aws-cdk-lib 2.162.0__py3-none-any.whl → 2.163.0__py3-none-any.whl

aws_cdk/aws_route53profiles/__init__.py

@@ -271,7 +271,7 @@ class CfnProfileAssociation(
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
         :param name: Name of the Profile association.
-        :param profile_id: ID of the Profile.
+        :param profile_id: ID of the Profile. Update to this property requires update to the ``ResourceId`` property as well, because you can only associate one Profile per VPC. For more information, see `Route 53 Profiles <https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/profiles.html>`_ .
         :param resource_id: The ID of the VPC.
         :param arn: The Amazon Resource Name (ARN) of the profile association to a VPC.
         :param tags: An array of key-value pairs to apply to this resource.
@@ -430,7 +430,7 @@ class CfnProfileAssociationProps:
         '''Properties for defining a ``CfnProfileAssociation``.
 
         :param name: Name of the Profile association.
-        :param profile_id: ID of the Profile.
+        :param profile_id: ID of the Profile. Update to this property requires update to the ``ResourceId`` property as well, because you can only associate one Profile per VPC. For more information, see `Route 53 Profiles <https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/profiles.html>`_ .
         :param resource_id: The ID of the VPC.
         :param arn: The Amazon Resource Name (ARN) of the profile association to a VPC.
         :param tags: An array of key-value pairs to apply to this resource.
@@ -488,6 +488,8 @@ class CfnProfileAssociationProps:
     def profile_id(self) -> builtins.str:
         '''ID of the Profile.
 
+        Update to this property requires update to the ``ResourceId`` property as well, because you can only associate one Profile per VPC. For more information, see `Route 53 Profiles <https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/profiles.html>`_ .
+
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53profiles-profileassociation.html#cfn-route53profiles-profileassociation-profileid
         '''
         result = self._values.get("profile_id")

aws_cdk/aws_route53resolver/__init__.py

@@ -3372,7 +3372,6 @@ class CfnResolverRule(
             rule_type="ruleType",
         
             # the properties below are optional
-            delegation_record="delegationRecord",
             domain_name="domainName",
             name="name",
             resolver_endpoint_id="resolverEndpointId",
@@ -3384,7 +3383,8 @@ class CfnResolverRule(
                 ip="ip",
                 ipv6="ipv6",
                 port="port",
-                protocol="protocol"
+                protocol="protocol",
+                server_name_indication="serverNameIndication"
             )]
         )
     '''
@@ -3395,7 +3395,6 @@ class CfnResolverRule(
         id: builtins.str,
         *,
         rule_type: builtins.str,
-        delegation_record: typing.Optional[builtins.str] = None,
         domain_name: typing.Optional[builtins.str] = None,
         name: typing.Optional[builtins.str] = None,
         resolver_endpoint_id: typing.Optional[builtins.str] = None,
@@ -3406,7 +3405,6 @@ class CfnResolverRule(
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
         :param rule_type: When you want to forward DNS queries for specified domain name to resolvers on your network, specify ``FORWARD`` . When you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for a subdomain of that domain, specify ``SYSTEM`` . For example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify ``FORWARD`` for ``RuleType`` . To then have Resolver process queries for apex.example.com, you create a rule and specify ``SYSTEM`` for ``RuleType`` . Currently, only Resolver can create rules that have a value of ``RECURSIVE`` for ``RuleType`` .
-        :param delegation_record: The name server domain for queries to be delegated to if a query matches the delegation record.
         :param domain_name: DNS queries for this domain name are forwarded to the IP addresses that are specified in ``TargetIps`` . If a query matches multiple Resolver rules (example.com and www.example.com), the query is routed using the Resolver rule that contains the most specific domain name (www.example.com).
         :param name: The name for the Resolver rule, which you specified when you created the Resolver rule.
         :param resolver_endpoint_id: The ID of the endpoint that the rule is associated with.
@@ -3419,7 +3417,6 @@ class CfnResolverRule(
             check_type(argname="argument id", value=id, expected_type=type_hints["id"])
         props = CfnResolverRuleProps(
             rule_type=rule_type,
-            delegation_record=delegation_record,
             domain_name=domain_name,
             name=name,
             resolver_endpoint_id=resolver_endpoint_id,
@@ -3543,19 +3540,6 @@ class CfnResolverRule(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "ruleType", value) # pyright: ignore[reportArgumentType]
 
