aws-cdk-lib 2.145.0__py3-none-any.whl → 2.147.0__py3-none-any.whl

aws_cdk/aws_elasticloadbalancingv2/__init__.py

@@ -7833,7 +7833,7 @@ class CfnLoadBalancer(
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
         :param enforce_security_group_inbound_rules_on_private_link_traffic: Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through AWS PrivateLink .
-        :param ip_address_type: The IP address type. The possible values are ``ipv4`` (for IPv4 addresses) and ``dualstack`` (for IPv4 and IPv6 addresses). You can’t specify ``dualstack`` for a load balancer with a UDP or TCP_UDP listener.
+        :param ip_address_type: Note: Internal load balancers must use the ``ipv4`` IP address type. [Application Load Balancers] The IP address type. The possible values are ``ipv4`` (for only IPv4 addresses), ``dualstack`` (for IPv4 and IPv6 addresses), and ``dualstack-without-public-ipv4`` (for IPv6 only public addresses, with private IPv4 and IPv6 addresses). Note: Application Load Balancer authentication only supports IPv4 addresses when connecting to an Identity Provider (IdP) or Amazon Cognito endpoint. Without a public IPv4 address the load balancer cannot complete the authentication process, resulting in HTTP 500 errors. [Network Load Balancers] The IP address type. The possible values are ``ipv4`` (for only IPv4 addresses) and ``dualstack`` (for IPv4 and IPv6 addresses). You can’t specify ``dualstack`` for a load balancer with a UDP or TCP_UDP listener. [Gateway Load Balancers] The IP address type. The possible values are ``ipv4`` (for only IPv4 addresses) and ``dualstack`` (for IPv4 and IPv6 addresses).
         :param load_balancer_attributes: The load balancer attributes.
         :param name: The name of the load balancer. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, must not begin or end with a hyphen, and must not begin with "internal-". If you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name.
         :param scheme: The nodes of an Internet-facing load balancer have public IP addresses. The DNS name of an Internet-facing load balancer is publicly resolvable to the public IP addresses of the nodes. Therefore, Internet-facing load balancers can route requests from clients over the internet. The nodes of an internal load balancer have only private IP addresses. The DNS name of an internal load balancer is publicly resolvable to the private IP addresses of the nodes. Therefore, internal load balancers can route requests only from clients with access to the VPC for the load balancer. The default is an Internet-facing load balancer. You cannot specify a scheme for a Gateway Load Balancer.
@@ -7986,7 +7986,7 @@ class CfnLoadBalancer(
     @builtins.property
     @jsii.member(jsii_name="ipAddressType")
     def ip_address_type(self) -> typing.Optional[builtins.str]:
-        '''The IP address type.'''
+        '''Note: Internal load balancers must use the ``ipv4`` IP address type.'''
         return typing.cast(typing.Optional[builtins.str], jsii.get(self, "ipAddressType"))
 
     @ip_address_type.setter
@@ -8361,7 +8361,7 @@ class CfnLoadBalancerProps:
         '''Properties for defining a ``CfnLoadBalancer``.
 
