builtins.str] = None,
+    tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
     threshold: typing.Optional[jsii.Number] = None,
     threshold_metric_id: typing.Optional[builtins.str] = None,
     treat_missing_data: typing.Optional[builtins.str] = None,
@@ -15204,6 +15312,7 @@ def _typecheckingstub__5c24d10326e3cd470724ecbde5d50ff23fdf44dc88f809d9a181a5cd8
     alarm_name: typing.Optional[builtins.str] = None,
     insufficient_data_actions: typing.Optional[typing.Sequence[builtins.str]] = None,
     ok_actions: typing.Optional[typing.Sequence[builtins.str]] = None,
+    tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
 ) -> None:
     """Type checking stubs"""
     pass
@@ -15280,6 +15389,12 @@ def _typecheckingstub__f061adaf1332cbeeb6cedda66357d6a65aea2023583d23de2ed9b9c19
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__457680b612885bf2c4b88aebcb2510b437690fdf7d6235bf00d83846c1ee3452(
+    value: typing.Optional[typing.List[_CfnTag_f6864754]],
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__f61e2b790710dde8e1d3a57752c99da295b632afeb42e0870113583f0277be2c(
     *,
     alarm_rule: builtins.str,
@@ -15292,6 +15407,7 @@ def _typecheckingstub__f61e2b790710dde8e1d3a57752c99da295b632afeb42e0870113583f0
     alarm_name: typing.Optional[builtins.str] = None,
     insufficient_data_actions: typing.Optional[typing.Sequence[builtins.str]] = None,
     ok_actions: typing.Optional[typing.Sequence[builtins.str]] = None,
+    tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
 ) -> None:
     """Type checking stubs"""
     pass

aws_cdk/aws_codebuild/__init__.py

@@ -3597,7 +3597,7 @@ class CfnProject(
         ) -> None:
             '''``Environment`` is a property of the `AWS::CodeBuild::Project <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html>`_ resource that specifies the environment for an AWS CodeBuild project.
 
-            :param compute_type: The type of compute environment. This determines the number of CPU cores and memory the build environment uses. Available values include: - ``BUILD_GENERAL1_SMALL`` : Use up to 3 GB memory and 2 vCPUs for builds. - ``BUILD_GENERAL1_MEDIUM`` : Use up to 7 GB memory and 4 vCPUs for builds. - ``BUILD_GENERAL1_LARGE`` : Use up to 15 GB memory and 8 vCPUs for builds. For more information, see `Build Environment Compute Types <https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html>`_ in the *AWS CodeBuild User Guide.*
+            :param compute_type: The type of compute environment. This determines the number of CPU cores and memory the build environment uses. Available values include: - ``BUILD_GENERAL1_SMALL`` : Use up to 3 GB memory and 2 vCPUs for builds. - ``BUILD_GENERAL1_MEDIUM`` : Use up to 7 GB memory and 4 vCPUs for builds. - ``BUILD_GENERAL1_LARGE`` : Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type. - ``BUILD_GENERAL1_XLARGE`` : Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type. - ``BUILD_GENERAL1_2XLARGE`` : Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. - ``BUILD_LAMBDA_1GB`` : Use up to 1 GB memory for builds. Only available for environment type ``LINUX_LAMBDA_CONTAINER`` and ``ARM_LAMBDA_CONTAINER`` . - ``BUILD_LAMBDA_2GB`` : Use up to 2 GB memory for builds. Only available for environment type ``LINUX_LAMBDA_CONTAINER`` and ``ARM_LAMBDA_CONTAINER`` . - ``BUILD_LAMBDA_4GB`` : Use up to 4 GB memory for builds. Only available for environment type ``LINUX_LAMBDA_CONTAINER`` and ``ARM_LAMBDA_CONTAINER`` . - ``BUILD_LAMBDA_8GB`` : Use up to 8 GB memory for builds. Only available for environment type ``LINUX_LAMBDA_CONTAINER`` and ``ARM_LAMBDA_CONTAINER`` . - ``BUILD_LAMBDA_10GB`` : Use up to 10 GB memory for builds. Only available for environment type ``LINUX_LAMBDA_CONTAINER`` and ``ARM_LAMBDA_CONTAINER`` . For more information, see `Build Environment Compute Types <https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html>`_ in the *AWS CodeBuild User Guide.*
             :param image: The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats: - For an image tag: ``<registry>/<repository>:<tag>`` . For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be ``aws/codebuild/standard:4.0`` . - For an image digest: ``<registry>/<repository>@<digest>`` . For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use ``<registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf`` . For more information, see `Docker images provided by CodeBuild <https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-available.html>`_ in the *AWS CodeBuild user guide* .
             :param type: The type of build environment to use for related builds. - The environment type ``ARM_CONTAINER`` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt). - The environment type ``LINUX_CONTAINER`` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia). - The environment type ``LINUX_GPU_CONTAINER`` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia). - The environment types ``ARM_LAMBDA_CONTAINER`` and ``LINUX_LAMBDA_CONTAINER`` are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo). - The environment types ``WINDOWS_CONTAINER`` and ``WINDOWS_SERVER_2019_CONTAINER`` are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland). .. epigraph:: If you're using compute fleets during project creation, ``type`` will be ignored. For more information, see `Build environment compute types <https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html>`_ in the *AWS CodeBuild user guide* .
             :param certificate: The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see `certificate <https://docs.aws.amazon.com/codebuild/latest/userguide/create-project-cli.html#cli.environment.certificate>`_ in the *AWS CodeBuild User Guide* .
@@ -3678,7 +3678,14 @@ class CfnProject(
 
