aws-cdk-lib 2.173.4__py3-none-any.whl → 2.174.1__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of aws-cdk-lib might be problematic. Click here for more details.
- aws_cdk/__init__.py +210 -181
- aws_cdk/_jsii/__init__.py +1 -1
- aws_cdk/_jsii/{aws-cdk-lib@2.173.4.jsii.tgz → aws-cdk-lib@2.174.1.jsii.tgz} +0 -0
- aws_cdk/aws_amazonmq/__init__.py +18 -0
- aws_cdk/aws_apigateway/__init__.py +127 -168
- aws_cdk/aws_appconfig/__init__.py +498 -1
- aws_cdk/aws_applicationautoscaling/__init__.py +4 -1
- aws_cdk/aws_appsync/__init__.py +4 -0
- aws_cdk/aws_autoscaling/__init__.py +96 -0
- aws_cdk/aws_batch/__init__.py +662 -237
- aws_cdk/aws_bedrock/__init__.py +2122 -181
- aws_cdk/aws_cassandra/__init__.py +476 -4
- aws_cdk/aws_cleanrooms/__init__.py +1227 -20
- aws_cdk/aws_cloudformation/__init__.py +172 -169
- aws_cdk/aws_cloudfront/__init__.py +773 -26
- aws_cdk/aws_cloudtrail/__init__.py +8 -2
- aws_cdk/aws_codebuild/__init__.py +83 -0
- aws_cdk/aws_codepipeline/__init__.py +2 -1
- aws_cdk/aws_cognito/__init__.py +232 -200
- aws_cdk/aws_connect/__init__.py +187 -36
- aws_cdk/aws_connectcampaignsv2/__init__.py +106 -12
- aws_cdk/aws_databrew/__init__.py +69 -1
- aws_cdk/aws_datasync/__init__.py +33 -28
- aws_cdk/aws_datazone/__init__.py +141 -41
- aws_cdk/aws_dlm/__init__.py +20 -10
- aws_cdk/aws_dms/__init__.py +736 -22
- aws_cdk/aws_docdb/__init__.py +134 -0
- aws_cdk/aws_dynamodb/__init__.py +76 -4
- aws_cdk/aws_ec2/__init__.py +1233 -65
- aws_cdk/aws_ecr/__init__.py +31 -0
- aws_cdk/aws_ecr_assets/__init__.py +5 -0
- aws_cdk/aws_ecs/__init__.py +88 -11
- aws_cdk/aws_efs/__init__.py +15 -8
- aws_cdk/aws_eks/__init__.py +114 -45
- aws_cdk/aws_elasticloadbalancingv2/__init__.py +2 -2
- aws_cdk/aws_emrserverless/__init__.py +143 -0
- aws_cdk/aws_events/__init__.py +50 -30
- aws_cdk/aws_fis/__init__.py +33 -33
- aws_cdk/aws_fsx/__init__.py +20 -10
- aws_cdk/aws_glue/__init__.py +34 -11
- aws_cdk/aws_greengrass/__init__.py +8 -8
- aws_cdk/aws_guardduty/__init__.py +1 -1
- aws_cdk/aws_imagebuilder/__init__.py +45 -47
- aws_cdk/aws_internetmonitor/__init__.py +3 -3
- aws_cdk/aws_invoicing/__init__.py +55 -30
- aws_cdk/aws_iot/__init__.py +1117 -4
- aws_cdk/aws_iot1click/__init__.py +17 -7
- aws_cdk/aws_kendra/__init__.py +4 -6
- aws_cdk/aws_lambda/__init__.py +15 -1
- aws_cdk/aws_logs/__init__.py +4011 -86
- aws_cdk/aws_m2/__init__.py +41 -0
- aws_cdk/aws_mediaconnect/__init__.py +202 -7
- aws_cdk/aws_mediaconvert/__init__.py +39 -0
- aws_cdk/aws_memorydb/__init__.py +22 -22
- aws_cdk/aws_networkmanager/__init__.py +758 -0
- aws_cdk/aws_opensearchservice/__init__.py +222 -0
- aws_cdk/aws_organizations/__init__.py +5 -3
- aws_cdk/aws_pcs/__init__.py +3038 -0
- aws_cdk/aws_pipes/__init__.py +10 -10
- aws_cdk/aws_qbusiness/__init__.py +415 -140
- aws_cdk/aws_quicksight/__init__.py +59795 -49748
- aws_cdk/aws_ram/__init__.py +5 -11
- aws_cdk/aws_rbin/__init__.py +28 -16
