aws-cdk-lib 2.165.0__py3-none-any.whl → 2.167.0__py3-none-any.whl

aws_cdk/aws_sagemaker/__init__.py

@@ -6325,7 +6325,7 @@ class CfnDomain(
         :param vpc_id: The ID of the Amazon Virtual Private Cloud (Amazon VPC) that Studio uses for communication. *Length Constraints* : Maximum length of 32. *Pattern* : ``[-0-9a-zA-Z]+``
         :param app_network_access_type: Specifies the VPC used for non-EFS traffic. The default value is ``PublicInternetOnly`` . - ``PublicInternetOnly`` - Non-EFS traffic is through a VPC managed by Amazon SageMaker , which allows direct internet access - ``VpcOnly`` - All Studio traffic is through the specified VPC and subnets *Valid Values* : ``PublicInternetOnly | VpcOnly``
         :param app_security_group_management: The entity that creates and manages the required security groups for inter-app communication in ``VpcOnly`` mode. Required when ``CreateDomain.AppNetworkAccessType`` is ``VpcOnly`` and ``DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn`` is provided. If setting up the domain for use with RStudio, this value must be set to ``Service`` . *Allowed Values* : ``Service`` | ``Customer``
-        :param default_space_settings: A collection of settings that apply to spaces created in the domain.
+        :param default_space_settings: The default settings for shared spaces that users create in the domain. SageMaker applies these settings only to shared spaces. It doesn't apply them to private spaces.
         :param domain_settings: A collection of settings that apply to the ``SageMaker Domain`` . These settings are specified through the ``CreateDomain`` API call.
         :param kms_key_id: SageMaker uses AWS KMS to encrypt the EFS volume attached to the Domain with an AWS managed customer master key (CMK) by default. For more control, specify a customer managed CMK. *Length Constraints* : Maximum length of 2048. *Pattern* : ``.*``
         :param tag_propagation: Indicates whether the tags added to Domain, User Profile and Space entity is propagated to all SageMaker resources.
@@ -6565,7 +6565,7 @@ class CfnDomain(
     def default_space_settings(
         self,
     ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnDomain.DefaultSpaceSettingsProperty"]]:
-        '''A collection of settings that apply to spaces created in the domain.'''
+        '''The default settings for shared spaces that users create in the domain.'''
         return typing.cast(typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnDomain.DefaultSpaceSettingsProperty"]], jsii.get(self, "defaultSpaceSettings"))
 
     @default_space_settings.setter
@@ -7207,7 +7207,9 @@ class CfnDomain(
             security_groups: typing.Optional[typing.Sequence[builtins.str]] = None,
             space_storage_settings: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Union["CfnDomain.DefaultSpaceStorageSettingsProperty", typing.Dict[builtins.str, typing.Any]]]] = None,
         ) -> None:
-            '''A collection of settings that apply to spaces created in the domain.
+            '''The default settings for shared spaces that users create in the domain.
+
+            SageMaker applies these settings only to shared spaces. It doesn't apply them to private spaces.
 
             :param execution_role: The ARN of the execution role for the space.
             :param custom_file_system_configs: The settings for assigning a custom file system to a domain. Permitted users can access this file system in Amazon SageMaker Studio.
@@ -7588,7 +7590,7 @@ class CfnDomain(
             These settings are specified through the ``CreateDomain`` API call.
 
             :param docker_settings: A collection of settings that configure the domain's Docker interaction.
-            :param execution_role_identity_config: The configuration for attaching a SageMaker user profile name to the execution role as a sts:SourceIdentity key.
+            :param execution_role_identity_config: The configuration for attaching a SageMaker user profile name to the execution role as a `sts:SourceIdentity key <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html>`_ .
             :param r_studio_server_pro_domain_settings: A collection of settings that configure the ``RStudioServerPro`` Domain-level app.
             :param security_group_ids: The security groups for the Amazon Virtual Private Cloud that the ``Domain`` uses for communication between Domain-level apps and user apps.
 
@@ -7652,7 +7654,7 @@ class CfnDomain(
 
         @builtins.property
         def execution_role_identity_config(self) -> typing.Optional[builtins.str]:
-            '''The configuration for attaching a SageMaker user profile name to the execution role as a sts:SourceIdentity key.
+            '''The configuration for attaching a SageMaker user profile name to the execution role as a `sts:SourceIdentity key <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html>`_ .
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-domain-domainsettings.html#cfn-sagemaker-domain-domainsettings-executionroleidentityconfig
             '''
@@ -8822,19 +8824,19 @@ class CfnDomain(
 
             ``SecurityGroups`` is aggregated when specified in both calls. For all other settings in ``UserSettings`` , the values specified in ``CreateUserProfile`` take precedence over those specified in ``CreateDomain`` .
 