             - ``BUILD_GENERAL1_SMALL`` : Use up to 3 GB memory and 2 vCPUs for builds.
             - ``BUILD_GENERAL1_MEDIUM`` : Use up to 7 GB memory and 4 vCPUs for builds.
-            - ``BUILD_GENERAL1_LARGE`` : Use up to 15 GB memory and 8 vCPUs for builds.
+            - ``BUILD_GENERAL1_LARGE`` : Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type.
+            - ``BUILD_GENERAL1_XLARGE`` : Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type.
+            - ``BUILD_GENERAL1_2XLARGE`` : Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.
+            - ``BUILD_LAMBDA_1GB`` : Use up to 1 GB memory for builds. Only available for environment type ``LINUX_LAMBDA_CONTAINER`` and ``ARM_LAMBDA_CONTAINER`` .
+            - ``BUILD_LAMBDA_2GB`` : Use up to 2 GB memory for builds. Only available for environment type ``LINUX_LAMBDA_CONTAINER`` and ``ARM_LAMBDA_CONTAINER`` .
+            - ``BUILD_LAMBDA_4GB`` : Use up to 4 GB memory for builds. Only available for environment type ``LINUX_LAMBDA_CONTAINER`` and ``ARM_LAMBDA_CONTAINER`` .
+            - ``BUILD_LAMBDA_8GB`` : Use up to 8 GB memory for builds. Only available for environment type ``LINUX_LAMBDA_CONTAINER`` and ``ARM_LAMBDA_CONTAINER`` .
+            - ``BUILD_LAMBDA_10GB`` : Use up to 10 GB memory for builds. Only available for environment type ``LINUX_LAMBDA_CONTAINER`` and ``ARM_LAMBDA_CONTAINER`` .
 
             For more information, see `Build Environment Compute Types <https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html>`_ in the *AWS CodeBuild User Guide.*
 
