aws-cdk-lib 2.136.1__py3-none-any.whl → 2.138.0__py3-none-any.whl

aws_cdk/aws_cloudfront/__init__.py

@@ -553,14 +553,28 @@ To create an empty Key Value Store:
 store = cloudfront.KeyValueStore(self, "KeyValueStore")
 ```
 
-To also include an initial set of value, the `source` property can be specified. For the
-structure of this file, see [Creating a file of key value pairs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/kvs-with-functions-create-s3-kvp.html).
+To also include an initial set of values, the `source` property can be specified, either from a
+local file or an inline string. For the structure of this file, see [Creating a file of key value pairs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/kvs-with-functions-create-s3-kvp.html).
 
 ```python
-store = cloudfront.KeyValueStore(self, "KeyValueStore",
-    key_value_store_name="KeyValueStore",
+store_asset = cloudfront.KeyValueStore(self, "KeyValueStoreAsset",
+    key_value_store_name="KeyValueStoreAsset",
     source=cloudfront.ImportSource.from_asset("path-to-data.json")
 )
+
+store_inline = cloudfront.KeyValueStore(self, "KeyValueStoreInline",
+    key_value_store_name="KeyValueStoreInline",
+    source=cloudfront.ImportSource.from_inline(JSON.stringify({
+        "data": [{
+            "key": "key1",
+            "value": "value1"
+        }, {
+            "key": "key2",
+            "value": "value2"
+        }
+        ]
+    }))
+)
 ```
 
 The Key Value Store can then be associated to a function using the `cloudfront-js-2.0` runtime
@@ -17521,10 +17535,24 @@ class ImportSource(
 
     Example::
 
-        store = cloudfront.KeyValueStore(self, "KeyValueStore",
-            key_value_store_name="KeyValueStore",
+        store_asset = cloudfront.KeyValueStore(self, "KeyValueStoreAsset",
+            key_value_store_name="KeyValueStoreAsset",
             source=cloudfront.ImportSource.from_asset("path-to-data.json")
         )
+        
+        store_inline = cloudfront.KeyValueStore(self, "KeyValueStoreInline",
+            key_value_store_name="KeyValueStoreInline",
+            source=cloudfront.ImportSource.from_inline(JSON.stringify({
+                "data": [{
+                    "key": "key1",
+                    "value": "value1"
+                }, {
+                    "key": "key2",
+                    "value": "value2"
+                }
+                ]
+            }))
+        )
     '''
 
     def __init__(self) -> None:
@@ -17591,6 +17619,18 @@ class ImportSource(
             check_type(argname="argument key", value=key, expected_type=type_hints["key"])
         return typing.cast("ImportSource", jsii.sinvoke(cls, "fromBucket", [bucket, key]))
 
+    @jsii.member(jsii_name="fromInline")
+    @builtins.classmethod
+    def from_inline(cls, data: builtins.str) -> "ImportSource":
+        '''An import source that uses an inline string.
+
+        :param data: the contents of the KeyValueStore.
+        '''
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__a50e730aa8d5bb1d3041587df3389916448f52815ee319019e3ea67abaeb349d)
+            check_type(argname="argument data", value=data, expected_type=type_hints["data"])
+        return typing.cast("ImportSource", jsii.sinvoke(cls, "fromInline", [data]))
+
 
 class _ImportSourceProxy(ImportSource):
     pass
@@ -17599,6 +17639,80 @@ class _ImportSourceProxy(ImportSource):
 typing.cast(typing.Any, ImportSource).__jsii_proxy_class__ = lambda : _ImportSourceProxy
 
 
+class InlineImportSource(
+    ImportSource,
+    metaclass=jsii.JSIIMeta,
+    jsii_type="aws-cdk-lib.aws_cloudfront.InlineImportSource",
+):
+    '''An import source from an inline string.
+
+    :exampleMetadata: fixture=_generated
+
+    Example::
+
+        # The code below shows an example of how to instantiate this type.