-            :param execution_role: The execution role for the user.
-            :param code_editor_app_settings: The Code Editor application settings.
-            :param custom_file_system_configs: The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker Studio.
-            :param custom_posix_user_config: Details about the POSIX identity that is used for file system operations.
+            :param execution_role: The execution role for the user. SageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.
+            :param code_editor_app_settings: The Code Editor application settings. SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
+            :param custom_file_system_configs: The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker Studio. SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
+            :param custom_posix_user_config: Details about the POSIX identity that is used for file system operations. SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
             :param default_landing_uri: The default experience that the user is directed to when accessing the domain. The supported values are:. - ``studio::`` : Indicates that Studio is the default experience. This value can only be passed if ``StudioWebPortal`` is set to ``ENABLED`` . - ``app:JupyterServer:`` : Indicates that Studio Classic is the default experience.
-            :param jupyter_lab_app_settings: The settings for the JupyterLab application.
+            :param jupyter_lab_app_settings: The settings for the JupyterLab application. SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
             :param jupyter_server_app_settings: The Jupyter server's app settings.
             :param kernel_gateway_app_settings: The kernel gateway app settings.
             :param r_session_app_settings: A collection of settings that configure the ``RSessionGateway`` app.
             :param r_studio_server_pro_app_settings: A collection of settings that configure user interaction with the ``RStudioServerPro`` app.
-            :param security_groups: The security groups for the Amazon Virtual Private Cloud (VPC) that the domain uses for communication. Optional when the ``CreateDomain.AppNetworkAccessType`` parameter is set to ``PublicInternetOnly`` . Required when the ``CreateDomain.AppNetworkAccessType`` parameter is set to ``VpcOnly`` , unless specified as part of the ``DefaultUserSettings`` for the domain. Amazon SageMaker adds a security group to allow NFS traffic from Amazon SageMaker Studio. Therefore, the number of security groups that you can specify is one less than the maximum number shown.
+            :param security_groups: The security groups for the Amazon Virtual Private Cloud (VPC) that the domain uses for communication. Optional when the ``CreateDomain.AppNetworkAccessType`` parameter is set to ``PublicInternetOnly`` . Required when the ``CreateDomain.AppNetworkAccessType`` parameter is set to ``VpcOnly`` , unless specified as part of the ``DefaultUserSettings`` for the domain. Amazon SageMaker adds a security group to allow NFS traffic from Amazon SageMaker Studio. Therefore, the number of security groups that you can specify is one less than the maximum number shown. SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
             :param sharing_settings: Specifies options for sharing Amazon SageMaker Studio notebooks.
-            :param space_storage_settings: The storage settings for a space.
+            :param space_storage_settings: The storage settings for a space. SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
             :param studio_web_portal: Whether the user can access Studio. If this value is set to ``DISABLED`` , the user cannot access Studio, even if that is the default experience for the domain.
             :param studio_web_portal_settings: Studio settings. If these settings are applied on a user level, they take priority over the settings applied on a domain level.
 
@@ -9031,6 +9033,8 @@ class CfnDomain(
         def execution_role(self) -> builtins.str:
             '''The execution role for the user.
 
+            SageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-domain-usersettings.html#cfn-sagemaker-domain-usersettings-executionrole
             '''
             result = self._values.get("execution_role")
@@ -9043,6 +9047,8 @@ class CfnDomain(
         ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnDomain.CodeEditorAppSettingsProperty"]]:
             '''The Code Editor application settings.
 
+            SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-domain-usersettings.html#cfn-sagemaker-domain-usersettings-codeeditorappsettings
             '''
             result = self._values.get("code_editor_app_settings")
@@ -9056,6 +9062,8 @@ class CfnDomain(
 
             Permitted users can access this file system in Amazon SageMaker Studio.
 
+            SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-domain-usersettings.html#cfn-sagemaker-domain-usersettings-customfilesystemconfigs
             '''
             result = self._values.get("custom_file_system_configs")
@@ -9067,6 +9075,8 @@ class CfnDomain(
         ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnDomain.CustomPosixUserConfigProperty"]]:
             '''Details about the POSIX identity that is used for file system operations.
 
+            SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-domain-usersettings.html#cfn-sagemaker-domain-usersettings-customposixuserconfig
             '''
             result = self._values.get("custom_posix_user_config")
@@ -9090,6 +9100,8 @@ class CfnDomain(
         ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnDomain.JupyterLabAppSettingsProperty"]]:
             '''The settings for the JupyterLab application.
 
+            SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-domain-usersettings.html#cfn-sagemaker-domain-usersettings-jupyterlabappsettings
             '''
             result = self._values.get("jupyter_lab_app_settings")
@@ -9149,6 +9161,8 @@ class CfnDomain(
 
             Amazon SageMaker adds a security group to allow NFS traffic from Amazon SageMaker Studio. Therefore, the number of security groups that you can specify is one less than the maximum number shown.
 
+            SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-domain-usersettings.html#cfn-sagemaker-domain-usersettings-securitygroups
             '''
             result = self._values.get("security_groups")
@@ -9171,6 +9185,8 @@ class CfnDomain(
         ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnDomain.DefaultSpaceStorageSettingsProperty"]]:
             '''The storage settings for a space.
 
