PyPI - aws-cdk-lib - Versions diffs - 2.136.1__py3-none-any.whl → 2.138.0__py3-none-any.whl - Mend

aws-cdk-lib 2.136.1py3-none-any.whl → 2.138.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of aws-cdk-lib might be problematic. Click here for more details.

Files changed (61) hide show

aws_cdk/__init__.py +8 -0
aws_cdk/_jsii/__init__.py +1 -1
aws_cdk/_jsii/{aws-cdk-lib@2.136.1.jsii.tgz → aws-cdk-lib@2.138.0.jsii.tgz} +0 -0
aws_cdk/assertions/__init__.py +152 -5
aws_cdk/aws_amplify/__init__.py +29 -113
aws_cdk/aws_appconfig/__init__.py +26 -33
aws_cdk/aws_apprunner/__init__.py +5 -2
aws_cdk/aws_appsync/__init__.py +400 -13
aws_cdk/aws_aps/__init__.py +64 -47
aws_cdk/aws_b2bi/__init__.py +2 -6
aws_cdk/aws_backup/__init__.py +27 -23
aws_cdk/aws_batch/__init__.py +103 -0
aws_cdk/aws_bcmdataexports/__init__.py +1114 -0
aws_cdk/aws_chatbot/__init__.py +6 -4
aws_cdk/aws_cleanrooms/__init__.py +526 -3
aws_cdk/aws_cleanroomsml/__init__.py +960 -0
aws_cdk/aws_cloudfront/__init__.py +196 -15
aws_cdk/aws_cloudtrail/__init__.py +10 -10
aws_cdk/aws_cloudwatch/__init__.py +124 -8
aws_cdk/aws_codebuild/__init__.py +27 -22
aws_cdk/aws_codeconnections/__init__.py +435 -0
aws_cdk/aws_cognito/__init__.py +175 -79
aws_cdk/aws_deadline/__init__.py +5394 -0
aws_cdk/aws_ec2/__init__.py +379 -173
aws_cdk/aws_ecr_assets/__init__.py +3 -4
aws_cdk/aws_ecs/__init__.py +240 -1
aws_cdk/aws_efs/__init__.py +2 -2
aws_cdk/aws_elasticache/__init__.py +86 -32
aws_cdk/aws_elasticloadbalancingv2/__init__.py +275 -5
aws_cdk/aws_emr/__init__.py +2 -2
aws_cdk/aws_entityresolution/__init__.py +1982 -773
aws_cdk/aws_globalaccelerator/__init__.py +443 -0
aws_cdk/aws_iam/__init__.py +24 -40
aws_cdk/aws_internetmonitor/__init__.py +14 -6
aws_cdk/aws_ivs/__init__.py +1273 -71
aws_cdk/aws_kms/__init__.py +8 -13
aws_cdk/aws_mediatailor/__init__.py +41 -0
aws_cdk/aws_personalize/__init__.py +8 -6
aws_cdk/aws_pinpoint/__init__.py +5 -3
aws_cdk/aws_pipes/__init__.py +5 -1
aws_cdk/aws_quicksight/__init__.py +12 -6
aws_cdk/aws_rds/__init__.py +355 -85
aws_cdk/aws_route53/__init__.py +591 -18
aws_cdk/aws_s3_deployment/__init__.py +84 -7
aws_cdk/aws_sagemaker/__init__.py +233 -2
aws_cdk/aws_securityhub/__init__.py +4940 -102
aws_cdk/aws_securitylake/__init__.py +1237 -55
aws_cdk/aws_sns/__init__.py +183 -4
aws_cdk/aws_ssmcontacts/__init__.py +11 -4
aws_cdk/aws_stepfunctions/__init__.py +8 -16
aws_cdk/aws_stepfunctions_tasks/__init__.py +676 -1
aws_cdk/aws_transfer/__init__.py +4 -4
aws_cdk/aws_verifiedpermissions/__init__.py +114 -37
aws_cdk/aws_workspacesthinclient/__init__.py +8 -8
aws_cdk/custom_resources/__init__.py +248 -26
{aws_cdk_lib-2.136.1.dist-info → aws_cdk_lib-2.138.0.dist-info}/METADATA +3 -3
{aws_cdk_lib-2.136.1.dist-info → aws_cdk_lib-2.138.0.dist-info}/RECORD +61 -57
{aws_cdk_lib-2.136.1.dist-info → aws_cdk_lib-2.138.0.dist-info}/LICENSE +0 -0