+        # The values are placeholders you should change.
+        import aws_cdk as cdk
+        from aws_cdk import aws_cloudfront as cloudfront
+        from aws_cdk import aws_iam as iam
+        
+        # docker_image: cdk.DockerImage
+        # grantable: iam.IGrantable
+        # local_bundling: cdk.ILocalBundling
+        
+        inline_import_source = cloudfront.InlineImportSource.from_asset("path",
+            asset_hash="assetHash",
+            asset_hash_type=cdk.AssetHashType.SOURCE,
+            bundling=cdk.BundlingOptions(
+                image=docker_image,
+        
+                # the properties below are optional
+                bundling_file_access=cdk.BundlingFileAccess.VOLUME_COPY,
+                command=["command"],
+                entrypoint=["entrypoint"],
+                environment={
+                    "environment_key": "environment"
+                },
+                local=local_bundling,
+                network="network",
+                output_type=cdk.BundlingOutput.ARCHIVED,
+                platform="platform",
+                security_opt="securityOpt",
+                user="user",
+                volumes=[cdk.DockerVolume(
+                    container_path="containerPath",
+                    host_path="hostPath",
+        
+                    # the properties below are optional
+                    consistency=cdk.DockerVolumeConsistency.CONSISTENT
+                )],
+                volumes_from=["volumesFrom"],
+                working_directory="workingDirectory"
+            ),
+            deploy_time=False,
+            exclude=["exclude"],
+            follow_symlinks=cdk.SymlinkFollowMode.NEVER,
+            ignore_mode=cdk.IgnoreMode.GLOB,
+            readers=[grantable]
+        )
+    '''
+
+    def __init__(self, data: builtins.str) -> None:
+        '''
+        :param data: the contents of the KeyValueStore.
+        '''
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__3f4f889ac66a946410766b5f47e88439c0d5d8056cd6bcd354c8251152edc50c)
+            check_type(argname="argument data", value=data, expected_type=type_hints["data"])
+        jsii.create(self.__class__, self, [data])
+
+    @builtins.property
+    @jsii.member(jsii_name="data")
+    def data(self) -> builtins.str:
+        '''the contents of the KeyValueStore.'''
+        return typing.cast(builtins.str, jsii.get(self, "data"))
+
+
 @jsii.implements(IKeyGroup)
 class KeyGroup(
     _Resource_45bc6135,
@@ -17801,9 +17915,12 @@ class KeyValueStore(
 
     Example::
 
-        store = cloudfront.KeyValueStore(self, "KeyValueStore",
-            key_value_store_name="KeyValueStore",
-            source=cloudfront.ImportSource.from_asset("path-to-data.json")
+        store = cloudfront.KeyValueStore(self, "KeyValueStore")
+        cloudfront.Function(self, "Function",
+            code=cloudfront.FunctionCode.from_inline("function handler(event) { return event.request }"),
+            # Note that JS_2_0 must be used for Key Value Store support
+            runtime=cloudfront.FunctionRuntime.JS_2_0,
+            key_value_store=store
         )
     '''
 
@@ -17900,10 +18017,24 @@ class KeyValueStoreProps:
 
         Example::
 
-            store = cloudfront.KeyValueStore(self, "KeyValueStore",
-                key_value_store_name="KeyValueStore",
+            store_asset = cloudfront.KeyValueStore(self, "KeyValueStoreAsset",
+                key_value_store_name="KeyValueStoreAsset",
                 source=cloudfront.ImportSource.from_asset("path-to-data.json")
             )
+            
+            store_inline = cloudfront.KeyValueStore(self, "KeyValueStoreInline",
+                key_value_store_name="KeyValueStoreInline",
+                source=cloudfront.ImportSource.from_inline(JSON.stringify({
+                    "data": [{
+                        "key": "key1",
+                        "value": "value1"
+                    }, {
+                        "key": "key2",
+                        "value": "value2"
+                    }
+                    ]
+                }))
+            )
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__0885cf023551545b14a4696bf116b851a0c7733cc2987782ba95a29b134a062e)
@@ -21536,12 +21667,49 @@ class S3ImportSource(
 
