aws-cdk-lib 2.148.1__py3-none-any.whl → 2.150.0__py3-none-any.whl

aws_cdk/aws_stepfunctions_tasks/__init__.py

@@ -316,6 +316,28 @@ start_query_execution_job = tasks.AthenaStartQueryExecution(self, "Start Athena
 )
 ```
 
+You can reuse the query results by setting the `resultReuseConfigurationMaxAge` property.
+
+```python
+start_query_execution_job = tasks.AthenaStartQueryExecution(self, "Start Athena Query",
+    query_string=sfn.JsonPath.string_at("$.queryString"),
+    query_execution_context=tasks.QueryExecutionContext(
+        database_name="mydatabase"
+    ),
+    result_configuration=tasks.ResultConfiguration(
+        encryption_configuration=tasks.EncryptionConfiguration(
+            encryption_option=tasks.EncryptionOption.S3_MANAGED
+        ),
+        output_location=s3.Location(
+            bucket_name="query-results-bucket",
+            object_key="folder"
+        )
+    ),
+    execution_parameters=["param1", "param2"],
+    result_reuse_configuration_max_age=Duration.minutes(100)
+)
+```
+
 ### GetQueryExecution
 
 The [GetQueryExecution](https://docs.aws.amazon.com/athena/latest/APIReference/API_GetQueryExecution.html) API gets information about a single execution of a query.
@@ -398,6 +420,30 @@ task = tasks.BedrockInvokeModel(self, "Prompt Model",
 )
 ```
 
+You can apply a guardrail to the invocation by setting `guardrail`.
+
+```python
+import aws_cdk.aws_bedrock as bedrock
+
+
+model = bedrock.FoundationModel.from_foundation_model_id(self, "Model", bedrock.FoundationModelIdentifier.AMAZON_TITAN_TEXT_G1_EXPRESS_V1)
+
+task = tasks.BedrockInvokeModel(self, "Prompt Model with guardrail",
+    model=model,
+    body=sfn.TaskInput.from_object({
+        "input_text": "Generate a list of five first names.",
+        "text_generation_config": {
+            "max_token_count": 100,
+            "temperature": 1
+        }
+    }),
+    guardrail=tasks.Guardrail.enable("guardrailId", 1),
+    result_selector={
+        "names": sfn.JsonPath.string_at("$.Body.results[0].outputText")
+    }
+)
+```
+
 ## CodeBuild
 
 Step Functions supports [CodeBuild](https://docs.aws.amazon.com/step-functions/latest/dg/connect-codebuild.html) through the service integration pattern.
@@ -3018,6 +3064,7 @@ class AthenaStartQueryExecution(
         execution_parameters: typing.Optional[typing.Sequence[builtins.str]] = None,
         query_execution_context: typing.Optional[typing.Union["QueryExecutionContext", typing.Dict[builtins.str, typing.Any]]] = None,
         result_configuration: typing.Optional[typing.Union["ResultConfiguration", typing.Dict[builtins.str, typing.Any]]] = None,
+        result_reuse_configuration_max_age: typing.Optional[_Duration_4839e8c3] = None,
         work_group: typing.Optional[builtins.str] = None,
         comment: typing.Optional[builtins.str] = None,
         credentials: typing.Optional[typing.Union[_Credentials_2cd64c6b, typing.Dict[builtins.str, typing.Any]]] = None,
@@ -3040,6 +3087,7 @@ class AthenaStartQueryExecution(
         :param execution_parameters: A list of values for the parameters in a query. The values are applied sequentially to the parameters in the query in the order in which the parameters occur. Default: - No parameters
         :param query_execution_context: Database within which query executes. Default: - No query execution context
         :param result_configuration: Configuration on how and where to save query. Default: - No result configuration
+        :param result_reuse_configuration_max_age: Specifies, in minutes, the maximum age of a previous query result that Athena should consider for reuse. Default: - Query results are not reused
         :param work_group: Configuration on how and where to save query. Default: - No work group
         :param comment: An optional description for this state. Default: - No comment
         :param credentials: Credentials for an IAM Role that the State Machine assumes for executing the task. This enables cross-account resource invocations. Default: - None (Task is executed using the State Machine's execution role)
@@ -3064,6 +3112,7 @@ class AthenaStartQueryExecution(
             execution_parameters=execution_parameters,
             query_execution_context=query_execution_context,
             result_configuration=result_configuration,
+            result_reuse_configuration_max_age=result_reuse_configuration_max_age,
             work_group=work_group,
             comment=comment,
             credentials=credentials,
@@ -3113,6 +3162,7 @@ class AthenaStartQueryExecution(
         "execution_parameters": "executionParameters",
         "query_execution_context": "queryExecutionContext",
         "result_configuration": "resultConfiguration",
+        "result_reuse_configuration_max_age": "resultReuseConfigurationMaxAge",
         "work_group": "workGroup",
     },
 )
@@ -3137,6 +3187,7 @@ class AthenaStartQueryExecutionProps(_TaskStateBaseProps_3a62b6d0):
         execution_parameters: typing.Optional[typing.Sequence[builtins.str]] = None,
         query_execution_context: typing.Optional[typing.Union["QueryExecutionContext", typing.Dict[builtins.str, typing.Any]]] = None,
         result_configuration: typing.Optional[typing.Union["ResultConfiguration", typing.Dict[builtins.str, typing.Any]]] = None,
+        result_reuse_configuration_max_age: typing.Optional[_Duration_4839e8c3] = None,
         work_group: typing.Optional[builtins.str] = None,
     ) -> None:
         '''Properties for starting a Query Execution.
@@ -3158,6 +3209,7 @@ class AthenaStartQueryExecutionProps(_TaskStateBaseProps_3a62b6d0):
         :param execution_parameters: A list of values for the parameters in a query. The values are applied sequentially to the parameters in the query in the order in which the parameters occur. Default: - No parameters
         :param query_execution_context: Database within which query executes. Default: - No query execution context
         :param result_configuration: Configuration on how and where to save query. Default: - No result configuration
+        :param result_reuse_configuration_max_age: Specifies, in minutes, the maximum age of a previous query result that Athena should consider for reuse. Default: - Query results are not reused
         :param work_group: Configuration on how and where to save query. Default: - No work group
 