+            SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-domain-usersettings.html#cfn-sagemaker-domain-usersettings-spacestoragesettings
             '''
             result = self._values.get("space_storage_settings")
@@ -9256,7 +9272,7 @@ class CfnDomainProps:
         :param vpc_id: The ID of the Amazon Virtual Private Cloud (Amazon VPC) that Studio uses for communication. *Length Constraints* : Maximum length of 32. *Pattern* : ``[-0-9a-zA-Z]+``
         :param app_network_access_type: Specifies the VPC used for non-EFS traffic. The default value is ``PublicInternetOnly`` . - ``PublicInternetOnly`` - Non-EFS traffic is through a VPC managed by Amazon SageMaker , which allows direct internet access - ``VpcOnly`` - All Studio traffic is through the specified VPC and subnets *Valid Values* : ``PublicInternetOnly | VpcOnly``
         :param app_security_group_management: The entity that creates and manages the required security groups for inter-app communication in ``VpcOnly`` mode. Required when ``CreateDomain.AppNetworkAccessType`` is ``VpcOnly`` and ``DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn`` is provided. If setting up the domain for use with RStudio, this value must be set to ``Service`` . *Allowed Values* : ``Service`` | ``Customer``
-        :param default_space_settings: A collection of settings that apply to spaces created in the domain.
+        :param default_space_settings: The default settings for shared spaces that users create in the domain. SageMaker applies these settings only to shared spaces. It doesn't apply them to private spaces.
         :param domain_settings: A collection of settings that apply to the ``SageMaker Domain`` . These settings are specified through the ``CreateDomain`` API call.
         :param kms_key_id: SageMaker uses AWS KMS to encrypt the EFS volume attached to the Domain with an AWS managed customer master key (CMK) by default. For more control, specify a customer managed CMK. *Length Constraints* : Maximum length of 2048. *Pattern* : ``.*``
         :param tag_propagation: Indicates whether the tags added to Domain, User Profile and Space entity is propagated to all SageMaker resources.
@@ -9646,7 +9662,9 @@ class CfnDomainProps:
     def default_space_settings(
         self,
     ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, CfnDomain.DefaultSpaceSettingsProperty]]:
-        '''A collection of settings that apply to spaces created in the domain.
+        '''The default settings for shared spaces that users create in the domain.
+
+        SageMaker applies these settings only to shared spaces. It doesn't apply them to private spaces.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-domain.html#cfn-sagemaker-domain-defaultspacesettings
         '''
@@ -44453,9 +44471,9 @@ class CfnStudioLifecycleConfig(
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
         :param studio_lifecycle_config_app_type: The App type to which the Lifecycle Configuration is attached.
-        :param studio_lifecycle_config_content: The content of your Amazon SageMaker Studio Lifecycle Configuration script.
+        :param studio_lifecycle_config_content: The content of your Amazon SageMaker Studio Lifecycle Configuration script. This content must be base64 encoded.
         :param studio_lifecycle_config_name: The name of the Amazon SageMaker Studio Lifecycle Configuration.
-        :param tags: Tags to be associated with the Lifecycle Configuration.
+        :param tags: Tags to be associated with the Lifecycle Configuration. Each tag consists of a key and an optional value. Tag keys must be unique per resource. Tags are searchable using the Search API.
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__781a43111dd6adef34feca5cebbdb6b17f5e2425b368d8e007d51d833843916c)
@@ -44595,9 +44613,9 @@ class CfnStudioLifecycleConfigProps:
         '''Properties for defining a ``CfnStudioLifecycleConfig``.
 
         :param studio_lifecycle_config_app_type: The App type to which the Lifecycle Configuration is attached.
-        :param studio_lifecycle_config_content: The content of your Amazon SageMaker Studio Lifecycle Configuration script.
+        :param studio_lifecycle_config_content: The content of your Amazon SageMaker Studio Lifecycle Configuration script. This content must be base64 encoded.
         :param studio_lifecycle_config_name: The name of the Amazon SageMaker Studio Lifecycle Configuration.
-        :param tags: Tags to be associated with the Lifecycle Configuration.
+        :param tags: Tags to be associated with the Lifecycle Configuration. Each tag consists of a key and an optional value. Tag keys must be unique per resource. Tags are searchable using the Search API.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-studiolifecycleconfig.html
         :exampleMetadata: fixture=_generated
@@ -44648,6 +44666,8 @@ class CfnStudioLifecycleConfigProps:
     def studio_lifecycle_config_content(self) -> builtins.str:
         '''The content of your Amazon SageMaker Studio Lifecycle Configuration script.
 
+        This content must be base64 encoded.
+
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-studiolifecycleconfig.html#cfn-sagemaker-studiolifecycleconfig-studiolifecycleconfigcontent
         '''
         result = self._values.get("studio_lifecycle_config_content")
@@ -44668,6 +44688,8 @@ class CfnStudioLifecycleConfigProps:
     def tags(self) -> typing.Optional[typing.List[_CfnTag_f6864754]]:
         '''Tags to be associated with the Lifecycle Configuration.
 
+        Each tag consists of a key and an optional value. Tag keys must be unique per resource. Tags are searchable using the Search API.
+
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-studiolifecycleconfig.html#cfn-sagemaker-studiolifecycleconfig-tags
         '''
         result = self._values.get("tags")
@@ -46540,18 +46562,18 @@ class CfnUserProfile(
 
             ``SecurityGroups`` is aggregated when specified in both calls. For all other settings in ``UserSettings`` , the values specified in ``CreateUserProfile`` take precedence over those specified in ``CreateDomain`` .
 