@@ -5008,7 +5015,7 @@ class CfnProject(
             :param git_clone_depth: The depth of history to download. Minimum value is 0. If this value is 0, greater than 25, or not provided, then the full history is downloaded with each build project. If your source type is Amazon S3, this value is not supported.
             :param git_submodules_config: Information about the Git submodules configuration for the build project.
             :param insecure_ssl: This is used with GitHub Enterprise only. Set to true to ignore SSL warnings while connecting to your GitHub Enterprise project repository. The default value is ``false`` . ``InsecureSsl`` should be used for testing purposes only. It should not be used in a production environment.
-            :param location: Information about the location of the source code to be built. Valid values include:. - For source code settings that are specified in the source action of a pipeline in CodePipeline, ``location`` should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. - For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, ``https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>`` ). - For source code in an Amazon S3 input bucket, one of the following. - The path to the ZIP file that contains the source code (for example, ``<bucket-name>/<path>/<object-name>.zip`` ). - The path to the folder that contains the source code (for example, ``<bucket-name>/<path-to-source-code>/<folder>/`` ). - For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitHub account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub *Authorize application* page, for *Organization access* , choose *Request access* next to each repository you want to allow AWS CodeBuild to have access to, and then choose *Authorize application* . (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the ``source`` object, set the ``auth`` object's ``type`` value to ``OAUTH`` . - For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitLab account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections *Authorize application* page, choose *Authorize* . Then on the AWS CodeStar Connections *Create GitLab connection* page, choose *Connect to GitLab* . (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to override the default connection and use this connection instead, set the ``auth`` object's ``type`` value to ``CODECONNECTIONS`` in the ``source`` object. - For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your Bitbucket account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket *Confirm access to your account* page, choose *Grant access* . (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the ``source`` object, set the ``auth`` object's ``type`` value to ``OAUTH`` . If you specify ``CODEPIPELINE`` for the ``Type`` property, don't specify this property. For all of the other types, you must specify ``Location`` .
+            :param location: Information about the location of the source code to be built. Valid values include:. - For source code settings that are specified in the source action of a pipeline in CodePipeline, ``location`` should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. - For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, ``https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>`` ). - For source code in an Amazon S3 input bucket, one of the following. - The path to the ZIP file that contains the source code (for example, ``<bucket-name>/<path>/<object-name>.zip`` ). - The path to the folder that contains the source code (for example, ``<bucket-name>/<path-to-source-code>/<folder>/`` ). - For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitHub account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub *Authorize application* page, for *Organization access* , choose *Request access* next to each repository you want to allow AWS CodeBuild to have access to, and then choose *Authorize application* . (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the ``source`` object, set the ``auth`` object's ``type`` value to ``OAUTH`` . - For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitLab account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections *Authorize application* page, choose *Authorize* . Then on the AWS CodeConnections *Create GitLab connection* page, choose *Connect to GitLab* . (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to override the default connection and use this connection instead, set the ``auth`` object's ``type`` value to ``CODECONNECTIONS`` in the ``source`` object. - For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your Bitbucket account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket *Confirm access to your account* page, choose *Grant access* . (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the ``source`` object, set the ``auth`` object's ``type`` value to ``OAUTH`` . If you specify ``CODEPIPELINE`` for the ``Type`` property, don't specify this property. For all of the other types, you must specify ``Location`` .
             :param report_build_status: Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, or Bitbucket. If this is set and you use a different source provider, an ``invalidInputException`` is thrown.
             :param source_identifier: An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
 
@@ -5182,7 +5189,7 @@ class CfnProject(
             - The path to the ZIP file that contains the source code (for example, ``<bucket-name>/<path>/<object-name>.zip`` ).
             - The path to the folder that contains the source code (for example, ``<bucket-name>/<path-to-source-code>/<folder>/`` ).
             - For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitHub account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub *Authorize application* page, for *Organization access* , choose *Request access* next to each repository you want to allow AWS CodeBuild to have access to, and then choose *Authorize application* . (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the ``source`` object, set the ``auth`` object's ``type`` value to ``OAUTH`` .
-            - For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitLab account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections *Authorize application* page, choose *Authorize* . Then on the AWS CodeStar Connections *Create GitLab connection* page, choose *Connect to GitLab* . (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to override the default connection and use this connection instead, set the ``auth`` object's ``type`` value to ``CODECONNECTIONS`` in the ``source`` object.
+            - For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitLab account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections *Authorize application* page, choose *Authorize* . Then on the AWS CodeConnections *Create GitLab connection* page, choose *Connect to GitLab* . (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to override the default connection and use this connection instead, set the ``auth`` object's ``type`` value to ``CODECONNECTIONS`` in the ``source`` object.
             - For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your Bitbucket account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket *Confirm access to your account* page, choose *Grant access* . (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the ``source`` object, set the ``auth`` object's ``type`` value to ``OAUTH`` .
 