         :param enforce_security_group_inbound_rules_on_private_link_traffic: Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through AWS PrivateLink .
-        :param ip_address_type: The IP address type. The possible values are ``ipv4`` (for IPv4 addresses) and ``dualstack`` (for IPv4 and IPv6 addresses). You can’t specify ``dualstack`` for a load balancer with a UDP or TCP_UDP listener.
+        :param ip_address_type: Note: Internal load balancers must use the ``ipv4`` IP address type. [Application Load Balancers] The IP address type. The possible values are ``ipv4`` (for only IPv4 addresses), ``dualstack`` (for IPv4 and IPv6 addresses), and ``dualstack-without-public-ipv4`` (for IPv6 only public addresses, with private IPv4 and IPv6 addresses). Note: Application Load Balancer authentication only supports IPv4 addresses when connecting to an Identity Provider (IdP) or Amazon Cognito endpoint. Without a public IPv4 address the load balancer cannot complete the authentication process, resulting in HTTP 500 errors. [Network Load Balancers] The IP address type. The possible values are ``ipv4`` (for only IPv4 addresses) and ``dualstack`` (for IPv4 and IPv6 addresses). You can’t specify ``dualstack`` for a load balancer with a UDP or TCP_UDP listener. [Gateway Load Balancers] The IP address type. The possible values are ``ipv4`` (for only IPv4 addresses) and ``dualstack`` (for IPv4 and IPv6 addresses).
         :param load_balancer_attributes: The load balancer attributes.
         :param name: The name of the load balancer. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, must not begin or end with a hyphen, and must not begin with "internal-". If you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name.
         :param scheme: The nodes of an Internet-facing load balancer have public IP addresses. The DNS name of an Internet-facing load balancer is publicly resolvable to the public IP addresses of the nodes. Therefore, Internet-facing load balancers can route requests from clients over the internet. The nodes of an internal load balancer have only private IP addresses. The DNS name of an internal load balancer is publicly resolvable to the private IP addresses of the nodes. Therefore, internal load balancers can route requests only from clients with access to the VPC for the load balancer. The default is an Internet-facing load balancer. You cannot specify a scheme for a Gateway Load Balancer.
@@ -8453,9 +8453,15 @@ class CfnLoadBalancerProps:
 
     @builtins.property
     def ip_address_type(self) -> typing.Optional[builtins.str]:
-        '''The IP address type.
+        '''Note: Internal load balancers must use the ``ipv4`` IP address type.
 
-        The possible values are ``ipv4`` (for IPv4 addresses) and ``dualstack`` (for IPv4 and IPv6 addresses). You can’t specify ``dualstack`` for a load balancer with a UDP or TCP_UDP listener.
+        [Application Load Balancers] The IP address type. The possible values are ``ipv4`` (for only IPv4 addresses), ``dualstack`` (for IPv4 and IPv6 addresses), and ``dualstack-without-public-ipv4`` (for IPv6 only public addresses, with private IPv4 and IPv6 addresses).
+
+        Note: Application Load Balancer authentication only supports IPv4 addresses when connecting to an Identity Provider (IdP) or Amazon Cognito endpoint. Without a public IPv4 address the load balancer cannot complete the authentication process, resulting in HTTP 500 errors.
+
+        [Network Load Balancers] The IP address type. The possible values are ``ipv4`` (for only IPv4 addresses) and ``dualstack`` (for IPv4 and IPv6 addresses). You can’t specify ``dualstack`` for a load balancer with a UDP or TCP_UDP listener.
+
+        [Gateway Load Balancers] The IP address type. The possible values are ``ipv4`` (for only IPv4 addresses) and ``dualstack`` (for IPv4 and IPv6 addresses).
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#cfn-elasticloadbalancingv2-loadbalancer-ipaddresstype
         '''

aws_cdk/aws_emrserverless/__init__.py

@@ -672,10 +672,10 @@ class CfnApplication(
         ) -> None:
             '''The Amazon CloudWatch configuration for monitoring logs.
 
-            You can configure your jobs to send log information to CloudWatch .
+            You can configure your jobs to send log information to CloudWatch.
 
             :param enabled: Enables CloudWatch logging. Default: - false
-            :param encryption_key_arn: The AWS Key Management Service (KMS) key ARN to encrypt the logs that you store in CloudWatch Logs .
+            :param encryption_key_arn: The AWS Key Management Service (KMS) key ARN to encrypt the logs that you store in CloudWatch Logs.
             :param log_group_name: The name of the log group in Amazon CloudWatch Logs where you want to publish your logs.
             :param log_stream_name_prefix: Prefix for the CloudWatch log stream name.
             :param log_type_map: The specific log-streams which need to be uploaded to CloudWatch.
@@ -734,7 +734,7 @@ class CfnApplication(
 