         # The code below shows an example of how to instantiate this type.
         # The values are placeholders you should change.
+        import aws_cdk as cdk
         from aws_cdk import aws_cloudfront as cloudfront
-        from aws_cdk import aws_s3 as s3
+        from aws_cdk import aws_iam as iam
+        
+        # docker_image: cdk.DockerImage
+        # grantable: iam.IGrantable
+        # local_bundling: cdk.ILocalBundling
         
-        # bucket: s3.Bucket
+        s3_import_source = cloudfront.S3ImportSource.from_asset("path",
+            asset_hash="assetHash",
+            asset_hash_type=cdk.AssetHashType.SOURCE,
+            bundling=cdk.BundlingOptions(
+                image=docker_image,
         
-        s3_import_source = cloudfront.S3ImportSource(bucket, "key")
+                # the properties below are optional
+                bundling_file_access=cdk.BundlingFileAccess.VOLUME_COPY,
+                command=["command"],
+                entrypoint=["entrypoint"],
+                environment={
+                    "environment_key": "environment"
+                },
+                local=local_bundling,
+                network="network",
+                output_type=cdk.BundlingOutput.ARCHIVED,
+                platform="platform",
+                security_opt="securityOpt",
+                user="user",
+                volumes=[cdk.DockerVolume(
+                    container_path="containerPath",
+                    host_path="hostPath",
+        
+                    # the properties below are optional
+                    consistency=cdk.DockerVolumeConsistency.CONSISTENT
+                )],
+                volumes_from=["volumesFrom"],
+                working_directory="workingDirectory"
+            ),
+            deploy_time=False,
+            exclude=["exclude"],
+            follow_symlinks=cdk.SymlinkFollowMode.NEVER,
+            ignore_mode=cdk.IgnoreMode.GLOB,
+            readers=[grantable]
+        )
     '''
 
     def __init__(self, bucket: _IBucket_42e086fd, key: builtins.str) -> None:
@@ -22314,7 +22482,7 @@ class AssetImportSource(
         # grantable: iam.IGrantable
         # local_bundling: cdk.ILocalBundling
         
-        asset_import_source = cloudfront.AssetImportSource("path",
+        asset_import_source = cloudfront.AssetImportSource.from_asset("path",
             asset_hash="assetHash",
             asset_hash_type=cdk.AssetHashType.SOURCE,
             bundling=cdk.BundlingOptions(
@@ -23793,6 +23961,7 @@ __all__ = [
     "IRealtimeLogConfig",
     "IResponseHeadersPolicy",
     "ImportSource",
+    "InlineImportSource",
     "KeyGroup",
     "KeyGroupProps",
     "KeyValueStore",
@@ -25437,6 +25606,18 @@ def _typecheckingstub__199a9d2f509e6bf2ce32ccd58ce284ca48a05841123773473504a43c3
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__a50e730aa8d5bb1d3041587df3389916448f52815ee319019e3ea67abaeb349d(
+    data: builtins.str,
+) -> None:
+    """Type checking stubs"""
+    pass
+
+def _typecheckingstub__3f4f889ac66a946410766b5f47e88439c0d5d8056cd6bcd354c8251152edc50c(
+    data: builtins.str,
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__8c6747d6cf01bdf872790a9315f48bb3e3363e1c57d3a822e5cf812d017c9661(
     scope: _constructs_77d1e7e8.Construct,
     id: builtins.str,

aws_cdk/aws_cloudtrail/__init__.py

@@ -782,7 +782,7 @@ class CfnEventDataStore(
         '''
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
-        :param advanced_event_selectors: The advanced event selectors to use to select the events for the data store. You can configure up to five advanced event selectors for each event data store. For more information about how to use advanced event selectors to log CloudTrail events, see `Log events by using advanced event selectors <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced>`_ in the CloudTrail User Guide. For more information about how to use advanced event selectors to include AWS Config configuration items in your event data store, see `Create an event data store for AWS Config configuration items <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-lake-cli.html#lake-cli-create-eds-config>`_ in the CloudTrail User Guide. For more information about how to use advanced event selectors to include non- AWS events in your event data store, see `Create an integration to log events from outside AWS <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-lake-cli.html#lake-cli-create-integration>`_ in the CloudTrail User Guide.