         :exampleMetadata: infused
@@ -3206,6 +3258,7 @@ class AthenaStartQueryExecutionProps(_TaskStateBaseProps_3a62b6d0):
             check_type(argname="argument execution_parameters", value=execution_parameters, expected_type=type_hints["execution_parameters"])
             check_type(argname="argument query_execution_context", value=query_execution_context, expected_type=type_hints["query_execution_context"])
             check_type(argname="argument result_configuration", value=result_configuration, expected_type=type_hints["result_configuration"])
+            check_type(argname="argument result_reuse_configuration_max_age", value=result_reuse_configuration_max_age, expected_type=type_hints["result_reuse_configuration_max_age"])
             check_type(argname="argument work_group", value=work_group, expected_type=type_hints["work_group"])
         self._values: typing.Dict[builtins.str, typing.Any] = {
             "query_string": query_string,
@@ -3242,6 +3295,8 @@ class AthenaStartQueryExecutionProps(_TaskStateBaseProps_3a62b6d0):
             self._values["query_execution_context"] = query_execution_context
         if result_configuration is not None:
             self._values["result_configuration"] = result_configuration
+        if result_reuse_configuration_max_age is not None:
+            self._values["result_reuse_configuration_max_age"] = result_reuse_configuration_max_age
         if work_group is not None:
             self._values["work_group"] = work_group
 
@@ -3446,6 +3501,15 @@ class AthenaStartQueryExecutionProps(_TaskStateBaseProps_3a62b6d0):
         result = self._values.get("result_configuration")
         return typing.cast(typing.Optional["ResultConfiguration"], result)
 
+    @builtins.property
+    def result_reuse_configuration_max_age(self) -> typing.Optional[_Duration_4839e8c3]:
+        '''Specifies, in minutes, the maximum age of a previous query result that Athena should consider for reuse.
+
+        :default: - Query results are not reused
+        '''
+        result = self._values.get("result_reuse_configuration_max_age")
+        return typing.cast(typing.Optional[_Duration_4839e8c3], result)
+
     @builtins.property
     def work_group(self) -> typing.Optional[builtins.str]:
         '''Configuration on how and where to save query.
@@ -4660,8 +4724,10 @@ class BedrockInvokeModel(
         accept: typing.Optional[builtins.str] = None,
         body: typing.Optional[_TaskInput_91b91b91] = None,
         content_type: typing.Optional[builtins.str] = None,
+        guardrail: typing.Optional["Guardrail"] = None,
         input: typing.Optional[typing.Union["BedrockInvokeModelInputProps", typing.Dict[builtins.str, typing.Any]]] = None,
         output: typing.Optional[typing.Union["BedrockInvokeModelOutputProps", typing.Dict[builtins.str, typing.Any]]] = None,
+        trace_enabled: typing.Optional[builtins.bool] = None,
         comment: typing.Optional[builtins.str] = None,
         credentials: typing.Optional[typing.Union[_Credentials_2cd64c6b, typing.Dict[builtins.str, typing.Any]]] = None,
         heartbeat: typing.Optional[_Duration_4839e8c3] = None,
@@ -4680,10 +4746,12 @@ class BedrockInvokeModel(
         :param id: Descriptive identifier for this chainable.
         :param model: The Bedrock model that the task will invoke.
         :param accept: The desired MIME type of the inference body in the response. Default: 'application/json'
-        :param body: The input data for the Bedrock model invocation. The inference parameters contained in the body depend on the Bedrock model being used. The body must be in the format specified in the ``contentType`` field. For example, if the content type is ``application/json``, the body must be JSON formatted. The body must be up to 256 KB in size. For input data that exceeds 256 KB, use ``input`` instead to retrieve the input data from S3. You must specify either the ``body`` or the ``input`` field, but not both. Default: Input data is retrieved from the location specified in the ``input`` field
-        :param content_type: The MIME type of the input data in the request. Default: 'application/json'
-        :param input: The source location to retrieve the input data from. Default: Input data is retrieved from the ``body`` field
-        :param output: The destination location where the API response is written. If you specify this field, the API response body is replaced with a reference to the output location. Default: The API response body is returned in the result.
+        :param body: The input data for the Bedrock model invocation. The inference parameters contained in the body depend on the Bedrock model being used. The body must be in the format specified in the ``contentType`` field. For example, if the content type is ``application/json``, the body must be JSON formatted. The body must be up to 256 KB in size. For input data that exceeds 256 KB, use ``input`` instead to retrieve the input data from S3. You must specify either the ``body`` or the ``input`` field, but not both. Default: - Input data is retrieved from the location specified in the ``input`` field
+        :param content_type: (deprecated) The MIME type of the input data in the request. Default: 'application/json'
+        :param guardrail: The guardrail is applied to the invocation. Default: - No guardrail is applied to the invocation.
+        :param input: The source location to retrieve the input data from. Default: - Input data is retrieved from the ``body`` field
+        :param output: The destination location where the API response is written. If you specify this field, the API response body is replaced with a reference to the output location. Default: - The API response body is returned in the result.
+        :param trace_enabled: Specifies whether to enable or disable the Bedrock trace. Default: - Trace is not enabled for the invocation.
         :param comment: An optional description for this state. Default: - No comment
         :param credentials: Credentials for an IAM Role that the State Machine assumes for executing the task. This enables cross-account resource invocations. Default: - None (Task is executed using the State Machine's execution role)
         :param heartbeat: (deprecated) Timeout for the heartbeat. Default: - None
@@ -4706,8 +4774,10 @@ class BedrockInvokeModel(
             accept=accept,
             body=body,
             content_type=content_type,
+            guardrail=guardrail,
             input=input,
             output=output,
+            trace_enabled=trace_enabled,
             comment=comment,
             credentials=credentials,
             heartbeat=heartbeat,
@@ -4748,7 +4818,7 @@ class BedrockInvokeModelInputProps:
     ) -> None:
         '''Location to retrieve the input data, prior to calling Bedrock InvokeModel.
 