         @builtins.property
         def encryption_key_arn(self) -> typing.Optional[builtins.str]:
-            '''The AWS Key Management Service (KMS) key ARN to encrypt the logs that you store in CloudWatch Logs .
+            '''The AWS Key Management Service (KMS) key ARN to encrypt the logs that you store in CloudWatch Logs.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-emrserverless-application-cloudwatchloggingconfiguration.html#cfn-emrserverless-application-cloudwatchloggingconfiguration-encryptionkeyarn
             '''
@@ -1347,7 +1347,7 @@ class CfnApplication(
         ) -> None:
             '''The configuration setting for monitoring.
 
-            :param cloud_watch_logging_configuration: The Amazon CloudWatch configuration for monitoring logs. You can configure your jobs to send log information to CloudWatch .
+            :param cloud_watch_logging_configuration: The Amazon CloudWatch configuration for monitoring logs. You can configure your jobs to send log information to CloudWatch.
             :param managed_persistence_monitoring_configuration: The managed log persistence configuration for a job run.
             :param s3_monitoring_configuration: The Amazon S3 configuration for monitoring log publishing.
 
@@ -1400,7 +1400,7 @@ class CfnApplication(
         ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnApplication.CloudWatchLoggingConfigurationProperty"]]:
             '''The Amazon CloudWatch configuration for monitoring logs.
 
-            You can configure your jobs to send log information to CloudWatch .
+            You can configure your jobs to send log information to CloudWatch.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-emrserverless-application-monitoringconfiguration.html#cfn-emrserverless-application-monitoringconfiguration-cloudwatchloggingconfiguration
             '''

aws_cdk/aws_events/__init__.py

@@ -3453,10 +3453,10 @@ class CfnEventBus(
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
         :param name: The name of the new event bus. Custom event bus names can't contain the ``/`` character, but you can use the ``/`` character in partner event bus names. In addition, for partner event buses, the name must exactly match the name of the partner event source that this event bus is matched to. You can't use the name ``default`` for a custom event bus, as this name is already used for your account's default event bus.
-        :param dead_letter_config: Dead Letter Queue for the event bus.
-        :param description: The description of the event bus.
+        :param dead_letter_config: Configuration details of the Amazon SQS queue for EventBridge to use as a dead-letter queue (DLQ). For more information, see `Using dead-letter queues to process undelivered events <https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-rule-event-delivery.html#eb-rule-dlq>`_ in the *EventBridge User Guide* .
+        :param description: The event bus description.
         :param event_source_name: If you are creating a partner event bus, this specifies the partner event source that the new event bus will be matched with.
-        :param kms_key_identifier: Kms Key Identifier used to encrypt events at rest in the event bus.
+        :param kms_key_identifier: The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt events on this event bus. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN. If you do not specify a customer managed key identifier, EventBridge uses an AWS owned key to encrypt events on the event bus. For more information, see `Managing keys <https://docs.aws.amazon.com/kms/latest/developerguide/getting-started.html>`_ in the *AWS Key Management Service Developer Guide* . .. epigraph:: Archives and schema discovery are not supported for event buses encrypted using a customer managed key. EventBridge returns an error if: - You call ``[CreateArchive](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateArchive.html)`` on an event bus set to use a customer managed key for encryption. - You call ``[CreateDiscoverer](https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers.html#CreateDiscoverer)`` on an event bus set to use a customer managed key for encryption. - You call ``[UpdatedEventBus](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdatedEventBus.html)`` to set a customer managed key on an event bus with an archives or schema discovery enabled. To enable archives or schema discovery on an event bus, choose to use an AWS owned key . For more information, see `Data encryption in EventBridge <https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption.html>`_ in the *Amazon EventBridge User Guide* .
         :param policy: The permissions policy of the event bus, describing which other AWS accounts can write events to this event bus.
         :param tags: Tags to associate with the event bus.
         '''
@@ -3561,7 +3561,7 @@ class CfnEventBus(
     def dead_letter_config(
         self,
     ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnEventBus.DeadLetterConfigProperty"]]:
-        '''Dead Letter Queue for the event bus.'''
+        '''Configuration details of the Amazon SQS queue for EventBridge to use as a dead-letter queue (DLQ).'''
         return typing.cast(typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnEventBus.DeadLetterConfigProperty"]], jsii.get(self, "deadLetterConfig"))
 