+        :param advanced_event_selectors: The advanced event selectors to use to select the events for the data store. You can configure up to five advanced event selectors for each event data store. For more information about how to use advanced event selectors to log CloudTrail events, see `Log events by using advanced event selectors <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced>`_ in the CloudTrail User Guide. For more information about how to use advanced event selectors to include AWS Config configuration items in your event data store, see `Create an event data store for AWS Config configuration items <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-eds-cli.html#lake-cli-create-eds-config>`_ in the CloudTrail User Guide. For more information about how to use advanced event selectors to include events outside of AWS events in your event data store, see `Create an integration to log events from outside AWS <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-integrations-cli.html#lake-cli-create-integration>`_ in the CloudTrail User Guide.
         :param billing_mode: The billing mode for the event data store determines the cost for ingesting events and the default and maximum retention period for the event data store. The following are the possible values: - ``EXTENDABLE_RETENTION_PRICING`` - This billing mode is generally recommended if you want a flexible retention period of up to 3653 days (about 10 years). The default retention period for this billing mode is 366 days. - ``FIXED_RETENTION_PRICING`` - This billing mode is recommended if you expect to ingest more than 25 TB of event data per month and need a retention period of up to 2557 days (about 7 years). The default retention period for this billing mode is 2557 days. The default value is ``EXTENDABLE_RETENTION_PRICING`` . For more information about CloudTrail pricing, see `AWS CloudTrail Pricing <https://docs.aws.amazon.com/cloudtrail/pricing/>`_ and `Managing CloudTrail Lake costs <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-lake-manage-costs.html>`_ .
         :param federation_enabled: Indicates if `Lake query federation <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html>`_ is enabled. By default, Lake query federation is disabled. You cannot delete an event data store if Lake query federation is enabled.
         :param federation_role_arn: If Lake query federation is enabled, provides the ARN of the federation role used to access the resources for the federated event data store. The federation role must exist in your account and provide the `required minimum permissions <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html#query-federation-permissions-role>`_ .
@@ -1814,7 +1814,7 @@ class CfnEventDataStoreProps:
     ) -> None:
         '''Properties for defining a ``CfnEventDataStore``.
 
-        :param advanced_event_selectors: The advanced event selectors to use to select the events for the data store. You can configure up to five advanced event selectors for each event data store. For more information about how to use advanced event selectors to log CloudTrail events, see `Log events by using advanced event selectors <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced>`_ in the CloudTrail User Guide. For more information about how to use advanced event selectors to include AWS Config configuration items in your event data store, see `Create an event data store for AWS Config configuration items <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-lake-cli.html#lake-cli-create-eds-config>`_ in the CloudTrail User Guide. For more information about how to use advanced event selectors to include non- AWS events in your event data store, see `Create an integration to log events from outside AWS <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-lake-cli.html#lake-cli-create-integration>`_ in the CloudTrail User Guide.
+        :param advanced_event_selectors: The advanced event selectors to use to select the events for the data store. You can configure up to five advanced event selectors for each event data store. For more information about how to use advanced event selectors to log CloudTrail events, see `Log events by using advanced event selectors <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced>`_ in the CloudTrail User Guide. For more information about how to use advanced event selectors to include AWS Config configuration items in your event data store, see `Create an event data store for AWS Config configuration items <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-eds-cli.html#lake-cli-create-eds-config>`_ in the CloudTrail User Guide. For more information about how to use advanced event selectors to include events outside of AWS events in your event data store, see `Create an integration to log events from outside AWS <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-integrations-cli.html#lake-cli-create-integration>`_ in the CloudTrail User Guide.