-        :param s3_location: S3 object to retrieve the input data from. If the S3 location is not set, then the Body must be set. Default: Input data is retrieved from the ``body`` field
+        :param s3_location: S3 object to retrieve the input data from. If the S3 location is not set, then the Body must be set. Default: - Input data is retrieved from the ``body`` field
 
         :see: https://docs.aws.amazon.com/step-functions/latest/dg/connect-bedrock.html
         :exampleMetadata: fixture=_generated
@@ -4784,7 +4854,7 @@ class BedrockInvokeModelInputProps:
 
         If the S3 location is not set, then the Body must be set.
 
-        :default: Input data is retrieved from the ``body`` field
+        :default: - Input data is retrieved from the ``body`` field
         '''
         result = self._values.get("s3_location")
         return typing.cast(typing.Optional[_Location_0948fa7f], result)
@@ -4814,7 +4884,7 @@ class BedrockInvokeModelOutputProps:
     ) -> None:
         '''Location where the Bedrock InvokeModel API response is written.
 
-        :param s3_location: S3 object where the Bedrock InvokeModel API response is written. If you specify this field, the API response body is replaced with a reference to the Amazon S3 location of the original output. Default: Response body is returned in the task result
+        :param s3_location: S3 object where the Bedrock InvokeModel API response is written. If you specify this field, the API response body is replaced with a reference to the Amazon S3 location of the original output. Default: - Response body is returned in the task result
 
         :see: https://docs.aws.amazon.com/step-functions/latest/dg/connect-bedrock.html
         :exampleMetadata: fixture=_generated
@@ -4851,7 +4921,7 @@ class BedrockInvokeModelOutputProps:
         If you specify this field, the API response body is replaced with
         a reference to the Amazon S3 location of the original output.
 
-        :default: Response body is returned in the task result
+        :default: - Response body is returned in the task result
         '''
         result = self._values.get("s3_location")
         return typing.cast(typing.Optional[_Location_0948fa7f], result)
@@ -4888,8 +4958,10 @@ class BedrockInvokeModelOutputProps:
         "accept": "accept",
         "body": "body",
         "content_type": "contentType",
+        "guardrail": "guardrail",
         "input": "input",
         "output": "output",
+        "trace_enabled": "traceEnabled",
     },
 )
 class BedrockInvokeModelProps(_TaskStateBaseProps_3a62b6d0):
@@ -4912,8 +4984,10 @@ class BedrockInvokeModelProps(_TaskStateBaseProps_3a62b6d0):
         accept: typing.Optional[builtins.str] = None,
         body: typing.Optional[_TaskInput_91b91b91] = None,
         content_type: typing.Optional[builtins.str] = None,
+        guardrail: typing.Optional["Guardrail"] = None,
         input: typing.Optional[typing.Union[BedrockInvokeModelInputProps, typing.Dict[builtins.str, typing.Any]]] = None,
         output: typing.Optional[typing.Union[BedrockInvokeModelOutputProps, typing.Dict[builtins.str, typing.Any]]] = None,
+        trace_enabled: typing.Optional[builtins.bool] = None,
     ) -> None:
         '''Properties for invoking a Bedrock Model.
 