-    @builtins.property
-    @jsii.member(jsii_name="delegationRecord")
-    def delegation_record(self) -> typing.Optional[builtins.str]:
-        '''The name server domain for queries to be delegated to if a query matches the delegation record.'''
-        return typing.cast(typing.Optional[builtins.str], jsii.get(self, "delegationRecord"))
-
-    @delegation_record.setter
-    def delegation_record(self, value: typing.Optional[builtins.str]) -> None:
-        if __debug__:
-            type_hints = typing.get_type_hints(_typecheckingstub__b1126d07ce449d0d6220e3fbf183f2d786e81574a4f131914dfe0914a55bb851)
-            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
-        jsii.set(self, "delegationRecord", value) # pyright: ignore[reportArgumentType]
-
     @builtins.property
     @jsii.member(jsii_name="domainName")
     def domain_name(self) -> typing.Optional[builtins.str]:
@@ -3634,6 +3618,7 @@ class CfnResolverRule(
             "ipv6": "ipv6",
             "port": "port",
             "protocol": "protocol",
+            "server_name_indication": "serverNameIndication",
         },
     )
     class TargetAddressProperty:
@@ -3644,13 +3629,15 @@ class CfnResolverRule(
             ipv6: typing.Optional[builtins.str] = None,
             port: typing.Optional[builtins.str] = None,
             protocol: typing.Optional[builtins.str] = None,
+            server_name_indication: typing.Optional[builtins.str] = None,
         ) -> None:
             '''In a `CreateResolverRule <https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverRule.html>`_ request, an array of the IPs that you want to forward DNS queries to.
 
             :param ip: One IPv4 address that you want to forward DNS queries to.
             :param ipv6: One IPv6 address that you want to forward DNS queries to.
             :param port: The port at ``Ip`` that you want to forward DNS queries to.
-            :param protocol: The protocols for the Resolver endpoints. DoH-FIPS is applicable for inbound endpoints only. For an inbound endpoint you can apply the protocols as follows: - Do53 and DoH in combination. - Do53 and DoH-FIPS in combination. - Do53 alone. - DoH alone. - DoH-FIPS alone. - None, which is treated as Do53. For an outbound endpoint you can apply the protocols as follows: - Do53 and DoH in combination. - Do53 alone. - DoH alone. - None, which is treated as Do53.
+            :param protocol: The protocols for the target address. The protocol you choose needs to be supported by the outbound endpoint of the Resolver rule.
+            :param server_name_indication: The Server Name Indication of the DoH server that you want to forward queries to. This is only used if the Protocol of the ``TargetAddress`` is ``DoH`` .
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53resolver-resolverrule-targetaddress.html
             :exampleMetadata: fixture=_generated
@@ -3665,7 +3652,8 @@ class CfnResolverRule(
                     ip="ip",
                     ipv6="ipv6",
                     port="port",
-                    protocol="protocol"
+                    protocol="protocol",
+                    server_name_indication="serverNameIndication"
                 )
             '''
             if __debug__:
@@ -3674,6 +3662,7 @@ class CfnResolverRule(
                 check_type(argname="argument ipv6", value=ipv6, expected_type=type_hints["ipv6"])
                 check_type(argname="argument port", value=port, expected_type=type_hints["port"])
                 check_type(argname="argument protocol", value=protocol, expected_type=type_hints["protocol"])
+                check_type(argname="argument server_name_indication", value=server_name_indication, expected_type=type_hints["server_name_indication"])
             self._values: typing.Dict[builtins.str, typing.Any] = {}
             if ip is not None:
                 self._values["ip"] = ip
@@ -3683,6 +3672,8 @@ class CfnResolverRule(
                 self._values["port"] = port
             if protocol is not None:
                 self._values["protocol"] = protocol
+            if server_name_indication is not None:
+                self._values["server_name_indication"] = server_name_indication
 
         @builtins.property
         def ip(self) -> typing.Optional[builtins.str]:
@@ -3713,27 +3704,24 @@ class CfnResolverRule(
 
         @builtins.property
         def protocol(self) -> typing.Optional[builtins.str]:
-            '''The protocols for the Resolver endpoints. DoH-FIPS is applicable for inbound endpoints only.
+            '''The protocols for the target address.
 