         :param billing_mode: The billing mode for the event data store determines the cost for ingesting events and the default and maximum retention period for the event data store. The following are the possible values: - ``EXTENDABLE_RETENTION_PRICING`` - This billing mode is generally recommended if you want a flexible retention period of up to 3653 days (about 10 years). The default retention period for this billing mode is 366 days. - ``FIXED_RETENTION_PRICING`` - This billing mode is recommended if you expect to ingest more than 25 TB of event data per month and need a retention period of up to 2557 days (about 7 years). The default retention period for this billing mode is 2557 days. The default value is ``EXTENDABLE_RETENTION_PRICING`` . For more information about CloudTrail pricing, see `AWS CloudTrail Pricing <https://docs.aws.amazon.com/cloudtrail/pricing/>`_ and `Managing CloudTrail Lake costs <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-lake-manage-costs.html>`_ .
         :param federation_enabled: Indicates if `Lake query federation <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html>`_ is enabled. By default, Lake query federation is disabled. You cannot delete an event data store if Lake query federation is enabled.
         :param federation_role_arn: If Lake query federation is enabled, provides the ARN of the federation role used to access the resources for the federated event data store. The federation role must exist in your account and provide the `required minimum permissions <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html#query-federation-permissions-role>`_ .
@@ -1931,9 +1931,9 @@ class CfnEventDataStoreProps:
 
         For more information about how to use advanced event selectors to log CloudTrail events, see `Log events by using advanced event selectors <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced>`_ in the CloudTrail User Guide.
 
-        For more information about how to use advanced event selectors to include AWS Config configuration items in your event data store, see `Create an event data store for AWS Config configuration items <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-lake-cli.html#lake-cli-create-eds-config>`_ in the CloudTrail User Guide.
+        For more information about how to use advanced event selectors to include AWS Config configuration items in your event data store, see `Create an event data store for AWS Config configuration items <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-eds-cli.html#lake-cli-create-eds-config>`_ in the CloudTrail User Guide.
 
-        For more information about how to use advanced event selectors to include non- AWS events in your event data store, see `Create an integration to log events from outside AWS <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-lake-cli.html#lake-cli-create-integration>`_ in the CloudTrail User Guide.
+        For more information about how to use advanced event selectors to include events outside of AWS events in your event data store, see `Create an integration to log events from outside AWS <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-integrations-cli.html#lake-cli-create-integration>`_ in the CloudTrail User Guide.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-eventdatastore.html#cfn-cloudtrail-eventdatastore-advancedeventselectors
         '''
@@ -2417,7 +2417,7 @@ class CfnTrail(
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
         :param is_logging: Whether the CloudTrail trail is currently logging AWS API calls.
-        :param s3_bucket_name: Specifies the name of the Amazon S3 bucket designated for publishing log files. See `Amazon S3 Bucket Naming Requirements <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/create_trail_naming_policy.html>`_ .
+        :param s3_bucket_name: Specifies the name of the Amazon S3 bucket designated for publishing log files. See `Amazon S3 Bucket naming rules <https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html>`_ .
         :param advanced_event_selectors: Specifies the settings for advanced event selectors. You can add advanced event selectors, and conditions for your advanced event selectors, up to a maximum of 500 values for all conditions and selectors on a trail. You can use either ``AdvancedEventSelectors`` or ``EventSelectors`` , but not both. If you apply ``AdvancedEventSelectors`` to a trail, any existing ``EventSelectors`` are overwritten. For more information about advanced event selectors, see `Logging data events <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html>`_ in the *AWS CloudTrail User Guide* .