@@ -4931,10 +5005,12 @@ class BedrockInvokeModelProps(_TaskStateBaseProps_3a62b6d0):
         :param timeout: (deprecated) Timeout for the task. Default: - None
         :param model: The Bedrock model that the task will invoke.
         :param accept: The desired MIME type of the inference body in the response. Default: 'application/json'
-        :param body: The input data for the Bedrock model invocation. The inference parameters contained in the body depend on the Bedrock model being used. The body must be in the format specified in the ``contentType`` field. For example, if the content type is ``application/json``, the body must be JSON formatted. The body must be up to 256 KB in size. For input data that exceeds 256 KB, use ``input`` instead to retrieve the input data from S3. You must specify either the ``body`` or the ``input`` field, but not both. Default: Input data is retrieved from the location specified in the ``input`` field
-        :param content_type: The MIME type of the input data in the request. Default: 'application/json'
-        :param input: The source location to retrieve the input data from. Default: Input data is retrieved from the ``body`` field
-        :param output: The destination location where the API response is written. If you specify this field, the API response body is replaced with a reference to the output location. Default: The API response body is returned in the result.
+        :param body: The input data for the Bedrock model invocation. The inference parameters contained in the body depend on the Bedrock model being used. The body must be in the format specified in the ``contentType`` field. For example, if the content type is ``application/json``, the body must be JSON formatted. The body must be up to 256 KB in size. For input data that exceeds 256 KB, use ``input`` instead to retrieve the input data from S3. You must specify either the ``body`` or the ``input`` field, but not both. Default: - Input data is retrieved from the location specified in the ``input`` field
+        :param content_type: (deprecated) The MIME type of the input data in the request. Default: 'application/json'
+        :param guardrail: The guardrail is applied to the invocation. Default: - No guardrail is applied to the invocation.
+        :param input: The source location to retrieve the input data from. Default: - Input data is retrieved from the ``body`` field
+        :param output: The destination location where the API response is written. If you specify this field, the API response body is replaced with a reference to the output location. Default: - The API response body is returned in the result.
+        :param trace_enabled: Specifies whether to enable or disable the Bedrock trace. Default: - Trace is not enabled for the invocation.
 
         :exampleMetadata: infused
 
@@ -4983,8 +5059,10 @@ class BedrockInvokeModelProps(_TaskStateBaseProps_3a62b6d0):
             check_type(argname="argument accept", value=accept, expected_type=type_hints["accept"])
             check_type(argname="argument body", value=body, expected_type=type_hints["body"])
             check_type(argname="argument content_type", value=content_type, expected_type=type_hints["content_type"])
+            check_type(argname="argument guardrail", value=guardrail, expected_type=type_hints["guardrail"])
             check_type(argname="argument input", value=input, expected_type=type_hints["input"])
             check_type(argname="argument output", value=output, expected_type=type_hints["output"])
+            check_type(argname="argument trace_enabled", value=trace_enabled, expected_type=type_hints["trace_enabled"])
         self._values: typing.Dict[builtins.str, typing.Any] = {
             "model": model,
         }
@@ -5018,10 +5096,14 @@ class BedrockInvokeModelProps(_TaskStateBaseProps_3a62b6d0):
             self._values["body"] = body
         if content_type is not None:
             self._values["content_type"] = content_type
+        if guardrail is not None:
+            self._values["guardrail"] = guardrail
         if input is not None:
             self._values["input"] = input
         if output is not None:
             self._values["output"] = output
+        if trace_enabled is not None:
+            self._values["trace_enabled"] = trace_enabled
 
     @builtins.property
     def comment(self) -> typing.Optional[builtins.str]:
@@ -5214,7 +5296,7 @@ class BedrockInvokeModelProps(_TaskStateBaseProps_3a62b6d0):
 
         You must specify either the ``body`` or the ``input`` field, but not both.
 
-        :default: Input data is retrieved from the location specified in the ``input`` field
+        :default: - Input data is retrieved from the location specified in the ``input`` field
 
         :see: https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html
         '''
@@ -5223,20 +5305,32 @@ class BedrockInvokeModelProps(_TaskStateBaseProps_3a62b6d0):
 
     @builtins.property
     def content_type(self) -> typing.Optional[builtins.str]:
-        '''The MIME type of the input data in the request.
+        '''(deprecated) The MIME type of the input data in the request.
 
         :default: 'application/json'
 
+        :deprecated: This property does not require configuration because the only acceptable value is 'application/json'.
+
         :see: https://docs.aws.amazon.com/bedrock/latest/APIReference/API_runtime_InvokeModel.html
+        :stability: deprecated
         '''
         result = self._values.get("content_type")
         return typing.cast(typing.Optional[builtins.str], result)
 
+    @builtins.property
+    def guardrail(self) -> typing.Optional["Guardrail"]:
+        '''The guardrail is applied to the invocation.
+
+        :default: - No guardrail is applied to the invocation.
+        '''
+        result = self._values.get("guardrail")
+        return typing.cast(typing.Optional["Guardrail"], result)
+
     @builtins.property
     def input(self) -> typing.Optional[BedrockInvokeModelInputProps]:
         '''The source location to retrieve the input data from.
 