-            For an inbound endpoint you can apply the protocols as follows:
+            The protocol you choose needs to be supported by the outbound endpoint of the Resolver rule.
 
-            - Do53 and DoH in combination.
-            - Do53 and DoH-FIPS in combination.
-            - Do53 alone.
-            - DoH alone.
-            - DoH-FIPS alone.
-            - None, which is treated as Do53.
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53resolver-resolverrule-targetaddress.html#cfn-route53resolver-resolverrule-targetaddress-protocol
+            '''
+            result = self._values.get("protocol")
+            return typing.cast(typing.Optional[builtins.str], result)
 
-            For an outbound endpoint you can apply the protocols as follows:
+        @builtins.property
+        def server_name_indication(self) -> typing.Optional[builtins.str]:
+            '''The Server Name Indication of the DoH server that you want to forward queries to.
 
-            - Do53 and DoH in combination.
-            - Do53 alone.
-            - DoH alone.
-            - None, which is treated as Do53.
+            This is only used if the Protocol of the ``TargetAddress`` is ``DoH`` .
 
-            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53resolver-resolverrule-targetaddress.html#cfn-route53resolver-resolverrule-targetaddress-protocol
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53resolver-resolverrule-targetaddress.html#cfn-route53resolver-resolverrule-targetaddress-servernameindication
             '''
-            result = self._values.get("protocol")
+            result = self._values.get("server_name_indication")
             return typing.cast(typing.Optional[builtins.str], result)
 
         def __eq__(self, rhs: typing.Any) -> builtins.bool:
@@ -4010,7 +3998,6 @@ class CfnResolverRuleAssociationProps:
     jsii_struct_bases=[],
     name_mapping={
         "rule_type": "ruleType",
-        "delegation_record": "delegationRecord",
         "domain_name": "domainName",
         "name": "name",
         "resolver_endpoint_id": "resolverEndpointId",
@@ -4023,7 +4010,6 @@ class CfnResolverRuleProps:
         self,
         *,
         rule_type: builtins.str,
-        delegation_record: typing.Optional[builtins.str] = None,
         domain_name: typing.Optional[builtins.str] = None,
         name: typing.Optional[builtins.str] = None,
         resolver_endpoint_id: typing.Optional[builtins.str] = None,
@@ -4033,7 +4019,6 @@ class CfnResolverRuleProps:
         '''Properties for defining a ``CfnResolverRule``.
 
         :param rule_type: When you want to forward DNS queries for specified domain name to resolvers on your network, specify ``FORWARD`` . When you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for a subdomain of that domain, specify ``SYSTEM`` . For example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify ``FORWARD`` for ``RuleType`` . To then have Resolver process queries for apex.example.com, you create a rule and specify ``SYSTEM`` for ``RuleType`` . Currently, only Resolver can create rules that have a value of ``RECURSIVE`` for ``RuleType`` .
-        :param delegation_record: The name server domain for queries to be delegated to if a query matches the delegation record.
         :param domain_name: DNS queries for this domain name are forwarded to the IP addresses that are specified in ``TargetIps`` . If a query matches multiple Resolver rules (example.com and www.example.com), the query is routed using the Resolver rule that contains the most specific domain name (www.example.com).
         :param name: The name for the Resolver rule, which you specified when you created the Resolver rule.
         :param resolver_endpoint_id: The ID of the endpoint that the rule is associated with.
@@ -4053,7 +4038,6 @@ class CfnResolverRuleProps:
                 rule_type="ruleType",
             