-            :param code_editor_app_settings: The Code Editor application settings.
-            :param custom_file_system_configs: The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker Studio.
-            :param custom_posix_user_config: Details about the POSIX identity that is used for file system operations.
+            :param code_editor_app_settings: The Code Editor application settings. SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
+            :param custom_file_system_configs: The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker Studio. SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
+            :param custom_posix_user_config: Details about the POSIX identity that is used for file system operations. SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
             :param default_landing_uri: The default experience that the user is directed to when accessing the domain. The supported values are:. - ``studio::`` : Indicates that Studio is the default experience. This value can only be passed if ``StudioWebPortal`` is set to ``ENABLED`` . - ``app:JupyterServer:`` : Indicates that Studio Classic is the default experience.
-            :param execution_role: The execution role for the user.
-            :param jupyter_lab_app_settings: The settings for the JupyterLab application.
+            :param execution_role: The execution role for the user. SageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.
+            :param jupyter_lab_app_settings: The settings for the JupyterLab application. SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
             :param jupyter_server_app_settings: The Jupyter server's app settings.
             :param kernel_gateway_app_settings: The kernel gateway app settings.
             :param r_studio_server_pro_app_settings: A collection of settings that configure user interaction with the ``RStudioServerPro`` app.
-            :param security_groups: The security groups for the Amazon Virtual Private Cloud (VPC) that the domain uses for communication. Optional when the ``CreateDomain.AppNetworkAccessType`` parameter is set to ``PublicInternetOnly`` . Required when the ``CreateDomain.AppNetworkAccessType`` parameter is set to ``VpcOnly`` , unless specified as part of the ``DefaultUserSettings`` for the domain. Amazon SageMaker adds a security group to allow NFS traffic from Amazon SageMaker Studio. Therefore, the number of security groups that you can specify is one less than the maximum number shown.
+            :param security_groups: The security groups for the Amazon Virtual Private Cloud (VPC) that the domain uses for communication. Optional when the ``CreateDomain.AppNetworkAccessType`` parameter is set to ``PublicInternetOnly`` . Required when the ``CreateDomain.AppNetworkAccessType`` parameter is set to ``VpcOnly`` , unless specified as part of the ``DefaultUserSettings`` for the domain. Amazon SageMaker adds a security group to allow NFS traffic from Amazon SageMaker Studio. Therefore, the number of security groups that you can specify is one less than the maximum number shown. SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
             :param sharing_settings: Specifies options for sharing Amazon SageMaker Studio notebooks.
-            :param space_storage_settings: The storage settings for a space.
+            :param space_storage_settings: The storage settings for a space. SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
             :param studio_web_portal: Whether the user can access Studio. If this value is set to ``DISABLED`` , the user cannot access Studio, even if that is the default experience for the domain.
             :param studio_web_portal_settings: Studio settings. If these settings are applied on a user level, they take priority over the settings applied on a domain level.
 
@@ -46730,6 +46752,8 @@ class CfnUserProfile(
         ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnUserProfile.CodeEditorAppSettingsProperty"]]:
             '''The Code Editor application settings.
 
+            SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-userprofile-usersettings.html#cfn-sagemaker-userprofile-usersettings-codeeditorappsettings
             '''
             result = self._values.get("code_editor_app_settings")
@@ -46743,6 +46767,8 @@ class CfnUserProfile(
 
             Permitted users can access this file system in Amazon SageMaker Studio.
 
+            SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-userprofile-usersettings.html#cfn-sagemaker-userprofile-usersettings-customfilesystemconfigs
             '''
             result = self._values.get("custom_file_system_configs")
@@ -46754,6 +46780,8 @@ class CfnUserProfile(
         ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnUserProfile.CustomPosixUserConfigProperty"]]:
             '''Details about the POSIX identity that is used for file system operations.
 
+            SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-userprofile-usersettings.html#cfn-sagemaker-userprofile-usersettings-customposixuserconfig
             '''
             result = self._values.get("custom_posix_user_config")
@@ -46775,6 +46803,8 @@ class CfnUserProfile(
         def execution_role(self) -> typing.Optional[builtins.str]:
             '''The execution role for the user.
 
+            SageMaker applies this setting only to private spaces that the user creates in the domain. SageMaker doesn't apply this setting to shared spaces.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-userprofile-usersettings.html#cfn-sagemaker-userprofile-usersettings-executionrole
             '''
             result = self._values.get("execution_role")
@@ -46786,6 +46816,8 @@ class CfnUserProfile(
         ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnUserProfile.JupyterLabAppSettingsProperty"]]:
             '''The settings for the JupyterLab application.
 
+            SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-userprofile-usersettings.html#cfn-sagemaker-userprofile-usersettings-jupyterlabappsettings
             '''
             result = self._values.get("jupyter_lab_app_settings")
@@ -46834,6 +46866,8 @@ class CfnUserProfile(
 
             Amazon SageMaker adds a security group to allow NFS traffic from Amazon SageMaker Studio. Therefore, the number of security groups that you can specify is one less than the maximum number shown.
 
+            SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-userprofile-usersettings.html#cfn-sagemaker-userprofile-usersettings-securitygroups
             '''
             result = self._values.get("security_groups")
@@ -46856,6 +46890,8 @@ class CfnUserProfile(
         ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnUserProfile.DefaultSpaceStorageSettingsProperty"]]:
             '''The storage settings for a space.
 
+            SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-userprofile-usersettings.html#cfn-sagemaker-userprofile-usersettings-spacestoragesettings
             '''
             result = self._values.get("space_storage_settings")

aws_cdk/aws_secretsmanager/__init__.py

@@ -819,7 +819,8 @@ class CfnRotationSchedule(
     @builtins.property
     @jsii.member(jsii_name="attrId")
     def attr_id(self) -> builtins.str:
-        '''
+        '''The ARN of the secret.
+
         :cloudformationAttribute: Id
         '''
         return typing.cast(builtins.str, jsii.get(self, "attrId"))