-        :default: Input data is retrieved from the ``body`` field
+        :default: - Input data is retrieved from the ``body`` field
         '''
         result = self._values.get("input")
         return typing.cast(typing.Optional[BedrockInvokeModelInputProps], result)
@@ -5248,11 +5342,20 @@ class BedrockInvokeModelProps(_TaskStateBaseProps_3a62b6d0):
         If you specify this field, the API response body is replaced with a reference to the
         output location.
 
-        :default: The API response body is returned in the result.
+        :default: - The API response body is returned in the result.
         '''
         result = self._values.get("output")
         return typing.cast(typing.Optional[BedrockInvokeModelOutputProps], result)
 
+    @builtins.property
+    def trace_enabled(self) -> typing.Optional[builtins.bool]:
+        '''Specifies whether to enable or disable the Bedrock trace.
+
+        :default: - Trace is not enabled for the invocation.
+        '''
+        result = self._values.get("trace_enabled")
+        return typing.cast(typing.Optional[builtins.bool], result)
+
     def __eq__(self, rhs: typing.Any) -> builtins.bool:
         return isinstance(rhs, self.__class__) and rhs._values == self._values
 
@@ -6900,11 +7003,11 @@ class CallAwsServiceCrossRegion(
         :param action: The API action to call. Use camelCase.
         :param iam_resources: The resources for the IAM statement that will be added to the Lambda function role's policy to allow the state machine to make the API call.
         :param region: The AWS region to call this AWS API for.
-        :param service: The AWS service to call in AWS SDK for JavaScript v3 style.
+        :param service: The AWS service to call in AWS SDK for JavaScript v3 format.
         :param additional_iam_statements: Additional IAM statements that will be added to the state machine role's policy. Use in the case where the call requires more than a single statement to be executed, e.g. ``rekognition:detectLabels`` requires also S3 permissions to read the object on which it must act. Default: - no additional statements are added
         :param endpoint: The AWS API endpoint. Default: Do not override API endpoint.
         :param iam_action: The action for the IAM statement that will be added to the Lambda function role's policy to allow the state machine to make the API call. By default the action for this IAM statement will be ``service:action``. Use in the case where the IAM action name does not match with the API service/action name, e.g. ``s3:ListBuckets`` requires ``s3:ListAllMyBuckets``. Default: - service:action
-        :param parameters: Parameters for the API action call. Use PascalCase for the parameter names. Default: - no parameters
+        :param parameters: Parameters for the API action call in AWS SDK for JavaScript v3 format. Default: - no parameters
         :param retry_on_service_exceptions: Whether to retry on the backend Lambda service exceptions. This handles ``Lambda.ServiceException``, ``Lambda.AWSLambdaException``, ``Lambda.SdkClientException``, and ``Lambda.ClientExecutionTimeoutException`` with an interval of 2 seconds, a back-off rate of 2 and 6 maximum attempts. Default: true
         :param comment: An optional description for this state. Default: - No comment
         :param credentials: Credentials for an IAM Role that the State Machine assumes for executing the task. This enables cross-account resource invocations. Default: - None (Task is executed using the State Machine's execution role)
@@ -7035,11 +7138,11 @@ class CallAwsServiceCrossRegionProps(_TaskStateBaseProps_3a62b6d0):
         :param action: The API action to call. Use camelCase.
         :param iam_resources: The resources for the IAM statement that will be added to the Lambda function role's policy to allow the state machine to make the API call.
         :param region: The AWS region to call this AWS API for.
-        :param service: The AWS service to call in AWS SDK for JavaScript v3 style.
+        :param service: The AWS service to call in AWS SDK for JavaScript v3 format.
         :param additional_iam_statements: Additional IAM statements that will be added to the state machine role's policy. Use in the case where the call requires more than a single statement to be executed, e.g. ``rekognition:detectLabels`` requires also S3 permissions to read the object on which it must act. Default: - no additional statements are added
         :param endpoint: The AWS API endpoint. Default: Do not override API endpoint.
         :param iam_action: The action for the IAM statement that will be added to the Lambda function role's policy to allow the state machine to make the API call. By default the action for this IAM statement will be ``service:action``. Use in the case where the IAM action name does not match with the API service/action name, e.g. ``s3:ListBuckets`` requires ``s3:ListAllMyBuckets``. Default: - service:action
-        :param parameters: Parameters for the API action call. Use PascalCase for the parameter names. Default: - no parameters
+        :param parameters: Parameters for the API action call in AWS SDK for JavaScript v3 format. Default: - no parameters
         :param retry_on_service_exceptions: Whether to retry on the backend Lambda service exceptions. This handles ``Lambda.ServiceException``, ``Lambda.AWSLambdaException``, ``Lambda.SdkClientException``, and ``Lambda.ClientExecutionTimeoutException`` with an interval of 2 seconds, a back-off rate of 2 and 6 maximum attempts. Default: true
 
         :exampleMetadata: infused
@@ -7311,7 +7414,7 @@ class CallAwsServiceCrossRegionProps(_TaskStateBaseProps_3a62b6d0):
 
     @builtins.property
     def service(self) -> builtins.str:
-        '''The AWS service to call in AWS SDK for JavaScript v3 style.
+        '''The AWS service to call in AWS SDK for JavaScript v3 format.
 