     @dead_letter_config.setter
@@ -3577,7 +3577,7 @@ class CfnEventBus(
     @builtins.property
     @jsii.member(jsii_name="description")
     def description(self) -> typing.Optional[builtins.str]:
-        '''The description of the event bus.'''
+        '''The event bus description.'''
         return typing.cast(typing.Optional[builtins.str], jsii.get(self, "description"))
 
     @description.setter
@@ -3603,7 +3603,7 @@ class CfnEventBus(
     @builtins.property
     @jsii.member(jsii_name="kmsKeyIdentifier")
     def kms_key_identifier(self) -> typing.Optional[builtins.str]:
-        '''Kms Key Identifier used to encrypt events at rest in the event bus.'''
+        '''The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt events on this event bus.'''
         return typing.cast(typing.Optional[builtins.str], jsii.get(self, "kmsKeyIdentifier"))
 
     @kms_key_identifier.setter
@@ -3646,9 +3646,11 @@ class CfnEventBus(
     )
     class DeadLetterConfigProperty:
         def __init__(self, *, arn: typing.Optional[builtins.str] = None) -> None:
-            '''Dead Letter Queue for the event bus.
+            '''Configuration details of the Amazon SQS queue for EventBridge to use as a dead-letter queue (DLQ).
+
+            For more information, see `Using dead-letter queues to process undelivered events <https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-rule-event-delivery.html#eb-rule-dlq>`_ in the *EventBridge User Guide* .
 
-            :param arn: 
+            :param arn: The ARN of the SQS queue specified as the target for the dead-letter queue.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-eventbus-deadletterconfig.html
             :exampleMetadata: fixture=_generated
@@ -3672,7 +3674,8 @@ class CfnEventBus(
 
         @builtins.property
         def arn(self) -> typing.Optional[builtins.str]:
-            '''
+            '''The ARN of the SQS queue specified as the target for the dead-letter queue.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-eventbus-deadletterconfig.html#cfn-events-eventbus-deadletterconfig-arn
             '''
             result = self._values.get("arn")
@@ -4191,10 +4194,10 @@ class CfnEventBusProps:
         '''Properties for defining a ``CfnEventBus``.
 
         :param name: The name of the new event bus. Custom event bus names can't contain the ``/`` character, but you can use the ``/`` character in partner event bus names. In addition, for partner event buses, the name must exactly match the name of the partner event source that this event bus is matched to. You can't use the name ``default`` for a custom event bus, as this name is already used for your account's default event bus.
-        :param dead_letter_config: Dead Letter Queue for the event bus.
-        :param description: The description of the event bus.
+        :param dead_letter_config: Configuration details of the Amazon SQS queue for EventBridge to use as a dead-letter queue (DLQ). For more information, see `Using dead-letter queues to process undelivered events <https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-rule-event-delivery.html#eb-rule-dlq>`_ in the *EventBridge User Guide* .
+        :param description: The event bus description.
         :param event_source_name: If you are creating a partner event bus, this specifies the partner event source that the new event bus will be matched with.
-        :param kms_key_identifier: Kms Key Identifier used to encrypt events at rest in the event bus.
+        :param kms_key_identifier: The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt events on this event bus. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN. If you do not specify a customer managed key identifier, EventBridge uses an AWS owned key to encrypt events on the event bus. For more information, see `Managing keys <https://docs.aws.amazon.com/kms/latest/developerguide/getting-started.html>`_ in the *AWS Key Management Service Developer Guide* . .. epigraph:: Archives and schema discovery are not supported for event buses encrypted using a customer managed key. EventBridge returns an error if: - You call ``[CreateArchive](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateArchive.html)`` on an event bus set to use a customer managed key for encryption. - You call ``[CreateDiscoverer](https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers.html#CreateDiscoverer)`` on an event bus set to use a customer managed key for encryption. - You call ``[UpdatedEventBus](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdatedEventBus.html)`` to set a customer managed key on an event bus with an archives or schema discovery enabled. To enable archives or schema discovery on an event bus, choose to use an AWS owned key . For more information, see `Data encryption in EventBridge <https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption.html>`_ in the *Amazon EventBridge User Guide* .
         :param policy: The permissions policy of the event bus, describing which other AWS accounts can write events to this event bus.
         :param tags: Tags to associate with the event bus.
 