         :param cloud_watch_logs_log_group_arn: Specifies a log group name using an Amazon Resource Name (ARN), a unique identifier that represents the log group to which CloudTrail logs are delivered. You must use a log group that exists in your account. Not required unless you specify ``CloudWatchLogsRoleArn`` .
         :param cloud_watch_logs_role_arn: Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group. You must use a role that exists in your account.
@@ -2428,7 +2428,7 @@ class CfnTrail(
         :param is_multi_region_trail: Specifies whether the trail applies only to the current Region or to all Regions. The default is false. If the trail exists only in the current Region and this value is set to true, shadow trails (replications of the trail) will be created in the other Regions. If the trail exists in all Regions and this value is set to false, the trail will remain in the Region where it was created, and its shadow trails in other Regions will be deleted. As a best practice, consider using trails that log events in all Regions.
         :param is_organization_trail: Specifies whether the trail is applied to all accounts in an organization in AWS Organizations , or only for the current AWS account . The default is false, and cannot be true unless the call is made on behalf of an AWS account that is the management account for an organization in AWS Organizations . If the trail is not an organization trail and this is set to ``true`` , the trail will be created in all AWS accounts that belong to the organization. If the trail is an organization trail and this is set to ``false`` , the trail will remain in the current AWS account but be deleted from all member accounts in the organization. .. epigraph:: Only the management account for the organization can convert an organization trail to a non-organization trail, or convert a non-organization trail to an organization trail.
         :param kms_key_id: Specifies the AWS KMS key ID to use to encrypt the logs delivered by CloudTrail. The value can be an alias name prefixed by "alias/", a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier. CloudTrail also supports AWS KMS multi-Region keys. For more information about multi-Region keys, see `Using multi-Region keys <https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html>`_ in the *AWS Key Management Service Developer Guide* . Examples: - alias/MyAliasName - arn:aws:kms:us-east-2:123456789012:alias/MyAliasName - arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012 - 12345678-1234-1234-1234-123456789012
-        :param s3_key_prefix: Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see `Finding Your CloudTrail Log Files <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html>`_ . The maximum length is 200 characters.
+        :param s3_key_prefix: Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see `Finding Your CloudTrail Log Files <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/get-and-view-cloudtrail-log-files.html#cloudtrail-find-log-files>`_ . The maximum length is 200 characters.
         :param sns_topic_name: Specifies the name of the Amazon SNS topic defined for notification of log file delivery. The maximum length is 256 characters.
         :param tags: A custom set of tags (key-value pairs) for this trail.
         :param trail_name: Specifies the name of the trail. The name must meet the following requirements:. - Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-) - Start with a letter or number, and end with a letter or number - Be between 3 and 128 characters - Have no adjacent periods, underscores or dashes. Names like ``my-_namespace`` and ``my--namespace`` are not valid. - Not be in IP address format (for example, 192.168.5.4)
@@ -3738,7 +3738,7 @@ class CfnTrailProps:
         '''Properties for defining a ``CfnTrail``.
 
         :param is_logging: Whether the CloudTrail trail is currently logging AWS API calls.
-        :param s3_bucket_name: Specifies the name of the Amazon S3 bucket designated for publishing log files. See `Amazon S3 Bucket Naming Requirements <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/create_trail_naming_policy.html>`_ .
+        :param s3_bucket_name: Specifies the name of the Amazon S3 bucket designated for publishing log files. See `Amazon S3 Bucket naming rules <https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html>`_ .
         :param advanced_event_selectors: Specifies the settings for advanced event selectors. You can add advanced event selectors, and conditions for your advanced event selectors, up to a maximum of 500 values for all conditions and selectors on a trail. You can use either ``AdvancedEventSelectors`` or ``EventSelectors`` , but not both. If you apply ``AdvancedEventSelectors`` to a trail, any existing ``EventSelectors`` are overwritten. For more information about advanced event selectors, see `Logging data events <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html>`_ in the *AWS CloudTrail User Guide* .