         :see: https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/
 
@@ -7363,9 +7466,7 @@ class CallAwsServiceCrossRegionProps(_TaskStateBaseProps_3a62b6d0):
 
     @builtins.property
     def parameters(self) -> typing.Optional[typing.Mapping[builtins.str, typing.Any]]:
-        '''Parameters for the API action call.
-
-        Use PascalCase for the parameter names.
+        '''Parameters for the API action call in AWS SDK for JavaScript v3 format.
 
         :default: - no parameters
         '''
@@ -24254,6 +24355,76 @@ class GlueStartJobRunProps(_TaskStateBaseProps_3a62b6d0):
         )
 
 
+class Guardrail(
+    metaclass=jsii.JSIIMeta,
+    jsii_type="aws-cdk-lib.aws_stepfunctions_tasks.Guardrail",
+):
+    '''Guradrail settings for BedrockInvokeModel.
+
+    :exampleMetadata: infused
+
+    Example::
+
+        import aws_cdk.aws_bedrock as bedrock
+        
+        
+        model = bedrock.FoundationModel.from_foundation_model_id(self, "Model", bedrock.FoundationModelIdentifier.AMAZON_TITAN_TEXT_G1_EXPRESS_V1)
+        
+        task = tasks.BedrockInvokeModel(self, "Prompt Model with guardrail",
+            model=model,
+            body=sfn.TaskInput.from_object({
+                "input_text": "Generate a list of five first names.",
+                "text_generation_config": {
+                    "max_token_count": 100,
+                    "temperature": 1
+                }
+            }),
+            guardrail=tasks.Guardrail.enable("guardrailId", 1),
+            result_selector={
+                "names": sfn.JsonPath.string_at("$.Body.results[0].outputText")
+            }
+        )
+    '''
+
+    @jsii.member(jsii_name="enable")
+    @builtins.classmethod
+    def enable(cls, identifier: builtins.str, version: jsii.Number) -> "Guardrail":
+        '''Enable guardrail.
+
+        :param identifier: The id or arn of the guardrail.
+        :param version: The version of the guardrail.
+        '''
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__5fa6ebe8b4dbacaaab9ce1d7f96201628e8429b6f1e9480ecaf651f59e53f917)
+            check_type(argname="argument identifier", value=identifier, expected_type=type_hints["identifier"])
+            check_type(argname="argument version", value=version, expected_type=type_hints["version"])
+        return typing.cast("Guardrail", jsii.sinvoke(cls, "enable", [identifier, version]))
+
+    @jsii.member(jsii_name="enableDraft")
+    @builtins.classmethod
+    def enable_draft(cls, identifier: builtins.str) -> "Guardrail":
+        '''Enable guardrail with DRAFT version.
+
+        :param identifier: The identifier of the guardrail. Must be between 1 and 2048 characters in length.
+        '''
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__7303b9390112fa7a595653a20262a8472e6088014bf04484e53c9069efdff499)
+            check_type(argname="argument identifier", value=identifier, expected_type=type_hints["identifier"])
+        return typing.cast("Guardrail", jsii.sinvoke(cls, "enableDraft", [identifier]))
+
+    @builtins.property
+    @jsii.member(jsii_name="guardrailIdentifier")
+    def guardrail_identifier(self) -> builtins.str:
+        '''The identitifier of guardrail.'''
+        return typing.cast(builtins.str, jsii.get(self, "guardrailIdentifier"))
+
+    @builtins.property
+    @jsii.member(jsii_name="guardrailVersion")
+    def guardrail_version(self) -> builtins.str:
+        '''The version of guardrail.'''
+        return typing.cast(builtins.str, jsii.get(self, "guardrailVersion"))
+
+
 class HttpInvoke(
     _TaskStateBase_b5c0a816,
     metaclass=jsii.JSIIMeta,
@@ -34100,6 +34271,7 @@ __all__ = [
     "GlueStartCrawlerRunProps",