aws_cdk/aws_servicecatalog/__init__.py

@@ -182,8 +182,8 @@ from aws_cdk.aws_s3 import Bucket
 
 
 class LambdaProduct(servicecatalog.ProductStack):
-    def __init__(self, scope, id, *, assetBucket=None, serverSideEncryption=None, serverSideEncryptionAwsKmsKeyId=None, memoryLimit=None):
-        super().__init__(scope, id, assetBucket=assetBucket, serverSideEncryption=serverSideEncryption, serverSideEncryptionAwsKmsKeyId=serverSideEncryptionAwsKmsKeyId, memoryLimit=memoryLimit)
+    def __init__(self, scope, id, *, assetBucket=None, serverSideEncryption=None, serverSideEncryptionAwsKmsKeyId=None, memoryLimit=None, description=None, analyticsReporting=None):
+        super().__init__(scope, id, assetBucket=assetBucket, serverSideEncryption=serverSideEncryption, serverSideEncryptionAwsKmsKeyId=serverSideEncryptionAwsKmsKeyId, memoryLimit=memoryLimit, description=description, analyticsReporting=analyticsReporting)
 
         lambda_.Function(self, "LambdaProduct",
             runtime=lambda_.Runtime.PYTHON_3_9,
@@ -629,6 +629,7 @@ from ..aws_iam import (
     IRole as _IRole_235f5d8e,
     IUser as _IUser_c32311f7,
 )
+from ..aws_kms import IKey as _IKey_5f11635f
 from ..aws_s3 import IBucket as _IBucket_42e086fd
 from ..aws_s3_assets import AssetOptions as _AssetOptions_2aa69621
 from ..aws_s3_deployment import ServerSideEncryption as _ServerSideEncryption_50ddf705
@@ -7038,6 +7039,7 @@ class CloudFormationTemplate(
         *,
         deploy_time: typing.Optional[builtins.bool] = None,
         readers: typing.Optional[typing.Sequence[_IGrantable_71c4f5de]] = None,
+        source_kms_key: typing.Optional[_IKey_5f11635f] = None,
         asset_hash: typing.Optional[builtins.str] = None,
         asset_hash_type: typing.Optional[_AssetHashType_05b67f2d] = None,
         bundling: typing.Optional[typing.Union[_BundlingOptions_588cc936, typing.Dict[builtins.str, typing.Any]]] = None,
@@ -7050,6 +7052,7 @@ class CloudFormationTemplate(
         :param path: A file containing the provisioning artifacts.
         :param deploy_time: Whether or not the asset needs to exist beyond deployment time; i.e. are copied over to a different location and not needed afterwards. Setting this property to true has an impact on the lifecycle of the asset, because we will assume that it is safe to delete after the CloudFormation deployment succeeds. For example, Lambda Function assets are copied over to Lambda during deployment. Therefore, it is not necessary to store the asset in S3, so we consider those deployTime assets. Default: false
         :param readers: A list of principals that should be able to read this asset from S3. You can use ``asset.grantRead(principal)`` to grant read permissions later. Default: - No principals that can read file asset.
+        :param source_kms_key: The ARN of the KMS key used to encrypt the handler code. Default: - the default server-side encryption with Amazon S3 managed keys(SSE-S3) key will be used.
         :param asset_hash: Specify a custom hash for this asset. If ``assetHashType`` is set it must be set to ``AssetHashType.CUSTOM``. For consistency, this custom hash will be SHA256 hashed and encoded as hex. The resulting hash will be the asset hash. NOTE: the hash is used in order to identify a specific revision of the asset, and used for optimizing and caching deployment activities related to this asset such as packaging, uploading to Amazon S3, etc. If you chose to customize the hash, you will need to make sure it is updated every time the asset changes, or otherwise it is possible that some deployments will not be invalidated. Default: - based on ``assetHashType``
         :param asset_hash_type: Specifies the type of hash to calculate for this asset. If ``assetHash`` is configured, this option must be ``undefined`` or ``AssetHashType.CUSTOM``. Default: - the default is ``AssetHashType.SOURCE``, but if ``assetHash`` is explicitly specified this value defaults to ``AssetHashType.CUSTOM``.
         :param bundling: Bundle the asset by executing a command in a Docker container or a custom bundling provider. The asset path will be mounted at ``/asset-input``. The Docker container is responsible for putting content at ``/asset-output``. The content at ``/asset-output`` will be zipped and used as the final asset. Default: - uploaded as-is to S3 if the asset is a regular file or a .zip file, archived into a .zip file and uploaded to S3 otherwise
@@ -7063,6 +7066,7 @@ class CloudFormationTemplate(
         options = _AssetOptions_2aa69621(
             deploy_time=deploy_time,
             readers=readers,
+            source_kms_key=source_kms_key,
             asset_hash=asset_hash,
             asset_hash_type=asset_hash_type,
             bundling=bundling,
@@ -8696,7 +8700,9 @@ class ProductStack(
         scope: _constructs_77d1e7e8.Construct,
         id: builtins.str,
         *,
+        analytics_reporting: typing.Optional[builtins.bool] = None,
         asset_bucket: typing.Optional[_IBucket_42e086fd] = None,
+        description: typing.Optional[builtins.str] = None,
         memory_limit: typing.Optional[jsii.Number] = None,
         server_side_encryption: typing.Optional[_ServerSideEncryption_50ddf705] = None,
         server_side_encryption_aws_kms_key_id: typing.Optional[builtins.str] = None,
@@ -8704,7 +8710,9 @@ class ProductStack(
         '''
         :param scope: -
         :param id: -
+        :param analytics_reporting: Include runtime versioning information in this Stack. Default: - ``analyticsReporting`` setting of containing ``App``, or value of 'aws:cdk:version-reporting' context key
         :param asset_bucket: A Bucket can be passed to store assets, enabling ProductStack Asset support. Default: - No Bucket provided and Assets will not be supported.
+        :param description: A description of the stack. Default: - No description.
         :param memory_limit: The amount of memory (in MiB) to allocate to the AWS Lambda function which replicates the files from the CDK bucket to the destination bucket. If you are deploying large files, you will need to increase this number accordingly. Default: 128
         :param server_side_encryption: A ServerSideEncryption can be enabled to encrypt assets that are put into assetBucket. Default: - No encryption is used
         :param server_side_encryption_aws_kms_key_id: For AWS_KMS ServerSideEncryption a KMS KeyId must be provided which will be used to encrypt assets. Default: - No KMS KeyId and SSE_KMS encryption cannot be used
@@ -8714,7 +8722,9 @@ class ProductStack(
             check_type(argname="argument scope", value=scope, expected_type=type_hints["scope"])
             check_type(argname="argument id", value=id, expected_type=type_hints["id"])
         props = ProductStackProps(
+            analytics_reporting=analytics_reporting,
             asset_bucket=asset_bucket,
+            description=description,
             memory_limit=memory_limit,
             server_side_encryption=server_side_encryption,
             server_side_encryption_aws_kms_key_id=server_side_encryption_aws_kms_key_id,
@@ -8963,7 +8973,9 @@ class ProductStackHistoryProps:
     jsii_type="aws-cdk-lib.aws_servicecatalog.ProductStackProps",
     jsii_struct_bases=[],
     name_mapping={
+        "analytics_reporting": "analyticsReporting",
         "asset_bucket": "assetBucket",
+        "description": "description",
         "memory_limit": "memoryLimit",
         "server_side_encryption": "serverSideEncryption",
         "server_side_encryption_aws_kms_key_id": "serverSideEncryptionAwsKmsKeyId",
@@ -8973,14 +8985,18 @@ class ProductStackProps:
     def __init__(
         self,
         *,
+        analytics_reporting: typing.Optional[builtins.bool] = None,
         asset_bucket: typing.Optional[_IBucket_42e086fd] = None,
+        description: typing.Optional[builtins.str] = None,
         memory_limit: typing.Optional[jsii.Number] = None,
         server_side_encryption: typing.Optional[_ServerSideEncryption_50ddf705] = None,
         server_side_encryption_aws_kms_key_id: typing.Optional[builtins.str] = None,
     ) -> None:
         '''Product stack props.
 