                 # the properties below are optional
-                delegation_record="delegationRecord",
                 domain_name="domainName",
                 name="name",
                 resolver_endpoint_id="resolverEndpointId",
@@ -4065,14 +4049,14 @@ class CfnResolverRuleProps:
                     ip="ip",
                     ipv6="ipv6",
                     port="port",
-                    protocol="protocol"
+                    protocol="protocol",
+                    server_name_indication="serverNameIndication"
                 )]
             )
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__fdcaea1870aaf2dc13fe56b2d15a89d6adba2ad5884071fc618c9e4bb2c3ddec)
             check_type(argname="argument rule_type", value=rule_type, expected_type=type_hints["rule_type"])
-            check_type(argname="argument delegation_record", value=delegation_record, expected_type=type_hints["delegation_record"])
             check_type(argname="argument domain_name", value=domain_name, expected_type=type_hints["domain_name"])
             check_type(argname="argument name", value=name, expected_type=type_hints["name"])
             check_type(argname="argument resolver_endpoint_id", value=resolver_endpoint_id, expected_type=type_hints["resolver_endpoint_id"])
@@ -4081,8 +4065,6 @@ class CfnResolverRuleProps:
         self._values: typing.Dict[builtins.str, typing.Any] = {
             "rule_type": rule_type,
         }
-        if delegation_record is not None:
-            self._values["delegation_record"] = delegation_record
         if domain_name is not None:
             self._values["domain_name"] = domain_name
         if name is not None:
@@ -4110,15 +4092,6 @@ class CfnResolverRuleProps:
         assert result is not None, "Required property 'rule_type' is missing"
         return typing.cast(builtins.str, result)
 
-    @builtins.property
-    def delegation_record(self) -> typing.Optional[builtins.str]:
-        '''The name server domain for queries to be delegated to if a query matches the delegation record.
-
-        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverrule.html#cfn-route53resolver-resolverrule-delegationrecord
-        '''
-        result = self._values.get("delegation_record")
-        return typing.cast(typing.Optional[builtins.str], result)
-
     @builtins.property
     def domain_name(self) -> typing.Optional[builtins.str]:
         '''DNS queries for this domain name are forwarded to the IP addresses that are specified in ``TargetIps`` .
@@ -4746,7 +4719,6 @@ def _typecheckingstub__7253810e416357d129df95b3c7aa9aa0f08e68de7d465658e598912cf
     id: builtins.str,
     *,
     rule_type: builtins.str,
-    delegation_record: typing.Optional[builtins.str] = None,
     domain_name: typing.Optional[builtins.str] = None,
     name: typing.Optional[builtins.str] = None,
     resolver_endpoint_id: typing.Optional[builtins.str] = None,
@@ -4774,12 +4746,6 @@ def _typecheckingstub__13530a5c4f7ce175ae03b85dc7d4550ae7a3cb68cb2be12c89a167e8d
     """Type checking stubs"""
     pass
 
-def _typecheckingstub__b1126d07ce449d0d6220e3fbf183f2d786e81574a4f131914dfe0914a55bb851(
-    value: typing.Optional[builtins.str],
-) -> None:
-    """Type checking stubs"""
-    pass
-
 def _typecheckingstub__3e83136a81b10aed2481c602cdca3f63e1c2bcaed82fe69b1ab2413af7c0b7c0(
     value: typing.Optional[builtins.str],
 ) -> None:
@@ -4816,6 +4782,7 @@ def _typecheckingstub__9f5d5e066bc7e887c4651fe3eebf6009eace009cdd0d99976dd16327e
     ipv6: typing.Optional[builtins.str] = None,
     port: typing.Optional[builtins.str] = None,
     protocol: typing.Optional[builtins.str] = None,
+    server_name_indication: typing.Optional[builtins.str] = None,
 ) -> None:
     """Type checking stubs"""
     pass
@@ -4873,7 +4840,6 @@ def _typecheckingstub__3b7cd1048ae30851b3480dc04a365c7bd487212f9328f80bc61e1bae1
 def _typecheckingstub__fdcaea1870aaf2dc13fe56b2d15a89d6adba2ad5884071fc618c9e4bb2c3ddec(
     *,
     rule_type: builtins.str,
-    delegation_record: typing.Optional[builtins.str] = None,
     domain_name: typing.Optional[builtins.str] = None,
     name: typing.Optional[builtins.str] = None,
     resolver_endpoint_id: typing.Optional[builtins.str] = None,