{aws_cdk_lib-2.136.1.dist-info → aws_cdk_lib-2.138.0.dist-info}/NOTICE +0 -0
{aws_cdk_lib-2.136.1.dist-info → aws_cdk_lib-2.138.0.dist-info}/WHEEL +0 -0
{aws_cdk_lib-2.136.1.dist-info → aws_cdk_lib-2.138.0.dist-info}/top_level.txt +0 -0

aws_cdk/aws_batch/__init__.py CHANGED Viewed

@@ -4241,6 +4241,7 @@ class CfnJobDefinition(
                         requests=requests
                     ),
                     security_context=batch.CfnJobDefinition.SecurityContextProperty(
+                        allow_privilege_escalation=False,
                         privileged=False,
                         read_only_root_filesystem=False,
                         run_as_group=123,
@@ -4554,6 +4555,7 @@ class CfnJobDefinition(
                                 requests=requests
                             ),
                             security_context=batch.CfnJobDefinition.SecurityContextProperty(
+                                allow_privilege_escalation=False,
                                 privileged=False,
                                 read_only_root_filesystem=False,
                                 run_as_group=123,
@@ -4568,6 +4570,9 @@ class CfnJobDefinition(
                         )],
                         dns_policy="dnsPolicy",
                         host_network=False,
+                        image_pull_secrets=[batch.CfnJobDefinition.ImagePullSecretProperty(
+                            name="name"
+                        )],
                         init_containers=[batch.CfnJobDefinition.EksContainerProperty(
                             image="image",
@@ -4587,6 +4592,7 @@ class CfnJobDefinition(
                                 requests=requests
                             ),
                             security_context=batch.CfnJobDefinition.SecurityContextProperty(
+                                allow_privilege_escalation=False,
                                 privileged=False,
                                 read_only_root_filesystem=False,
                                 run_as_group=123,
@@ -5286,6 +5292,56 @@ class CfnJobDefinition(
                 k + "=" + repr(v) for k, v in self._values.items()
             )
+    @jsii.data_type(
+        jsii_type="aws-cdk-lib.aws_batch.CfnJobDefinition.ImagePullSecretProperty",
+        jsii_struct_bases=[],
+        name_mapping={"name": "name"},
+    )
+    class ImagePullSecretProperty:
+        def __init__(self, *, name: builtins.str) -> None:
+            '''
+            :param name:
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-imagepullsecret.html
+            :exampleMetadata: fixture=_generated
+            Example::
+                # The code below shows an example of how to instantiate this type.
+                # The values are placeholders you should change.