- aws_cdk/aws_rds/__init__.py +186 -31
- aws_cdk/aws_redshiftserverless/__init__.py +156 -0
- aws_cdk/aws_resiliencehub/__init__.py +2 -1
- aws_cdk/aws_route53_targets/__init__.py +5 -5
- aws_cdk/aws_s3/__init__.py +25 -15
- aws_cdk/aws_s3express/__init__.py +7 -7
- aws_cdk/aws_s3tables/__init__.py +683 -0
- aws_cdk/aws_sagemaker/__init__.py +580 -195
- aws_cdk/aws_secretsmanager/__init__.py +2 -0
- aws_cdk/aws_securityhub/__init__.py +41 -165
- aws_cdk/aws_servicediscovery/__init__.py +10 -3
- aws_cdk/aws_ses/__init__.py +190 -5
- aws_cdk/aws_sns/__init__.py +7 -3
- aws_cdk/aws_synthetics/__init__.py +29 -4
- aws_cdk/aws_transfer/__init__.py +8 -0
- aws_cdk/aws_vpclattice/__init__.py +147 -77
- aws_cdk/aws_wafv2/__init__.py +20 -8
- aws_cdk/aws_wisdom/__init__.py +162 -111
- aws_cdk/aws_workspaces/__init__.py +10 -4
- aws_cdk/cloud_assembly_schema/__init__.py +22 -0
- aws_cdk/custom_resources/__init__.py +31 -0
- aws_cdk/cx_api/__init__.py +19 -0
- {aws_cdk_lib-2.173.4.dist-info → aws_cdk_lib-2.174.1.dist-info}/LICENSE +1 -1
- {aws_cdk_lib-2.173.4.dist-info → aws_cdk_lib-2.174.1.dist-info}/METADATA +2 -2
- {aws_cdk_lib-2.173.4.dist-info → aws_cdk_lib-2.174.1.dist-info}/NOTICE +1 -1
- {aws_cdk_lib-2.173.4.dist-info → aws_cdk_lib-2.174.1.dist-info}/RECORD +91 -89
- {aws_cdk_lib-2.173.4.dist-info → aws_cdk_lib-2.174.1.dist-info}/WHEEL +0 -0
- {aws_cdk_lib-2.173.4.dist-info → aws_cdk_lib-2.174.1.dist-info}/top_level.txt +0 -0
|
@@ -53,12 +53,14 @@ class CfnCustomResource(
|
|
|
53
53
|
metaclass=jsii.JSIIMeta,
|
|
54
54
|
jsii_type="aws-cdk-lib.aws_cloudformation.CfnCustomResource",
|
|
55
55
|
):
|
|
56
|
-
'''
|
|
56
|
+
'''The ``AWS::CloudFormation::CustomResource`` resource creates a custom resource.
|
|
57
57
|
|
|
58
|
-
Custom resources provide a way for you to write custom provisioning logic
|
|
58
|
+
Custom resources provide a way for you to write custom provisioning logic into your CloudFormation templates and have CloudFormation run it anytime you create, update (if you changed the custom resource), or delete a stack.
|
|
59
|
+
|
|
60
|
+
For more information, see `Create custom provisioning logic with custom resources <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-custom-resources.html>`_ in the *AWS CloudFormation User Guide* .
|
|
59
61
|
.. epigraph::
|
|
60
62
|
|
|
61
|
-
If you use
|
|
63
|
+
If you use AWS PrivateLink , custom resources in the VPC must have access to CloudFormation -specific Amazon S3 buckets. Custom resources must send responses to a presigned Amazon S3 URL. If they can't send responses to Amazon S3 , CloudFormation won't receive a response and the stack operation fails. For more information, see `Access CloudFormation using an interface endpoint ( AWS PrivateLink ) <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/vpc-interface-endpoints.html>`_ in the *AWS CloudFormation User Guide* .