aws_cdk/aws_s3/__init__.py

@@ -828,6 +828,38 @@ bucket = s3.Bucket(self, "MyBucket",
 )
 ```
 
+To indicate which default minimum object size behavior is applied to the lifecycle configuration, use the
+`transitionDefaultMinimumObjectSize` property.
+
+The default value of the property before September 2024 is `TransitionDefaultMinimumObjectSize.VARIES_BY_STORAGE_CLASS`
+that allows objects smaller than 128 KB to be transitioned only to the S3 Glacier and S3 Glacier Deep Archive storage classes,
+otherwise `TransitionDefaultMinimumObjectSize.ALL_STORAGE_CLASSES_128_K` that prevents objects smaller than 128 KB from being
+transitioned to any storage class.
+
+To customize the minimum object size for any transition you
+can add a filter that specifies a custom `objectSizeGreaterThan` or `objectSizeLessThan` for `lifecycleRules`
+property. Custom filters always take precedence over the default transition behavior.
+
+```python
+s3.Bucket(self, "MyBucket",
+    transition_default_minimum_object_size=s3.TransitionDefaultMinimumObjectSize.VARIES_BY_STORAGE_CLASS,
+    lifecycle_rules=[s3.LifecycleRule(
+        transitions=[s3.Transition(
+            storage_class=s3.StorageClass.DEEP_ARCHIVE,
+            transition_after=Duration.days(30)
+        )]
+    ), s3.LifecycleRule(
+        object_size_less_than=300000,
+        object_size_greater_than=200000,
+        transitions=[s3.Transition(
+            storage_class=s3.StorageClass.ONE_ZONE_INFREQUENT_ACCESS,
+            transition_after=Duration.days(30)
+        )]
+    )
+    ]
+)
+```
+
 ## Object Lock Configuration
 
 [Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-overview.html)
@@ -1898,6 +1930,7 @@ class BucketPolicyProps:
         "server_access_logs_prefix": "serverAccessLogsPrefix",
         "target_object_key_format": "targetObjectKeyFormat",
         "transfer_acceleration": "transferAcceleration",
+        "transition_default_minimum_object_size": "transitionDefaultMinimumObjectSize",
         "versioned": "versioned",
         "website_error_document": "websiteErrorDocument",
         "website_index_document": "websiteIndexDocument",
@@ -1935,6 +1968,7 @@ class BucketProps:
         server_access_logs_prefix: typing.Optional[builtins.str] = None,
         target_object_key_format: typing.Optional["TargetObjectKeyFormat"] = None,
         transfer_acceleration: typing.Optional[builtins.bool] = None,
+        transition_default_minimum_object_size: typing.Optional["TransitionDefaultMinimumObjectSize"] = None,
         versioned: typing.Optional[builtins.bool] = None,
         website_error_document: typing.Optional[builtins.str] = None,
         website_index_document: typing.Optional[builtins.str] = None,
@@ -1968,6 +2002,7 @@ class BucketProps:
         :param server_access_logs_prefix: Optional log file prefix to use for the bucket's access logs. If defined without "serverAccessLogsBucket", enables access logs to current bucket with this prefix. Default: - No log file prefix
         :param target_object_key_format: Optional key format for log objects. Default: - the default key format is: [DestinationPrefix][YYYY]-[MM]-[DD]-[hh]-[mm]-[ss]-[UniqueString]
         :param transfer_acceleration: Whether this bucket should have transfer acceleration turned on or not. Default: false
+        :param transition_default_minimum_object_size: Indicates which default minimum object size behavior is applied to the lifecycle configuration. To customize the minimum object size for any transition you can add a filter that specifies a custom ``objectSizeGreaterThan`` or ``objectSizeLessThan`` for ``lifecycleRules`` property. Custom filters always take precedence over the default transition behavior. Default: - TransitionDefaultMinimumObjectSize.VARIES_BY_STORAGE_CLASS before September 2024, otherwise TransitionDefaultMinimumObjectSize.ALL_STORAGE_CLASSES_128_K.
         :param versioned: Whether this bucket should have versioning turned on or not. Default: false (unless object lock is enabled, then true)
         :param website_error_document: The name of the error document (e.g. "404.html") for the website. ``websiteIndexDocument`` must also be set if this is set. Default: - No error document.