     "GlueStartJobRun",
     "GlueStartJobRunProps",
+    "Guardrail",
     "HttpInvoke",
     "HttpInvokeProps",
     "HttpMethod",
@@ -34305,6 +34477,7 @@ def _typecheckingstub__74ee21cd0bad6760da4cd18a6c4cd846a24d69d25b7bac8eb004edf64
     execution_parameters: typing.Optional[typing.Sequence[builtins.str]] = None,
     query_execution_context: typing.Optional[typing.Union[QueryExecutionContext, typing.Dict[builtins.str, typing.Any]]] = None,
     result_configuration: typing.Optional[typing.Union[ResultConfiguration, typing.Dict[builtins.str, typing.Any]]] = None,
+    result_reuse_configuration_max_age: typing.Optional[_Duration_4839e8c3] = None,
     work_group: typing.Optional[builtins.str] = None,
     comment: typing.Optional[builtins.str] = None,
     credentials: typing.Optional[typing.Union[_Credentials_2cd64c6b, typing.Dict[builtins.str, typing.Any]]] = None,
@@ -34341,6 +34514,7 @@ def _typecheckingstub__d2b6c9868cc3485b4ed4a4ef1f89308086ff873bc4d86413aa4b420c9
     execution_parameters: typing.Optional[typing.Sequence[builtins.str]] = None,
     query_execution_context: typing.Optional[typing.Union[QueryExecutionContext, typing.Dict[builtins.str, typing.Any]]] = None,
     result_configuration: typing.Optional[typing.Union[ResultConfiguration, typing.Dict[builtins.str, typing.Any]]] = None,
+    result_reuse_configuration_max_age: typing.Optional[_Duration_4839e8c3] = None,
     work_group: typing.Optional[builtins.str] = None,
 ) -> None:
     """Type checking stubs"""
@@ -34470,8 +34644,10 @@ def _typecheckingstub__3b20c515efa874adacf78d373dbda10fc59e519a3bd1b280ecbf56409
     accept: typing.Optional[builtins.str] = None,
     body: typing.Optional[_TaskInput_91b91b91] = None,
     content_type: typing.Optional[builtins.str] = None,
+    guardrail: typing.Optional[Guardrail] = None,
     input: typing.Optional[typing.Union[BedrockInvokeModelInputProps, typing.Dict[builtins.str, typing.Any]]] = None,
     output: typing.Optional[typing.Union[BedrockInvokeModelOutputProps, typing.Dict[builtins.str, typing.Any]]] = None,
+    trace_enabled: typing.Optional[builtins.bool] = None,
     comment: typing.Optional[builtins.str] = None,
     credentials: typing.Optional[typing.Union[_Credentials_2cd64c6b, typing.Dict[builtins.str, typing.Any]]] = None,
     heartbeat: typing.Optional[_Duration_4839e8c3] = None,
@@ -34520,8 +34696,10 @@ def _typecheckingstub__a9bf54cbc3850dd1a65ada3b96e97b5e68b7027badd90592dbcc79a35
     accept: typing.Optional[builtins.str] = None,
     body: typing.Optional[_TaskInput_91b91b91] = None,
     content_type: typing.Optional[builtins.str] = None,
+    guardrail: typing.Optional[Guardrail] = None,
     input: typing.Optional[typing.Union[BedrockInvokeModelInputProps, typing.Dict[builtins.str, typing.Any]]] = None,
     output: typing.Optional[typing.Union[BedrockInvokeModelOutputProps, typing.Dict[builtins.str, typing.Any]]] = None,
+    trace_enabled: typing.Optional[builtins.bool] = None,
 ) -> None:
     """Type checking stubs"""
     pass
@@ -36424,6 +36602,19 @@ def _typecheckingstub__6a5a6a067402f20efc3f218ecff8d7cae8c7206cf0bfb73907469d47f
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__5fa6ebe8b4dbacaaab9ce1d7f96201628e8429b6f1e9480ecaf651f59e53f917(
+    identifier: builtins.str,
+    version: jsii.Number,
+) -> None:
+    """Type checking stubs"""
+    pass
+
+def _typecheckingstub__7303b9390112fa7a595653a20262a8472e6088014bf04484e53c9069efdff499(
+    identifier: builtins.str,
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__380dcb304dd02d709d798634fa365c757bcaa7593ab7542271009736c47d0329(
     scope: _constructs_77d1e7e8.Construct,
     id: builtins.str,