+                from aws_cdk import aws_batch as batch
+                image_pull_secret_property = batch.CfnJobDefinition.ImagePullSecretProperty(
+                    name="name"
+                )
+            '''
+            if __debug__:
+                type_hints = typing.get_type_hints(_typecheckingstub__510e7e45fa5176303c62970a1bb0161e95eb0fcd2438671b35f8c5a3c506b95a)
+                check_type(argname="argument name", value=name, expected_type=type_hints["name"])
+            self._values: typing.Dict[builtins.str, typing.Any] = {
+                "name": name,
+            }
+        @builtins.property
+        def name(self) -> builtins.str:
+            '''
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-imagepullsecret.html#cfn-batch-jobdefinition-imagepullsecret-name
+            '''
+            result = self._values.get("name")
+            assert result is not None, "Required property 'name' is missing"
+            return typing.cast(builtins.str, result)
+        def __eq__(self, rhs: typing.Any) -> builtins.bool:
+            return isinstance(rhs, self.__class__) and rhs._values == self._values
+        def __ne__(self, rhs: typing.Any) -> builtins.bool:
+            return not (rhs == self)
+        def __repr__(self) -> str:
+            return "ImagePullSecretProperty(%s)" % ", ".join(
+                k + "=" + repr(v) for k, v in self._values.items()
+            )
     @jsii.data_type(
         jsii_type="aws-cdk-lib.aws_batch.CfnJobDefinition.LinuxParametersProperty",
         jsii_struct_bases=[],
@@ -6453,6 +6509,7 @@ class CfnJobDefinition(
             "containers": "containers",
             "dns_policy": "dnsPolicy",
             "host_network": "hostNetwork",
+            "image_pull_secrets": "imagePullSecrets",
             "init_containers": "initContainers",
             "metadata": "metadata",
             "service_account_name": "serviceAccountName",
@@ -6467,6 +6524,7 @@ class CfnJobDefinition(
             containers: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union["CfnJobDefinition.EksContainerProperty", typing.Dict[builtins.str, typing.Any]]]]]] = None,
             dns_policy: typing.Optional[builtins.str] = None,
             host_network: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
+            image_pull_secrets: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union["CfnJobDefinition.ImagePullSecretProperty", typing.Dict[builtins.str, typing.Any]]]]]] = None,
             init_containers: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union["CfnJobDefinition.EksContainerProperty", typing.Dict[builtins.str, typing.Any]]]]]] = None,
             metadata: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Union["CfnJobDefinition.MetadataProperty", typing.Dict[builtins.str, typing.Any]]]] = None,
             service_account_name: typing.Optional[builtins.str] = None,
@@ -6478,6 +6536,7 @@ class CfnJobDefinition(
             :param containers: The properties of the container that's used on the Amazon EKS pod.
             :param dns_policy: The DNS policy for the pod. The default value is ``ClusterFirst`` . If the ``hostNetwork`` parameter is not specified, the default is ``ClusterFirstWithHostNet`` . ``ClusterFirst`` indicates that any DNS query that does not match the configured cluster domain suffix is forwarded to the upstream nameserver inherited from the node. For more information, see `Pod's DNS policy <https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy>`_ in the *Kubernetes documentation* . Valid values: ``Default`` | ``ClusterFirst`` | ``ClusterFirstWithHostNet``
             :param host_network: Indicates if the pod uses the hosts' network IP address. The default value is ``true`` . Setting this to ``false`` enables the Kubernetes pod networking model. Most AWS Batch workloads are egress-only and don't require the overhead of IP allocation for each pod for incoming connections. For more information, see `Host namespaces <https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#host-namespaces>`_ and `Pod networking <https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/workloads/pods/#pod-networking>`_ in the *Kubernetes documentation* .
+            :param image_pull_secrets:
             :param init_containers: These containers run before application containers, always runs to completion, and must complete successfully before the next container starts. These containers are registered with the Amazon EKS Connector agent and persists the registration information in the Kubernetes backend data store. For more information, see `Init Containers <https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/workloads/pods/init-containers/>`_ in the *Kubernetes documentation* . .. epigraph:: This object is limited to 10 elements
             :param metadata: Metadata about the Kubernetes pod. For more information, see `Understanding Kubernetes Objects <https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/>`_ in the *Kubernetes documentation* .
             :param service_account_name: The name of the service account that's used to run the pod. For more information, see `Kubernetes service accounts <https://docs.aws.amazon.com/eks/latest/userguide/service-accounts.html>`_ and `Configure a Kubernetes service account to assume an IAM role <https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html>`_ in the *Amazon EKS User Guide* and `Configure service accounts for pods <https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/>`_ in the *Kubernetes documentation* .