|
|
62
64
|
|
|
63
65
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-customresource.html
|
|
64
66
|
:cloudformationResource: AWS::CloudFormation::CustomResource
|
|
@@ -261,9 +263,11 @@ class CfnGuardHook(
|
|
|
261
263
|
metaclass=jsii.JSIIMeta,
|
|
262
264
|
jsii_type="aws-cdk-lib.aws_cloudformation.CfnGuardHook",
|
|
263
265
|
):
|
|
264
|
-
'''The ``AWS::CloudFormation::GuardHook`` resource creates a Guard Hook
|
|
266
|
+
'''The ``AWS::CloudFormation::GuardHook`` resource creates and activates a Guard Hook.
|
|
267
|
+
|
|
268
|
+
Using the Guard domain specific language (DSL), you can author Guard Hooks to evaluate your resources before allowing stack operations.
|
|
265
269
|
|
|
266
|
-
|
|
270
|
+
For more information, see `Guard Hooks <https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/guard-hooks.html>`_ in the *AWS CloudFormation Hooks User Guide* .
|
|
267
271
|
|
|
268
272
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-guardhook.html
|
|
269
273
|
:cloudformationResource: AWS::CloudFormation::GuardHook
|
|
@@ -988,7 +992,7 @@ class CfnGuardHook(
|
|
|
988
992
|
) -> None:
|
|
989
993
|
'''The ``TargetFilters`` property type specifies the target filters for the Hook.
|
|
990
994
|
|
|
991
|
-
For more information, see `AWS CloudFormation Hook target filters <https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/
|
|
995
|
+
For more information, see `AWS CloudFormation Hook target filters <https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-target-filtering.html>`_ .
|
|
992
996
|
|
|
993
997
|
:param actions: List of actions that the hook is going to target.
|
|
994
998
|
:param invocation_points: List of invocation points that the hook is going to target.
|
|
@@ -1321,10 +1325,14 @@ class CfnHookDefaultVersion(
|
|
|
1321
1325
|
metaclass=jsii.JSIIMeta,
|
|
1322
1326
|
jsii_type="aws-cdk-lib.aws_cloudformation.CfnHookDefaultVersion",
|
|
1323
1327
|
):
|
|
1324
|
-
'''The ``HookDefaultVersion`` resource specifies the default version of
|
|
1328
|
+
'''The ``AWS::CloudFormation::HookDefaultVersion`` resource specifies the default version of a Hook.
|
|
1325
1329
|
|
|
1326
1330
|
The default version of the Hook is used in CloudFormation operations for this AWS account and AWS Region .
|
|
1327
1331
|
|
|
1332
|
+
For information about the CloudFormation registry, see `Managing extensions with the CloudFormation registry <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/registry.html>`_ in the *AWS CloudFormation User Guide* .
|
|
1333
|
+
|
|
1334
|
+
This resource type is not compatible with Guard and Lambda Hooks.
|
|
1335
|
+
|
|
1328
1336
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-hookdefaultversion.html
|
|
1329
1337
|
:cloudformationResource: AWS::CloudFormation::HookDefaultVersion
|
|
1330
1338
|
:exampleMetadata: fixture=_generated
|
|
@@ -1403,7 +1411,7 @@ class CfnHookDefaultVersion(
|
|
|
1403
1411
|
@builtins.property
|
|
1404
1412
|
@jsii.member(jsii_name="attrArn")
|
|
1405
1413
|
def attr_arn(self) -> builtins.str:
|
|
1406
|
-
'''The Amazon Resource Number (ARN) of the activated
|
|
1414
|
+
'''The Amazon Resource Number (ARN) of the activated Hook, in this account and Region.
|
|
1407
1415
|
|
|
1408
1416
|
:cloudformationAttribute: Arn
|
|
1409
1417
|
'''
|
|
@@ -1556,7 +1564,9 @@ class CfnHookTypeConfig(
|
|
|
1556
1564
|
metaclass=jsii.JSIIMeta,
|
|
1557
1565
|
jsii_type="aws-cdk-lib.aws_cloudformation.CfnHookTypeConfig",
|
|
1558
1566
|
):
|
|
1559
|
-
'''The ``HookTypeConfig`` resource specifies the configuration of
|
|
1567
|
+
'''The ``AWS::CloudFormation::HookTypeConfig`` resource specifies the configuration of an activated Hook.