         :param website_index_document: The name of the index document (e.g. "index.html") for the website. Enables static website hosting for this bucket. Default: - No index document.
@@ -2023,6 +2058,7 @@ class BucketProps:
             check_type(argname="argument server_access_logs_prefix", value=server_access_logs_prefix, expected_type=type_hints["server_access_logs_prefix"])
             check_type(argname="argument target_object_key_format", value=target_object_key_format, expected_type=type_hints["target_object_key_format"])
             check_type(argname="argument transfer_acceleration", value=transfer_acceleration, expected_type=type_hints["transfer_acceleration"])
+            check_type(argname="argument transition_default_minimum_object_size", value=transition_default_minimum_object_size, expected_type=type_hints["transition_default_minimum_object_size"])
             check_type(argname="argument versioned", value=versioned, expected_type=type_hints["versioned"])
             check_type(argname="argument website_error_document", value=website_error_document, expected_type=type_hints["website_error_document"])
             check_type(argname="argument website_index_document", value=website_index_document, expected_type=type_hints["website_index_document"])
@@ -2081,6 +2117,8 @@ class BucketProps:
             self._values["target_object_key_format"] = target_object_key_format
         if transfer_acceleration is not None:
             self._values["transfer_acceleration"] = transfer_acceleration
+        if transition_default_minimum_object_size is not None:
+            self._values["transition_default_minimum_object_size"] = transition_default_minimum_object_size
         if versioned is not None:
             self._values["versioned"] = versioned
         if website_error_document is not None:
@@ -2399,6 +2437,24 @@ class BucketProps:
         result = self._values.get("transfer_acceleration")
         return typing.cast(typing.Optional[builtins.bool], result)
 
+    @builtins.property
+    def transition_default_minimum_object_size(
+        self,
+    ) -> typing.Optional["TransitionDefaultMinimumObjectSize"]:
+        '''Indicates which default minimum object size behavior is applied to the lifecycle configuration.
+
+        To customize the minimum object size for any transition you can add a filter that specifies a custom
+        ``objectSizeGreaterThan`` or ``objectSizeLessThan`` for ``lifecycleRules`` property. Custom filters always
+        take precedence over the default transition behavior.
+
+        :default:
+
+        - TransitionDefaultMinimumObjectSize.VARIES_BY_STORAGE_CLASS before September 2024,
+        otherwise TransitionDefaultMinimumObjectSize.ALL_STORAGE_CLASSES_128_K.
+        '''
+        result = self._values.get("transition_default_minimum_object_size")
+        return typing.cast(typing.Optional["TransitionDefaultMinimumObjectSize"], result)
+
     @builtins.property
     def versioned(self) -> typing.Optional[builtins.bool]:
         '''Whether this bucket should have versioning turned on or not.
@@ -6233,7 +6289,7 @@ class CfnBucket(
 
             For more information, see `Object Lifecycle Management <https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html>`_ in the *Amazon S3 User Guide* .
 
-            :param rules: Specifies lifecycle configuration rules for an Amazon S3 bucket.
+            :param rules: A lifecycle rule for individual objects in an Amazon S3 bucket.
             :param transition_default_minimum_object_size: 
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-lifecycleconfiguration.html
@@ -6319,7 +6375,7 @@ class CfnBucket(
         def rules(
             self,
         ) -> typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnBucket.RuleProperty"]]]:
-            '''Specifies lifecycle configuration rules for an Amazon S3 bucket.
+            '''A lifecycle rule for individual objects in an Amazon S3 bucket.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-lifecycleconfiguration.html#cfn-s3-bucket-lifecycleconfiguration-rules
             '''
@@ -9451,7 +9507,7 @@ class CfnBucket(
             .. epigraph::
 
                - *General purpose buckets* - If you don't specify a customer managed key at configuration, Amazon S3 automatically creates an AWS KMS key ( ``aws/s3`` ) in your AWS account the first time that you add an object encrypted with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for SSE-KMS.