+        :param analytics_reporting: Include runtime versioning information in this Stack. Default: - ``analyticsReporting`` setting of containing ``App``, or value of 'aws:cdk:version-reporting' context key
         :param asset_bucket: A Bucket can be passed to store assets, enabling ProductStack Asset support. Default: - No Bucket provided and Assets will not be supported.
+        :param description: A description of the stack. Default: - No description.
         :param memory_limit: The amount of memory (in MiB) to allocate to the AWS Lambda function which replicates the files from the CDK bucket to the destination bucket. If you are deploying large files, you will need to increase this number accordingly. Default: 128
         :param server_side_encryption: A ServerSideEncryption can be enabled to encrypt assets that are put into assetBucket. Default: - No encryption is used
         :param server_side_encryption_aws_kms_key_id: For AWS_KMS ServerSideEncryption a KMS KeyId must be provided which will be used to encrypt assets. Default: - No KMS KeyId and SSE_KMS encryption cannot be used
@@ -8995,8 +9011,8 @@ class ProductStackProps:
             
             
             class LambdaProduct(servicecatalog.ProductStack):
-                def __init__(self, scope, id, *, assetBucket=None, serverSideEncryption=None, serverSideEncryptionAwsKmsKeyId=None, memoryLimit=None):
-                    super().__init__(scope, id, assetBucket=assetBucket, serverSideEncryption=serverSideEncryption, serverSideEncryptionAwsKmsKeyId=serverSideEncryptionAwsKmsKeyId, memoryLimit=memoryLimit)
+                def __init__(self, scope, id, *, assetBucket=None, serverSideEncryption=None, serverSideEncryptionAwsKmsKeyId=None, memoryLimit=None, description=None, analyticsReporting=None):
+                    super().__init__(scope, id, assetBucket=assetBucket, serverSideEncryption=serverSideEncryption, serverSideEncryptionAwsKmsKeyId=serverSideEncryptionAwsKmsKeyId, memoryLimit=memoryLimit, description=description, analyticsReporting=analyticsReporting)
             
                     lambda_.Function(self, "LambdaProduct",
                         runtime=lambda_.Runtime.PYTHON_3_9,
@@ -9022,13 +9038,19 @@ class ProductStackProps:
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__ecbfd6177b5d6f8d80ee31c2897d6968897a0abd05a9f5a7d209806206868801)
+            check_type(argname="argument analytics_reporting", value=analytics_reporting, expected_type=type_hints["analytics_reporting"])
             check_type(argname="argument asset_bucket", value=asset_bucket, expected_type=type_hints["asset_bucket"])
+            check_type(argname="argument description", value=description, expected_type=type_hints["description"])
             check_type(argname="argument memory_limit", value=memory_limit, expected_type=type_hints["memory_limit"])
             check_type(argname="argument server_side_encryption", value=server_side_encryption, expected_type=type_hints["server_side_encryption"])
             check_type(argname="argument server_side_encryption_aws_kms_key_id", value=server_side_encryption_aws_kms_key_id, expected_type=type_hints["server_side_encryption_aws_kms_key_id"])
         self._values: typing.Dict[builtins.str, typing.Any] = {}
+        if analytics_reporting is not None:
+            self._values["analytics_reporting"] = analytics_reporting
         if asset_bucket is not None:
             self._values["asset_bucket"] = asset_bucket
+        if description is not None:
+            self._values["description"] = description
         if memory_limit is not None:
             self._values["memory_limit"] = memory_limit
         if server_side_encryption is not None:
@@ -9036,6 +9058,18 @@ class ProductStackProps:
         if server_side_encryption_aws_kms_key_id is not None:
             self._values["server_side_encryption_aws_kms_key_id"] = server_side_encryption_aws_kms_key_id
 