|
|
1568
|
+
|
|
1569
|
+
For information about the CloudFormation registry, see `Managing extensions with the CloudFormation registry <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/registry.html>`_ in the *AWS CloudFormation User Guide* .
|
|
1560
1570
|
|
|
1561
1571
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-hooktypeconfig.html
|
|
1562
1572
|
:cloudformationResource: AWS::CloudFormation::HookTypeConfig
|
|
@@ -1592,7 +1602,7 @@ class CfnHookTypeConfig(
|
|
|
1592
1602
|
:param scope: Scope in which this resource is defined.
|
|
1593
1603
|
:param id: Construct identifier for this resource (unique in its scope).
|
|
1594
1604
|
:param configuration: Specifies the activated Hook type configuration, in this AWS account and AWS Region . You must specify either ``TypeName`` and ``Configuration`` or ``TypeArn`` and ``Configuration`` .
|
|
1595
|
-
:param configuration_alias:
|
|
1605
|
+
:param configuration_alias: An alias by which to refer to this configuration data. Defaults to ``default`` alias. Hook types currently support default configuration alias. Default: - "default"
|
|
1596
1606
|
:param type_arn: The Amazon Resource Number (ARN) for the Hook to set ``Configuration`` for. You must specify either ``TypeName`` and ``Configuration`` or ``TypeArn`` and ``Configuration`` .
|
|
1597
1607
|
:param type_name: The unique name for your Hook. Specifies a three-part namespace for your Hook, with a recommended pattern of ``Organization::Service::Hook`` . You must specify either ``TypeName`` and ``Configuration`` or ``TypeArn`` and ``Configuration`` .
|
|
1598
1608
|
'''
|
|
@@ -1669,7 +1679,7 @@ class CfnHookTypeConfig(
|
|
|
1669
1679
|
@builtins.property
|
|
1670
1680
|
@jsii.member(jsii_name="configurationAlias")
|
|
1671
1681
|
def configuration_alias(self) -> typing.Optional[builtins.str]:
|
|
1672
|
-
'''
|
|
1682
|
+
'''An alias by which to refer to this configuration data.'''
|
|
1673
1683
|
return typing.cast(typing.Optional[builtins.str], jsii.get(self, "configurationAlias"))
|
|
1674
1684
|
|
|
1675
1685
|
@configuration_alias.setter
|
|
@@ -1728,7 +1738,7 @@ class CfnHookTypeConfigProps:
|
|
|
1728
1738
|
'''Properties for defining a ``CfnHookTypeConfig``.
|
|
1729
1739
|
|
|
1730
1740
|
:param configuration: Specifies the activated Hook type configuration, in this AWS account and AWS Region . You must specify either ``TypeName`` and ``Configuration`` or ``TypeArn`` and ``Configuration`` .
|
|
1731
|
-
:param configuration_alias:
|
|
1741
|
+
:param configuration_alias: An alias by which to refer to this configuration data. Defaults to ``default`` alias. Hook types currently support default configuration alias. Default: - "default"
|
|
1732
1742
|
:param type_arn: The Amazon Resource Number (ARN) for the Hook to set ``Configuration`` for. You must specify either ``TypeName`` and ``Configuration`` or ``TypeArn`` and ``Configuration`` .
|
|
1733
1743
|
:param type_name: The unique name for your Hook. Specifies a three-part namespace for your Hook, with a recommended pattern of ``Organization::Service::Hook`` . You must specify either ``TypeName`` and ``Configuration`` or ``TypeArn`` and ``Configuration`` .
|
|
1734
1744
|
|
|
@@ -1780,7 +1790,7 @@ class CfnHookTypeConfigProps:
|
|
|
1780
1790
|
|
|
1781
1791
|
@builtins.property
|
|
1782
1792
|
def configuration_alias(self) -> typing.Optional[builtins.str]:
|
|
1783
|
-
'''
|
|
1793
|
+
'''An alias by which to refer to this configuration data.