-               - *Directory buckets* - Your SSE-KMS configuration can only support 1 `customer managed key <https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk>`_ per directory bucket for the lifetime of the bucket. `AWS managed key <https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk>`_ ( ``aws/s3`` ) isn't supported.
+               - *Directory buckets* - Your SSE-KMS configuration can only support 1 `customer managed key <https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk>`_ per directory bucket for the lifetime of the bucket. The `AWS managed key <https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk>`_ ( ``aws/s3`` ) isn't supported.
                - *Directory buckets* - For directory buckets, there are only two supported options for server-side encryption: SSE-S3 and SSE-KMS.
 
             :param sse_algorithm: Server-side encryption algorithm to use for the default encryption. .. epigraph:: For directory buckets, there are only two supported values for server-side encryption: ``AES256`` and ``aws:kms`` .
@@ -12094,7 +12150,7 @@ class CfnStorageLens(
         ) -> None:
             '''This resource contains the details of the account-level metrics for Amazon S3 Storage Lens.
 
-            :param bucket_level: This property contains the details of the account-level bucket-level configurations for Amazon S3 Storage Lens.
+            :param bucket_level: This property contains the details of the account-level bucket-level configurations for Amazon S3 Storage Lens. To enable bucket-level configurations, make sure to also set the same metrics at the account level.
             :param activity_metrics: This property contains the details of account-level activity metrics for S3 Storage Lens.
             :param advanced_cost_optimization_metrics: This property contains the details of account-level advanced cost optimization metrics for S3 Storage Lens.
             :param advanced_data_protection_metrics: This property contains the details of account-level advanced data protection metrics for S3 Storage Lens.
@@ -12185,6 +12241,8 @@ class CfnStorageLens(
         ) -> typing.Union[_IResolvable_da3f097b, "CfnStorageLens.BucketLevelProperty"]:
             '''This property contains the details of the account-level bucket-level configurations for Amazon S3 Storage Lens.
 
+            To enable bucket-level configurations, make sure to also set the same metrics at the account level.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-storagelens-accountlevel.html#cfn-s3-storagelens-accountlevel-bucketlevel
             '''
             result = self._values.get("bucket_level")
@@ -18642,6 +18700,42 @@ class Transition:
         )
 
 
+@jsii.enum(jsii_type="aws-cdk-lib.aws_s3.TransitionDefaultMinimumObjectSize")
+class TransitionDefaultMinimumObjectSize(enum.Enum):
+    '''The transition default minimum object size for lifecycle.
+
+    :exampleMetadata: infused
+
+    Example::
+
+        s3.Bucket(self, "MyBucket",
+            transition_default_minimum_object_size=s3.TransitionDefaultMinimumObjectSize.VARIES_BY_STORAGE_CLASS,
+            lifecycle_rules=[s3.LifecycleRule(
+                transitions=[s3.Transition(
+                    storage_class=s3.StorageClass.DEEP_ARCHIVE,
+                    transition_after=Duration.days(30)
+                )]
+            ), s3.LifecycleRule(
+                object_size_less_than=300000,
+                object_size_greater_than=200000,
+                transitions=[s3.Transition(
+                    storage_class=s3.StorageClass.ONE_ZONE_INFREQUENT_ACCESS,
+                    transition_after=Duration.days(30)
+                )]
+            )
+            ]
+        )
+    '''
+
+    ALL_STORAGE_CLASSES_128_K = "ALL_STORAGE_CLASSES_128_K"
+    '''Objects smaller than 128 KB will not transition to any storage class by default.'''
+    VARIES_BY_STORAGE_CLASS = "VARIES_BY_STORAGE_CLASS"
+    '''Objects smaller than 128 KB will transition to Glacier Flexible Retrieval or Glacier Deep Archive storage classes.
+
+    By default, all other storage classes will prevent transitions smaller than 128 KB.