+    @builtins.property
+    def analytics_reporting(self) -> typing.Optional[builtins.bool]:
+        '''Include runtime versioning information in this Stack.
+
+        :default:
+
+        - ``analyticsReporting`` setting of containing ``App``, or value of
+        'aws:cdk:version-reporting' context key
+        '''
+        result = self._values.get("analytics_reporting")
+        return typing.cast(typing.Optional[builtins.bool], result)
+
     @builtins.property
     def asset_bucket(self) -> typing.Optional[_IBucket_42e086fd]:
         '''A Bucket can be passed to store assets, enabling ProductStack Asset support.
@@ -9045,6 +9079,15 @@ class ProductStackProps:
         result = self._values.get("asset_bucket")
         return typing.cast(typing.Optional[_IBucket_42e086fd], result)
 
+    @builtins.property
+    def description(self) -> typing.Optional[builtins.str]:
+        '''A description of the stack.
+
+        :default: - No description.
+        '''
+        result = self._values.get("description")
+        return typing.cast(typing.Optional[builtins.str], result)
+
     @builtins.property
     def memory_limit(self) -> typing.Optional[jsii.Number]:
         '''The amount of memory (in MiB) to allocate to the AWS Lambda function which replicates the files from the CDK bucket to the destination bucket.
@@ -11086,6 +11129,7 @@ def _typecheckingstub__8e0d542f4ba87cd0da3d994035ba4c030fc0e065bd6d2e49190b0063a
     *,
     deploy_time: typing.Optional[builtins.bool] = None,
     readers: typing.Optional[typing.Sequence[_IGrantable_71c4f5de]] = None,
+    source_kms_key: typing.Optional[_IKey_5f11635f] = None,
     asset_hash: typing.Optional[builtins.str] = None,
     asset_hash_type: typing.Optional[_AssetHashType_05b67f2d] = None,
     bundling: typing.Optional[typing.Union[_BundlingOptions_588cc936, typing.Dict[builtins.str, typing.Any]]] = None,
@@ -11438,7 +11482,9 @@ def _typecheckingstub__cf14756a9e6c7e2a58f04e1077a464a1b706954bb40fbda6658fac963
     scope: _constructs_77d1e7e8.Construct,
     id: builtins.str,
     *,
+    analytics_reporting: typing.Optional[builtins.bool] = None,
     asset_bucket: typing.Optional[_IBucket_42e086fd] = None,
+    description: typing.Optional[builtins.str] = None,
     memory_limit: typing.Optional[jsii.Number] = None,
     server_side_encryption: typing.Optional[_ServerSideEncryption_50ddf705] = None,
     server_side_encryption_aws_kms_key_id: typing.Optional[builtins.str] = None,
@@ -11480,7 +11526,9 @@ def _typecheckingstub__14ff2199f395b44b32757ccbaa6927f0bf434a9370c673216c8f69e57
 
 def _typecheckingstub__ecbfd6177b5d6f8d80ee31c2897d6968897a0abd05a9f5a7d209806206868801(
     *,
+    analytics_reporting: typing.Optional[builtins.bool] = None,
     asset_bucket: typing.Optional[_IBucket_42e086fd] = None,
+    description: typing.Optional[builtins.str] = None,
     memory_limit: typing.Optional[jsii.Number] = None,
     server_side_encryption: typing.Optional[_ServerSideEncryption_50ddf705] = None,
     server_side_encryption_aws_kms_key_id: typing.Optional[builtins.str] = None,

aws_cdk/aws_ses/__init__.py

@@ -715,6 +715,7 @@ class CfnConfigurationSet(
         
         cfn_configuration_set = ses.CfnConfigurationSet(self, "MyCfnConfigurationSet",
             delivery_options=ses.CfnConfigurationSet.DeliveryOptionsProperty(
+                max_delivery_seconds=123,
                 sending_pool_name="sendingPoolName",
                 tls_policy="tlsPolicy"
             ),
@@ -1000,6 +1001,7 @@ class CfnConfigurationSet(
         jsii_type="aws-cdk-lib.aws_ses.CfnConfigurationSet.DeliveryOptionsProperty",
         jsii_struct_bases=[],
         name_mapping={
+            "max_delivery_seconds": "maxDeliverySeconds",
             "sending_pool_name": "sendingPoolName",
             "tls_policy": "tlsPolicy",
         },
@@ -1008,11 +1010,13 @@ class CfnConfigurationSet(
         def __init__(
             self,
             *,
+            max_delivery_seconds: typing.Optional[jsii.Number] = None,
             sending_pool_name: typing.Optional[builtins.str] = None,
             tls_policy: typing.Optional[builtins.str] = None,
         ) -> None:
             '''Specifies the name of the dedicated IP pool to associate with the configuration set and whether messages that use the configuration set are required to use Transport Layer Security (TLS).
 