|
|
1784
1794
|
|
|
1785
1795
|
Defaults to ``default`` alias. Hook types currently support default configuration alias.
|
|
1786
1796
|
|
|
@@ -1833,7 +1843,11 @@ class CfnHookVersion(
|
|
|
1833
1843
|
metaclass=jsii.JSIIMeta,
|
|
1834
1844
|
jsii_type="aws-cdk-lib.aws_cloudformation.CfnHookVersion",
|
|
1835
1845
|
):
|
|
1836
|
-
'''The ``HookVersion`` resource publishes new or first Hook
|
|
1846
|
+
'''The ``AWS::CloudFormation::HookVersion`` resource publishes new or first version of a Hook to the CloudFormation registry.
|
|
1847
|
+
|
|
1848
|
+
For information about the CloudFormation registry, see `Managing extensions with the CloudFormation registry <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/registry.html>`_ in the *AWS CloudFormation User Guide* .
|
|
1849
|
+
|
|
1850
|
+
This resource type is not compatible with Guard and Lambda Hooks.
|
|
1837
1851
|
|
|
1838
1852
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-hookversion.html
|
|
1839
1853
|
:cloudformationResource: AWS::CloudFormation::HookVersion
|
|
@@ -1871,7 +1885,7 @@ class CfnHookVersion(
|
|
|
1871
1885
|
'''
|
|
1872
1886
|
:param scope: Scope in which this resource is defined.
|
|
1873
1887
|
:param id: Construct identifier for this resource (unique in its scope).
|
|
1874
|
-
:param schema_handler_package: A URL to the Amazon S3 bucket containing the Hook project package that contains the necessary files for the Hook you want to register. For information on generating a schema handler package
|
|
1888
|
+
:param schema_handler_package: A URL to the Amazon S3 bucket containing the Hook project package that contains the necessary files for the Hook you want to register. For information on generating a schema handler package, see `Modeling custom CloudFormation Hooks <https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-model.html>`_ in the *AWS CloudFormation Hooks User Guide* . .. epigraph:: To register the Hook, you must have ``s3:GetObject`` permissions to access the S3 objects.
|
|
1875
1889
|
:param type_name: The unique name for your hook. Specifies a three-part namespace for your hook, with a recommended pattern of ``Organization::Service::Hook`` . .. epigraph:: The following organization namespaces are reserved and can't be used in your hook type names: - ``Alexa`` - ``AMZN`` - ``Amazon`` - ``ASK`` - ``AWS`` - ``Custom`` - ``Dev``
|
|
1876
1890
|
:param execution_role_arn: The Amazon Resource Name (ARN) of the task execution role that grants the Hook permission.
|
|
1877
1891
|
:param logging_config: Contains logging configuration information for an extension.
|
|
@@ -1958,12 +1972,12 @@ class CfnHookVersion(
|
|
|
1958
1972
|
@builtins.property
|
|
1959
1973
|
@jsii.member(jsii_name="attrVisibility")
|
|
1960
1974
|
def attr_visibility(self) -> builtins.str:
|
|
1961
|
-
'''The scope at which the
|
|
1975
|
+
'''The scope at which the Hook is visible and usable in CloudFormation operations.
|
|
1962
1976
|
|
|
1963
1977
|
Valid values include:
|
|
1964
1978
|
|
|
1965
|
-
- ``PRIVATE`` : The
|
|
1966
|
-
- ``PUBLIC`` : The
|
|
1979
|
+
- ``PRIVATE`` : The extension (Hook) is only visible and usable within the account in which it's registered. CloudFormation marks any resources you register as ``PRIVATE`` .
|
|
1980
|
+
- ``PUBLIC`` : The extension (Hook) is publicly visible and usable within any AWS account.
|
|
1967
1981
|
|
|
1968
1982
|
:cloudformationAttribute: Visibility
|
|
1969
1983
|
'''
|
|
@@ -2123,7 +2137,7 @@ class CfnHookVersionProps:
|
|
|
2123
2137
|
) -> None:
|
|
2124
2138
|
'''Properties for defining a ``CfnHookVersion``.