         :param cloud_watch_logs_log_group_arn: Specifies a log group name using an Amazon Resource Name (ARN), a unique identifier that represents the log group to which CloudTrail logs are delivered. You must use a log group that exists in your account. Not required unless you specify ``CloudWatchLogsRoleArn`` .
         :param cloud_watch_logs_role_arn: Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group. You must use a role that exists in your account.
@@ -3749,7 +3749,7 @@ class CfnTrailProps:
         :param is_multi_region_trail: Specifies whether the trail applies only to the current Region or to all Regions. The default is false. If the trail exists only in the current Region and this value is set to true, shadow trails (replications of the trail) will be created in the other Regions. If the trail exists in all Regions and this value is set to false, the trail will remain in the Region where it was created, and its shadow trails in other Regions will be deleted. As a best practice, consider using trails that log events in all Regions.
         :param is_organization_trail: Specifies whether the trail is applied to all accounts in an organization in AWS Organizations , or only for the current AWS account . The default is false, and cannot be true unless the call is made on behalf of an AWS account that is the management account for an organization in AWS Organizations . If the trail is not an organization trail and this is set to ``true`` , the trail will be created in all AWS accounts that belong to the organization. If the trail is an organization trail and this is set to ``false`` , the trail will remain in the current AWS account but be deleted from all member accounts in the organization. .. epigraph:: Only the management account for the organization can convert an organization trail to a non-organization trail, or convert a non-organization trail to an organization trail.
         :param kms_key_id: Specifies the AWS KMS key ID to use to encrypt the logs delivered by CloudTrail. The value can be an alias name prefixed by "alias/", a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier. CloudTrail also supports AWS KMS multi-Region keys. For more information about multi-Region keys, see `Using multi-Region keys <https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html>`_ in the *AWS Key Management Service Developer Guide* . Examples: - alias/MyAliasName - arn:aws:kms:us-east-2:123456789012:alias/MyAliasName - arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012 - 12345678-1234-1234-1234-123456789012
-        :param s3_key_prefix: Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see `Finding Your CloudTrail Log Files <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html>`_ . The maximum length is 200 characters.
+        :param s3_key_prefix: Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see `Finding Your CloudTrail Log Files <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/get-and-view-cloudtrail-log-files.html#cloudtrail-find-log-files>`_ . The maximum length is 200 characters.
         :param sns_topic_name: Specifies the name of the Amazon SNS topic defined for notification of log file delivery. The maximum length is 256 characters.
         :param tags: A custom set of tags (key-value pairs) for this trail.
         :param trail_name: Specifies the name of the trail. The name must meet the following requirements:. - Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-) - Start with a letter or number, and end with a letter or number - Be between 3 and 128 characters - Have no adjacent periods, underscores or dashes. Names like ``my-_namespace`` and ``my--namespace`` are not valid. - Not be in IP address format (for example, 192.168.5.4)
@@ -3879,7 +3879,7 @@ class CfnTrailProps:
     def s3_bucket_name(self) -> builtins.str:
         '''Specifies the name of the Amazon S3 bucket designated for publishing log files.
 
-        See `Amazon S3 Bucket Naming Requirements <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/create_trail_naming_policy.html>`_ .
+        See `Amazon S3 Bucket naming rules <https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html>`_ .
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-s3bucketname
         '''
@@ -4037,7 +4037,7 @@ class CfnTrailProps:
     def s3_key_prefix(self) -> typing.Optional[builtins.str]:
         '''Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery.
 
-        For more information, see `Finding Your CloudTrail Log Files <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html>`_ . The maximum length is 200 characters.
+        For more information, see `Finding Your CloudTrail Log Files <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/get-and-view-cloudtrail-log-files.html#cloudtrail-find-log-files>`_ . The maximum length is 200 characters.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-s3keyprefix
         '''