@@ -4269,7 +4272,9 @@ class CfnEventBusProps:
     def dead_letter_config(
         self,
     ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, CfnEventBus.DeadLetterConfigProperty]]:
-        '''Dead Letter Queue for the event bus.
+        '''Configuration details of the Amazon SQS queue for EventBridge to use as a dead-letter queue (DLQ).
+
+        For more information, see `Using dead-letter queues to process undelivered events <https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-rule-event-delivery.html#eb-rule-dlq>`_ in the *EventBridge User Guide* .
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-eventbus.html#cfn-events-eventbus-deadletterconfig
         '''
@@ -4278,7 +4283,7 @@ class CfnEventBusProps:
 
     @builtins.property
     def description(self) -> typing.Optional[builtins.str]:
-        '''The description of the event bus.
+        '''The event bus description.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-eventbus.html#cfn-events-eventbus-description
         '''
@@ -4296,7 +4301,22 @@ class CfnEventBusProps:
 
     @builtins.property
     def kms_key_identifier(self) -> typing.Optional[builtins.str]:
-        '''Kms Key Identifier used to encrypt events at rest in the event bus.
+        '''The identifier of the AWS KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt events on this event bus.
+
+        The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.
+
+        If you do not specify a customer managed key identifier, EventBridge uses an AWS owned key to encrypt events on the event bus.
+
+        For more information, see `Managing keys <https://docs.aws.amazon.com/kms/latest/developerguide/getting-started.html>`_ in the *AWS Key Management Service Developer Guide* .
+        .. epigraph::
+
+           Archives and schema discovery are not supported for event buses encrypted using a customer managed key. EventBridge returns an error if:
+
+           - You call ``[CreateArchive](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_CreateArchive.html)`` on an event bus set to use a customer managed key for encryption.
+           - You call ``[CreateDiscoverer](https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers.html#CreateDiscoverer)`` on an event bus set to use a customer managed key for encryption.
+           - You call ``[UpdatedEventBus](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdatedEventBus.html)`` to set a customer managed key on an event bus with an archives or schema discovery enabled.
+
+           To enable archives or schema discovery on an event bus, choose to use an AWS owned key . For more information, see `Data encryption in EventBridge <https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-encryption.html>`_ in the *Amazon EventBridge User Guide* .
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-eventbus.html#cfn-events-eventbus-kmskeyidentifier
         '''
@@ -5192,7 +5212,7 @@ class CfnRule(
         def __init__(self, *, arn: typing.Optional[builtins.str] = None) -> None:
             '''Configuration details of the Amazon SQS queue for EventBridge to use as a dead-letter queue (DLQ).
 
-            For more information, see `Event retry policy and using dead-letter queues <https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-rule-dlq.html>`_ in the *EventBridge User Guide* .
+            For more information, see `Using dead-letter queues to process undelivered events <https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-rule-event-delivery.html#eb-rule-dlq>`_ in the *EventBridge User Guide* .
 
             :param arn: The ARN of the SQS queue specified as the target for the dead-letter queue.