@@ -6517,6 +6576,7 @@ class CfnJobDefinition(
                             requests=requests
                         ),
                         security_context=batch.CfnJobDefinition.SecurityContextProperty(
+                            allow_privilege_escalation=False,
                             privileged=False,
                             read_only_root_filesystem=False,
                             run_as_group=123,
@@ -6531,6 +6591,9 @@ class CfnJobDefinition(
                     )],
                     dns_policy="dnsPolicy",
                     host_network=False,
+                    image_pull_secrets=[batch.CfnJobDefinition.ImagePullSecretProperty(
+                        name="name"
+                    )],
                     init_containers=[batch.CfnJobDefinition.EksContainerProperty(
                         image="image",
@@ -6550,6 +6613,7 @@ class CfnJobDefinition(
                             requests=requests
                         ),
                         security_context=batch.CfnJobDefinition.SecurityContextProperty(
+                            allow_privilege_escalation=False,
                             privileged=False,
                             read_only_root_filesystem=False,
                             run_as_group=123,
@@ -6592,6 +6656,7 @@ class CfnJobDefinition(
                 check_type(argname="argument containers", value=containers, expected_type=type_hints["containers"])
                 check_type(argname="argument dns_policy", value=dns_policy, expected_type=type_hints["dns_policy"])
                 check_type(argname="argument host_network", value=host_network, expected_type=type_hints["host_network"])
+                check_type(argname="argument image_pull_secrets", value=image_pull_secrets, expected_type=type_hints["image_pull_secrets"])
                 check_type(argname="argument init_containers", value=init_containers, expected_type=type_hints["init_containers"])
                 check_type(argname="argument metadata", value=metadata, expected_type=type_hints["metadata"])
                 check_type(argname="argument service_account_name", value=service_account_name, expected_type=type_hints["service_account_name"])
@@ -6604,6 +6669,8 @@ class CfnJobDefinition(
                 self._values["dns_policy"] = dns_policy
             if host_network is not None:
                 self._values["host_network"] = host_network
+            if image_pull_secrets is not None:
+                self._values["image_pull_secrets"] = image_pull_secrets
             if init_containers is not None:
                 self._values["init_containers"] = init_containers
             if metadata is not None:
@@ -6652,6 +6719,16 @@ class CfnJobDefinition(
             result = self._values.get("host_network")
             return typing.cast(typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]], result)
+        @builtins.property
+        def image_pull_secrets(
+            self,
+        ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnJobDefinition.ImagePullSecretProperty"]]]]:
+            '''
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-podproperties.html#cfn-batch-jobdefinition-podproperties-imagepullsecrets
+            '''
+            result = self._values.get("image_pull_secrets")
+            return typing.cast(typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnJobDefinition.ImagePullSecretProperty"]]]], result)
         @builtins.property
         def init_containers(
             self,
@@ -7214,6 +7291,7 @@ class CfnJobDefinition(
         jsii_type="aws-cdk-lib.aws_batch.CfnJobDefinition.SecurityContextProperty",
         jsii_struct_bases=[],
         name_mapping={
+            "allow_privilege_escalation": "allowPrivilegeEscalation",
             "privileged": "privileged",
             "read_only_root_filesystem": "readOnlyRootFilesystem",
             "run_as_group": "runAsGroup",
@@ -7225,6 +7303,7 @@ class CfnJobDefinition(
         def __init__(
             self,
             *,
+            allow_privilege_escalation: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
             privileged: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
             read_only_root_filesystem: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
             run_as_group: typing.Optional[jsii.Number] = None,
@@ -7232,6 +7311,7 @@ class CfnJobDefinition(
             run_as_user: typing.Optional[jsii.Number] = None,
         ) -> None:
             '''
+            :param allow_privilege_escalation:
             :param privileged:
             :param read_only_root_filesystem:
             :param run_as_group:
@@ -7248,6 +7328,7 @@ class CfnJobDefinition(
                 from aws_cdk import aws_batch as batch
                 security_context_property = batch.CfnJobDefinition.SecurityContextProperty(
+                    allow_privilege_escalation=False,
                     privileged=False,
                     read_only_root_filesystem=False,
                     run_as_group=123,
@@ -7257,12 +7338,15 @@ class CfnJobDefinition(
             '''
             if __debug__:
                 type_hints = typing.get_type_hints(_typecheckingstub__ecf4bfd8ece80e1bc3ee0536353fc145f3c5b08f62a604a53b62e7d2526f9d0e)
+                check_type(argname="argument allow_privilege_escalation", value=allow_privilege_escalation, expected_type=type_hints["allow_privilege_escalation"])
                 check_type(argname="argument privileged", value=privileged, expected_type=type_hints["privileged"])
                 check_type(argname="argument read_only_root_filesystem", value=read_only_root_filesystem, expected_type=type_hints["read_only_root_filesystem"])
                 check_type(argname="argument run_as_group", value=run_as_group, expected_type=type_hints["run_as_group"])
                 check_type(argname="argument run_as_non_root", value=run_as_non_root, expected_type=type_hints["run_as_non_root"])
                 check_type(argname="argument run_as_user", value=run_as_user, expected_type=type_hints["run_as_user"])
             self._values: typing.Dict[builtins.str, typing.Any] = {}
+            if allow_privilege_escalation is not None:
+                self._values["allow_privilege_escalation"] = allow_privilege_escalation
             if privileged is not None:
                 self._values["privileged"] = privileged
             if read_only_root_filesystem is not None:
@@ -7274,6 +7358,16 @@ class CfnJobDefinition(
             if run_as_user is not None:
                 self._values["run_as_user"] = run_as_user
+        @builtins.property
+        def allow_privilege_escalation(
+            self,
+        ) -> typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]]:
+            '''
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-securitycontext.html#cfn-batch-jobdefinition-securitycontext-allowprivilegeescalation
+            '''
+            result = self._values.get("allow_privilege_escalation")
+            return typing.cast(typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]], result)
         @builtins.property
         def privileged(
             self,
@@ -23118,6 +23212,13 @@ def _typecheckingstub__2bf55e035d36507c507c0ff620eda0a3096496a2cd5226656fc5e4af4
     """Type checking stubs"""
     pass
+def _typecheckingstub__510e7e45fa5176303c62970a1bb0161e95eb0fcd2438671b35f8c5a3c506b95a(
+    *,
+    name: builtins.str,
+) -> None:
+    """Type checking stubs"""
+    pass
 def _typecheckingstub__46c01503a14b135de04e03e8a183177fbaa4f728ed5853b4de848d62c1f248ae(
     *,
     devices: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[CfnJobDefinition.DeviceProperty, typing.Dict[builtins.str, typing.Any]]]]]] = None,
@@ -23186,6 +23287,7 @@ def _typecheckingstub__75127ae5a1697c34be5f24dcb69fa5c36a3498e1b2c284babc814c444
     containers: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[CfnJobDefinition.EksContainerProperty, typing.Dict[builtins.str, typing.Any]]]]]] = None,
     dns_policy: typing.Optional[builtins.str] = None,
     host_network: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
+    image_pull_secrets: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[CfnJobDefinition.ImagePullSecretProperty, typing.Dict[builtins.str, typing.Any]]]]]] = None,
     init_containers: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[CfnJobDefinition.EksContainerProperty, typing.Dict[builtins.str, typing.Any]]]]]] = None,
     metadata: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Union[CfnJobDefinition.MetadataProperty, typing.Dict[builtins.str, typing.Any]]]] = None,
     service_account_name: typing.Optional[builtins.str] = None,
@@ -23244,6 +23346,7 @@ def _typecheckingstub__627c25c89399f4c648455cf23b1833f2f5961be5393bea72498980b6d
 def _typecheckingstub__ecf4bfd8ece80e1bc3ee0536353fc145f3c5b08f62a604a53b62e7d2526f9d0e(
     *,
+    allow_privilege_escalation: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
     privileged: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
     read_only_root_filesystem: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
     run_as_group: typing.Optional[jsii.Number] = None,

aws-cdk-lib 2.136.1__py3-none-any.whl → 2.138.0__py3-none-any.whl

Potentially problematic release.

aws-cdk-lib 2.136.1py3-none-any.whl → 2.138.0py3-none-any.whl