+    '''
+
+
 @jsii.data_type(
     jsii_type="aws-cdk-lib.aws_s3.VirtualHostedStyleUrlOptions",
     jsii_struct_bases=[],
@@ -19572,6 +19666,7 @@ class Bucket(
         server_access_logs_prefix: typing.Optional[builtins.str] = None,
         target_object_key_format: typing.Optional[TargetObjectKeyFormat] = None,
         transfer_acceleration: typing.Optional[builtins.bool] = None,
+        transition_default_minimum_object_size: typing.Optional[TransitionDefaultMinimumObjectSize] = None,
         versioned: typing.Optional[builtins.bool] = None,
         website_error_document: typing.Optional[builtins.str] = None,
         website_index_document: typing.Optional[builtins.str] = None,
@@ -19607,6 +19702,7 @@ class Bucket(
         :param server_access_logs_prefix: Optional log file prefix to use for the bucket's access logs. If defined without "serverAccessLogsBucket", enables access logs to current bucket with this prefix. Default: - No log file prefix
         :param target_object_key_format: Optional key format for log objects. Default: - the default key format is: [DestinationPrefix][YYYY]-[MM]-[DD]-[hh]-[mm]-[ss]-[UniqueString]
         :param transfer_acceleration: Whether this bucket should have transfer acceleration turned on or not. Default: false
+        :param transition_default_minimum_object_size: Indicates which default minimum object size behavior is applied to the lifecycle configuration. To customize the minimum object size for any transition you can add a filter that specifies a custom ``objectSizeGreaterThan`` or ``objectSizeLessThan`` for ``lifecycleRules`` property. Custom filters always take precedence over the default transition behavior. Default: - TransitionDefaultMinimumObjectSize.VARIES_BY_STORAGE_CLASS before September 2024, otherwise TransitionDefaultMinimumObjectSize.ALL_STORAGE_CLASSES_128_K.
         :param versioned: Whether this bucket should have versioning turned on or not. Default: false (unless object lock is enabled, then true)
         :param website_error_document: The name of the error document (e.g. "404.html") for the website. ``websiteIndexDocument`` must also be set if this is set. Default: - No error document.
         :param website_index_document: The name of the index document (e.g. "index.html") for the website. Enables static website hosting for this bucket. Default: - No index document.
@@ -19644,6 +19740,7 @@ class Bucket(
             server_access_logs_prefix=server_access_logs_prefix,
             target_object_key_format=target_object_key_format,
             transfer_acceleration=transfer_acceleration,
+            transition_default_minimum_object_size=transition_default_minimum_object_size,
             versioned=versioned,
             website_error_document=website_error_document,
             website_index_document=website_index_document,
@@ -20084,6 +20181,7 @@ __all__ = [
     "TargetObjectKeyFormat",
     "TransferAccelerationUrlOptions",
     "Transition",
+    "TransitionDefaultMinimumObjectSize",
     "VirtualHostedStyleUrlOptions",
 ]
 
@@ -20217,6 +20315,7 @@ def _typecheckingstub__f2ff878f2dca3dd037442155369c2fcc7bd194425c0967a7fd7bfa576
     server_access_logs_prefix: typing.Optional[builtins.str] = None,
     target_object_key_format: typing.Optional[TargetObjectKeyFormat] = None,
     transfer_acceleration: typing.Optional[builtins.bool] = None,
+    transition_default_minimum_object_size: typing.Optional[TransitionDefaultMinimumObjectSize] = None,
     versioned: typing.Optional[builtins.bool] = None,
     website_error_document: typing.Optional[builtins.str] = None,
     website_index_document: typing.Optional[builtins.str] = None,
@@ -22251,6 +22350,7 @@ def _typecheckingstub__25f24cbf29544d9c579e765350a7b51ec4ec81bc2cc07a21660738a1e
     server_access_logs_prefix: typing.Optional[builtins.str] = None,
     target_object_key_format: typing.Optional[TargetObjectKeyFormat] = None,
     transfer_acceleration: typing.Optional[builtins.bool] = None,
+    transition_default_minimum_object_size: typing.Optional[TransitionDefaultMinimumObjectSize] = None,
     versioned: typing.Optional[builtins.bool] = None,
     website_error_document: typing.Optional[builtins.str] = None,
     website_index_document: typing.Optional[builtins.str] = None,