             If you specify ``CODEPIPELINE`` for the ``Type`` property, don't specify this property. For all of the other types, you must specify ``Location`` .
@@ -5344,7 +5351,7 @@ class CfnProject(
                The Webhook feature isn't available in AWS CloudFormation for GitHub Enterprise projects. Use the AWS CLI or AWS CodeBuild console to create the webhook.
 
             :param pattern: For a ``WebHookFilter`` that uses ``EVENT`` type, a comma-separated string that specifies one or more events. For example, the webhook filter ``PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED`` allows all push, pull request created, and pull request updated events to trigger a build. For a ``WebHookFilter`` that uses any of the other filter types, a regular expression pattern. For example, a ``WebHookFilter`` that uses ``HEAD_REF`` for its ``type`` and the pattern ``^refs/heads/`` triggers a build when the head reference is a branch with a reference name ``refs/heads/branch-name`` .
-            :param type: The type of webhook filter. There are eight webhook filter types: ``EVENT`` , ``ACTOR_ACCOUNT_ID`` , ``HEAD_REF`` , ``BASE_REF`` , ``FILE_PATH`` , ``COMMIT_MESSAGE`` , ``TAG_NAME`` , and ``RELEASE_NAME`` . - EVENT - A webhook event triggers a build when the provided ``pattern`` matches one of eight event types: ``PUSH`` , ``PULL_REQUEST_CREATED`` , ``PULL_REQUEST_UPDATED`` , ``PULL_REQUEST_CLOSED`` , ``PULL_REQUEST_REOPENED`` , ``PULL_REQUEST_MERGED`` , ``RELEASED`` , and ``PRERELEASED`` . The ``EVENT`` patterns are specified as a comma-separated string. For example, ``PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED`` filters all push, pull request created, and pull request updated events. .. epigraph:: The ``PULL_REQUEST_REOPENED`` works with GitHub and GitHub Enterprise only. The ``RELEASED`` and ``PRERELEASED`` work with GitHub only. - ACTOR_ACCOUNT_ID - A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression ``pattern`` . - HEAD_REF - A webhook event triggers a build when the head reference matches the regular expression ``pattern`` . For example, ``refs/heads/branch-name`` and ``refs/tags/tag-name`` . .. epigraph:: Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events. - BASE_REF - A webhook event triggers a build when the base reference matches the regular expression ``pattern`` . For example, ``refs/heads/branch-name`` . .. epigraph:: Works with pull request events only. - FILE_PATH - A webhook triggers a build when the path of a changed file matches the regular expression ``pattern`` . .. epigraph:: Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events. - COMMIT_MESSAGE - A webhook triggers a build when the head commit message matches the regular expression ``pattern`` . .. epigraph:: Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events. - TAG_NAME - A webhook triggers a build when the tag name of the release matches the regular expression ``pattern`` . .. epigraph:: Works with ``RELEASED`` and ``PRERELEASED`` events only. - RELEASE_NAME - A webhook triggers a build when the release name matches the regular expression ``pattern`` . .. epigraph:: Works with ``RELEASED`` and ``PRERELEASED`` events only.
+            :param type: The type of webhook filter. There are nine webhook filter types: ``EVENT`` , ``ACTOR_ACCOUNT_ID`` , ``HEAD_REF`` , ``BASE_REF`` , ``FILE_PATH`` , ``COMMIT_MESSAGE`` , ``TAG_NAME`` , ``RELEASE_NAME`` , and ``WORKFLOW_NAME`` . - EVENT - A webhook event triggers a build when the provided ``pattern`` matches one of nine event types: ``PUSH`` , ``PULL_REQUEST_CREATED`` , ``PULL_REQUEST_UPDATED`` , ``PULL_REQUEST_CLOSED`` , ``PULL_REQUEST_REOPENED`` , ``PULL_REQUEST_MERGED`` , ``RELEASED`` , ``PRERELEASED`` , and ``WORKFLOW_JOB_QUEUED`` . The ``EVENT`` patterns are specified as a comma-separated string. For example, ``PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED`` filters all push, pull request created, and pull request updated events. .. epigraph:: The ``PULL_REQUEST_REOPENED`` works with GitHub and GitHub Enterprise only. The ``RELEASED`` , ``PRERELEASED`` , and ``WORKFLOW_JOB_QUEUED`` work with GitHub only. - ACTOR_ACCOUNT_ID - A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression ``pattern`` . - HEAD_REF - A webhook event triggers a build when the head reference matches the regular expression ``pattern`` . For example, ``refs/heads/branch-name`` and ``refs/tags/tag-name`` . .. epigraph:: Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events. - BASE_REF - A webhook event triggers a build when the base reference matches the regular expression ``pattern`` . For example, ``refs/heads/branch-name`` . .. epigraph:: Works with pull request events only. - FILE_PATH - A webhook triggers a build when the path of a changed file matches the regular expression ``pattern`` . .. epigraph:: Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events. - COMMIT_MESSAGE - A webhook triggers a build when the head commit message matches the regular expression ``pattern`` . .. epigraph:: Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events. - TAG_NAME - A webhook triggers a build when the tag name of the release matches the regular expression ``pattern`` . .. epigraph:: Works with ``RELEASED`` and ``PRERELEASED`` events only. - RELEASE_NAME - A webhook triggers a build when the release name matches the regular expression ``pattern`` . .. epigraph:: Works with ``RELEASED`` and ``PRERELEASED`` events only. - WORKFLOW_NAME - A webhook triggers a build when the workflow name matches the regular expression ``pattern`` . .. epigraph:: Works with ``WORKFLOW_JOB_QUEUED`` events only.
             :param exclude_matched_pattern: Used to indicate that the ``pattern`` determines which webhook events do not trigger a build. If true, then a webhook event that does not match the ``pattern`` triggers a build. If false, then a webhook event that matches the ``pattern`` triggers a build.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codebuild-project-webhookfilter.html
@@ -5394,14 +5401,14 @@ class CfnProject(
         def type(self) -> builtins.str:
             '''The type of webhook filter.
 