aws_cdk/aws_synthetics/__init__.py

@@ -3564,7 +3564,7 @@ class Runtime(metaclass=jsii.JSIIMeta, jsii_type="aws-cdk-lib.aws_synthetics.Run
         - **Ephemeral storage monitoring**: This runtime adds ephemeral storage monitoring in customer accounts.
         - **Bug fixes**
 
-        :see: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_nodejs_puppeteer.html#CloudWatch_Synthetics_runtimeversion-nodejs-puppeteer-6.1
+        :see: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_nodejs_puppeteer.html#CloudWatch_Synthetics_runtimeversion-nodejs-puppeteer-6.2
         '''
         return typing.cast("Runtime", jsii.sget(cls, "SYNTHETICS_NODEJS_PUPPETEER_6_2"))
 
@@ -3581,6 +3581,20 @@ class Runtime(metaclass=jsii.JSIIMeta, jsii_type="aws-cdk-lib.aws_synthetics.Run
         '''
         return typing.cast("Runtime", jsii.sget(cls, "SYNTHETICS_NODEJS_PUPPETEER_7_0"))
 
+    @jsii.python.classproperty
+    @jsii.member(jsii_name="SYNTHETICS_NODEJS_PUPPETEER_8_0")
+    def SYNTHETICS_NODEJS_PUPPETEER_8_0(cls) -> "Runtime":
+        '''``syn-nodejs-puppeteer-8.0`` includes the following: - Lambda runtime Node.js 20.x - Puppeteer-core version 22.10.0 - Chromium version 125.0.6422.112.
+
+        New Features:
+
+        - **Support for two-factor authentication**
+        - **Bug fixes** for situations where some service clients were losing data in Node.js SDK V3 responses.
+
+        :see: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Library_nodejs_puppeteer.html#CloudWatch_Synthetics_runtimeversion-nodejs-puppeteer-8.0
+        '''
+        return typing.cast("Runtime", jsii.sget(cls, "SYNTHETICS_NODEJS_PUPPETEER_8_0"))
+
     @jsii.python.classproperty
     @jsii.member(jsii_name="SYNTHETICS_PYTHON_SELENIUM_1_0")
     def SYNTHETICS_PYTHON_SELENIUM_1_0(cls) -> "Runtime":

aws_cdk/aws_verifiedpermissions/__init__.py

@@ -143,7 +143,7 @@ class CfnIdentitySource(
         '''
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
-        :param configuration: Contains configuration information about an identity source.
+        :param configuration: Contains configuration information used when creating a new identity source.
         :param policy_store_id: Specifies the ID of the policy store in which you want to store this identity source. Only policies and requests made using this policy store can reference identities from the identity provider configured in the new identity source.
         :param principal_entity_type: Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source.
         '''
@@ -248,7 +248,7 @@ class CfnIdentitySource(
     def configuration(
         self,
     ) -> typing.Union[_IResolvable_da3f097b, "CfnIdentitySource.IdentitySourceConfigurationProperty"]:
-        '''Contains configuration information about an identity source.'''
+        '''Contains configuration information used when creating a new identity source.'''
         return typing.cast(typing.Union[_IResolvable_da3f097b, "CfnIdentitySource.IdentitySourceConfigurationProperty"], jsii.get(self, "configuration"))
 
     @configuration.setter
@@ -296,8 +296,6 @@ class CfnIdentitySource(
         def __init__(self, *, group_entity_type: builtins.str) -> None:
             '''The type of entity that a policy store maps to groups from an Amazon Cognito user pool identity source.
 
-            This data type is part of a `CognitoUserPoolConfiguration <https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CognitoUserPoolConfiguration.html>`_ structure and is a request parameter in `CreateIdentitySource <https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html>`_ .
-
             :param group_entity_type: The name of the schema entity type that's mapped to the user pool group. Defaults to ``AWS::CognitoGroup`` .
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-verifiedpermissions-identitysource-cognitogroupconfiguration.html
@@ -1145,7 +1143,7 @@ class CfnIdentitySourceProps:
     ) -> None:
         '''Properties for defining a ``CfnIdentitySource``.
 
-        :param configuration: Contains configuration information about an identity source.
+        :param configuration: Contains configuration information used when creating a new identity source.
         :param policy_store_id: Specifies the ID of the policy store in which you want to store this identity source. Only policies and requests made using this policy store can reference identities from the identity provider configured in the new identity source.
         :param principal_entity_type: Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source.
 
@@ -1212,7 +1210,7 @@ class CfnIdentitySourceProps:
     def configuration(
         self,
     ) -> typing.Union[_IResolvable_da3f097b, CfnIdentitySource.IdentitySourceConfigurationProperty]:
-        '''Contains configuration information about an identity source.
+        '''Contains configuration information used when creating a new identity source.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-verifiedpermissions-identitysource.html#cfn-verifiedpermissions-identitysource-configuration
         '''
@@ -1263,7 +1261,7 @@ class CfnPolicy(
 
     You can create either a static policy or a policy linked to a policy template.
 
-    You can directly update only static policies. To update a template-linked policy, you must update it's linked policy template instead.
+    You can directly update only static policies. To update a template-linked policy, you must update its linked policy template instead.
 
     - To create a static policy, in the ``Definition`` include a ``Static`` element that includes the Cedar policy text in the ``Statement`` element.
     - To create a policy that is dynamically linked to a policy template, in the ``Definition`` include a ``Templatelinked`` element that specifies the policy template ID and the principal and resource to associate with this policy. If the policy template is ever updated, any policies linked to the policy template automatically use the updated template.
@@ -2056,7 +2054,7 @@ class CfnPolicyStore(
 
             If the validation mode for the policy store is set to ``STRICT`` , then policies that can't be validated by this schema are rejected by Verified Permissions and can't be stored in the policy store.
 
-            :param cedar_json: A JSON string representation of the schema supported by applications that use this policy store. For more information, see `Policy store schema <https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html>`_ in the *Amazon Verified Permissions User Guide* .
+            :param cedar_json: A JSON string representation of the schema supported by applications that use this policy store. For more information, see `Policy store schema <https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html>`_ in the AVP User Guide.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-verifiedpermissions-policystore-schemadefinition.html
             :exampleMetadata: fixture=_generated
@@ -2082,7 +2080,7 @@ class CfnPolicyStore(
         def cedar_json(self) -> typing.Optional[builtins.str]:
             '''A JSON string representation of the schema supported by applications that use this policy store.
 
-            For more information, see `Policy store schema <https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html>`_ in the *Amazon Verified Permissions User Guide* .
+            For more information, see `Policy store schema <https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html>`_ in the AVP User Guide.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-verifiedpermissions-policystore-schemadefinition.html#cfn-verifiedpermissions-policystore-schemadefinition-cedarjson
             '''