+            :param max_delivery_seconds: The maximum amount of time, in seconds, that Amazon SES API v2 will attempt delivery of email. If specified, the value must greater than or equal to 300 seconds (5 minutes) and less than or equal to 50400 seconds (840 minutes).
             :param sending_pool_name: The name of the dedicated IP pool to associate with the configuration set.
             :param tls_policy: Specifies whether messages that use the configuration set are required to use Transport Layer Security (TLS). If the value is ``REQUIRE`` , messages are only delivered if a TLS connection can be established. If the value is ``OPTIONAL`` , messages can be delivered in plain text if a TLS connection can't be established. Valid Values: ``REQUIRE | OPTIONAL``
 
@@ -1026,20 +1030,35 @@ class CfnConfigurationSet(
                 from aws_cdk import aws_ses as ses
                 
                 delivery_options_property = ses.CfnConfigurationSet.DeliveryOptionsProperty(
+                    max_delivery_seconds=123,
                     sending_pool_name="sendingPoolName",
                     tls_policy="tlsPolicy"
                 )
             '''
             if __debug__:
                 type_hints = typing.get_type_hints(_typecheckingstub__cad65d433b7328c2fe1d15052509478ad394628f7bbce8157ed352a3291b5d6f)
+                check_type(argname="argument max_delivery_seconds", value=max_delivery_seconds, expected_type=type_hints["max_delivery_seconds"])
                 check_type(argname="argument sending_pool_name", value=sending_pool_name, expected_type=type_hints["sending_pool_name"])
                 check_type(argname="argument tls_policy", value=tls_policy, expected_type=type_hints["tls_policy"])
             self._values: typing.Dict[builtins.str, typing.Any] = {}
+            if max_delivery_seconds is not None:
+                self._values["max_delivery_seconds"] = max_delivery_seconds
             if sending_pool_name is not None:
                 self._values["sending_pool_name"] = sending_pool_name
             if tls_policy is not None:
                 self._values["tls_policy"] = tls_policy
 
+        @builtins.property
+        def max_delivery_seconds(self) -> typing.Optional[jsii.Number]:
+            '''The maximum amount of time, in seconds, that Amazon SES API v2 will attempt delivery of email.
+
+            If specified, the value must greater than or equal to 300 seconds (5 minutes) and less than or equal to 50400 seconds (840 minutes).
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-configurationset-deliveryoptions.html#cfn-ses-configurationset-deliveryoptions-maxdeliveryseconds
+            '''
+            result = self._values.get("max_delivery_seconds")
+            return typing.cast(typing.Optional[jsii.Number], result)
+
         @builtins.property
         def sending_pool_name(self) -> typing.Optional[builtins.str]:
             '''The name of the dedicated IP pool to associate with the configuration set.
@@ -2304,6 +2323,7 @@ class CfnConfigurationSetProps:
             
             cfn_configuration_set_props = ses.CfnConfigurationSetProps(
                 delivery_options=ses.CfnConfigurationSet.DeliveryOptionsProperty(
+                    max_delivery_seconds=123,
                     sending_pool_name="sendingPoolName",
                     tls_policy="tlsPolicy"
                 ),
@@ -11719,7 +11739,7 @@ class CfnTemplate(
         ) -> None:
             '''An object that defines the email template to use for an email message, and the values to use for any message variables in that template.
 
-            An *email template* is a type of message template that contains content that you want to define, save, and reuse in email messages that you send.
+            An *email template* is a type of message template that contains content that you want to reuse in email messages that you send. You can specifiy the email template by providing the name or ARN of an *email template* previously saved in your Amazon SES account or by providing the full template content.
 
             :param subject_part: The subject line of the email.
             :param html_part: The HTML body of the email.
@@ -16518,6 +16538,7 @@ def _typecheckingstub__e8d48d16888f580be3782790c85806d5e5ef5c592f9390a1048567593
 
 def _typecheckingstub__cad65d433b7328c2fe1d15052509478ad394628f7bbce8157ed352a3291b5d6f(
     *,
+    max_delivery_seconds: typing.Optional[jsii.Number] = None,
     sending_pool_name: typing.Optional[builtins.str] = None,
     tls_policy: typing.Optional[builtins.str] = None,
 ) -> None:

aws_cdk/aws_sqs/__init__.py

@@ -3829,19 +3829,22 @@ class Queue(QueueBase, metaclass=jsii.JSIIMeta, jsii_type="aws-cdk-lib.aws_sqs.Q
 
     Example::
 
-        # source_queue: sqs.Queue
-        # target_queue: sqs.Queue
+        import aws_cdk.aws_redshiftserverless as redshiftserverless
         
+        # workgroup: redshiftserverless.CfnWorkgroup
         
-        pipe_source = sources.SqsSource(source_queue,
-            batch_size=10,
-            maximum_batching_window=cdk.Duration.seconds(10)
-        )
         
-        pipe = pipes.Pipe(self, "Pipe",
-            source=pipe_source,
-            target=SomeTarget(target_queue)
+        rule = events.Rule(self, "Rule",
+            schedule=events.Schedule.rate(cdk.Duration.hours(1))
         )
+        
+        dlq = sqs.Queue(self, "DeadLetterQueue")
+        
+        rule.add_target(targets.RedshiftQuery(workgroup.attr_workgroup_workgroup_arn,
+            database="dev",
+            dead_letter_queue=dlq,
+            sql=["SELECT * FROM foo", "SELECT * FROM baz"]
+        ))
     '''
 
     def __init__(