-            There are eight webhook filter types: ``EVENT`` , ``ACTOR_ACCOUNT_ID`` , ``HEAD_REF`` , ``BASE_REF`` , ``FILE_PATH`` , ``COMMIT_MESSAGE`` , ``TAG_NAME`` , and ``RELEASE_NAME`` .
+            There are nine webhook filter types: ``EVENT`` , ``ACTOR_ACCOUNT_ID`` , ``HEAD_REF`` , ``BASE_REF`` , ``FILE_PATH`` , ``COMMIT_MESSAGE`` , ``TAG_NAME`` , ``RELEASE_NAME`` , and ``WORKFLOW_NAME`` .
 
             - EVENT
-            - A webhook event triggers a build when the provided ``pattern`` matches one of eight event types: ``PUSH`` , ``PULL_REQUEST_CREATED`` , ``PULL_REQUEST_UPDATED`` , ``PULL_REQUEST_CLOSED`` , ``PULL_REQUEST_REOPENED`` , ``PULL_REQUEST_MERGED`` , ``RELEASED`` , and ``PRERELEASED`` . The ``EVENT`` patterns are specified as a comma-separated string. For example, ``PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED`` filters all push, pull request created, and pull request updated events.
+            - A webhook event triggers a build when the provided ``pattern`` matches one of nine event types: ``PUSH`` , ``PULL_REQUEST_CREATED`` , ``PULL_REQUEST_UPDATED`` , ``PULL_REQUEST_CLOSED`` , ``PULL_REQUEST_REOPENED`` , ``PULL_REQUEST_MERGED`` , ``RELEASED`` , ``PRERELEASED`` , and ``WORKFLOW_JOB_QUEUED`` . The ``EVENT`` patterns are specified as a comma-separated string. For example, ``PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED`` filters all push, pull request created, and pull request updated events.
 
             .. epigraph::
 
-               The ``PULL_REQUEST_REOPENED`` works with GitHub and GitHub Enterprise only. The ``RELEASED`` and ``PRERELEASED`` work with GitHub only.
+               The ``PULL_REQUEST_REOPENED`` works with GitHub and GitHub Enterprise only. The ``RELEASED`` , ``PRERELEASED`` , and ``WORKFLOW_JOB_QUEUED`` work with GitHub only.
 
             - ACTOR_ACCOUNT_ID
             - A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression ``pattern`` .
@@ -5447,6 +5454,13 @@ class CfnProject(
 
                Works with ``RELEASED`` and ``PRERELEASED`` events only.
 
+            - WORKFLOW_NAME
+            - A webhook triggers a build when the workflow name matches the regular expression ``pattern`` .
+
+            .. epigraph::
+
+               Works with ``WORKFLOW_JOB_QUEUED`` events only.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codebuild-project-webhookfilter.html#cfn-codebuild-project-webhookfilter-type
             '''
             result = self._values.get("type")
@@ -6785,7 +6799,7 @@ class CfnSourceCredential(
         :param id: Construct identifier for this resource (unique in its scope).
         :param auth_type: The type of authentication used by the credentials. Valid options are OAUTH, BASIC_AUTH, PERSONAL_ACCESS_TOKEN, or CODECONNECTIONS.
         :param server_type: The type of source provider. The valid options are GITHUB, GITHUB_ENTERPRISE, GITLAB, GITLAB_SELF_MANAGED, or BITBUCKET.
-        :param token: For GitHub or GitHub Enterprise, this is the personal access token. For Bitbucket, this is the app password.
+        :param token: For GitHub or GitHub Enterprise, this is the personal access token. For Bitbucket, this is either the access token or the app password.
         :param username: The Bitbucket username when the ``authType`` is BASIC_AUTH. This parameter is not valid for other types of source providers or connections.
         '''
         if __debug__:
@@ -6920,7 +6934,7 @@ class CfnSourceCredentialProps:
 
         :param auth_type: The type of authentication used by the credentials. Valid options are OAUTH, BASIC_AUTH, PERSONAL_ACCESS_TOKEN, or CODECONNECTIONS.
         :param server_type: The type of source provider. The valid options are GITHUB, GITHUB_ENTERPRISE, GITLAB, GITLAB_SELF_MANAGED, or BITBUCKET.
-        :param token: For GitHub or GitHub Enterprise, this is the personal access token. For Bitbucket, this is the app password.
+        :param token: For GitHub or GitHub Enterprise, this is the personal access token. For Bitbucket, this is either the access token or the app password.
         :param username: The Bitbucket username when the ``authType`` is BASIC_AUTH. This parameter is not valid for other types of source providers or connections.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-sourcecredential.html
@@ -6983,7 +6997,7 @@ class CfnSourceCredentialProps:
     def token(self) -> builtins.str:
         '''For GitHub or GitHub Enterprise, this is the personal access token.
 
-        For Bitbucket, this is the app password.
+        For Bitbucket, this is either the access token or the app password.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-sourcecredential.html#cfn-codebuild-sourcecredential-token
         '''
@@ -10545,22 +10559,13 @@ class LinuxBuildImage(
     @jsii.python.classproperty
     @jsii.member(jsii_name="AMAZON_LINUX_2_ARM_2")
     def AMAZON_LINUX_2_ARM_2(cls) -> IBuildImage:
-        '''(deprecated) Image "aws/codebuild/amazonlinux2-aarch64-standard:2.0".
-
-        :deprecated: Use LinuxArmBuildImage.AMAZON_LINUX_2_STANDARD_3_0 instead.
-
-        :stability: deprecated
-        '''
+        '''The ``aws/codebuild/amazonlinux2-aarch64-standard:2.0`` build image.'''
         return typing.cast(IBuildImage, jsii.sget(cls, "AMAZON_LINUX_2_ARM_2"))
 
     @jsii.python.classproperty
     @jsii.member(jsii_name="AMAZON_LINUX_2_ARM_3")
     def AMAZON_LINUX_2_ARM_3(cls) -> IBuildImage:
-        '''
-        :deprecated: Use LinuxArmBuildImage.AMAZON_LINUX_2_STANDARD_3_0 instead.
-
-        :stability: deprecated
-        '''
+        '''The ``aws/codebuild/amazonlinux2-aarch64-standard:3.0`` build image.'''
         return typing.cast(IBuildImage, jsii.sget(cls, "AMAZON_LINUX_2_ARM_3"))
 
     @jsii.python.classproperty