|
|
2125
2139
|
|
|
2126
|
-
:param schema_handler_package: A URL to the Amazon S3 bucket containing the Hook project package that contains the necessary files for the Hook you want to register. For information on generating a schema handler package
|
|
2140
|
+
:param schema_handler_package: A URL to the Amazon S3 bucket containing the Hook project package that contains the necessary files for the Hook you want to register. For information on generating a schema handler package, see `Modeling custom CloudFormation Hooks <https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-model.html>`_ in the *AWS CloudFormation Hooks User Guide* . .. epigraph:: To register the Hook, you must have ``s3:GetObject`` permissions to access the S3 objects.
|
|
2127
2141
|
:param type_name: The unique name for your hook. Specifies a three-part namespace for your hook, with a recommended pattern of ``Organization::Service::Hook`` . .. epigraph:: The following organization namespaces are reserved and can't be used in your hook type names: - ``Alexa`` - ``AMZN`` - ``Amazon`` - ``ASK`` - ``AWS`` - ``Custom`` - ``Dev``
|
|
2128
2142
|
:param execution_role_arn: The Amazon Resource Name (ARN) of the task execution role that grants the Hook permission.
|
|
2129
2143
|
:param logging_config: Contains logging configuration information for an extension.
|
|
@@ -2168,10 +2182,10 @@ class CfnHookVersionProps:
|
|
|
2168
2182
|
def schema_handler_package(self) -> builtins.str:
|
|
2169
2183
|
'''A URL to the Amazon S3 bucket containing the Hook project package that contains the necessary files for the Hook you want to register.
|
|
2170
2184
|
|
|
2171
|
-
For information on generating a schema handler package
|
|
2185
|
+
For information on generating a schema handler package, see `Modeling custom CloudFormation Hooks <https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-model.html>`_ in the *AWS CloudFormation Hooks User Guide* .
|
|
2172
2186
|
.. epigraph::
|
|
2173
2187
|
|
|
2174
|
-
|
|
2188
|
+
To register the Hook, you must have ``s3:GetObject`` permissions to access the S3 objects.
|
|
2175
2189
|
|
|
2176
2190
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-hookversion.html#cfn-cloudformation-hookversion-schemahandlerpackage
|
|
2177
2191
|
'''
|
|
@@ -2240,9 +2254,11 @@ class CfnLambdaHook(
|
|
|
2240
2254
|
metaclass=jsii.JSIIMeta,
|
|
2241
2255
|
jsii_type="aws-cdk-lib.aws_cloudformation.CfnLambdaHook",
|
|
2242
2256
|
):
|
|
2243
|
-
'''The ``AWS::CloudFormation::LambdaHook`` resource creates a Lambda Hook
|
|
2257
|
+
'''The ``AWS::CloudFormation::LambdaHook`` resource creates and activates a Lambda Hook.
|
|
2244
2258
|
|
|
2245
|
-
You can use a Lambda Hook to evaluate your resources before allowing stack
|
|
2259
|
+
You can use a Lambda Hook to evaluate your resources before allowing stack operations. This resource forwards requests for resource evaluation to a Lambda function.
|
|
2260
|
+
|
|
2261
|
+
For more information, see `Lambda Hooks <https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/lambda-hooks.html>`_ in the *AWS CloudFormation Hooks User Guide* .
|
|
2246
2262
|
|
|
2247
2263
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-lambdahook.html
|
|
2248
2264
|
:cloudformationResource: AWS::CloudFormation::LambdaHook
|
|
@@ -2773,7 +2789,7 @@ class CfnLambdaHook(
|
|
|
2773
2789
|
) -> None:
|
|
2774
2790
|
'''The ``TargetFilters`` property type specifies the target filters for the Hook.
|
|
2775
2791
|
|
|
2776
|
-
For more information, see `AWS CloudFormation Hook target filters <https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/
|
|
2792
|
+
For more information, see `AWS CloudFormation Hook target filters <https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-target-filtering.html>`_ .
|
|
2777
2793
|
|
|
2778
2794
|
:param actions: List of actions that the hook is going to target.
|
|
2779
2795
|
:param invocation_points: List of invocation points that the hook is going to target.
|
|
@@ -3059,7 +3075,7 @@ class CfnMacro(
|
|
|
3059
3075
|
):
|
|
3060
3076
|
'''The ``AWS::CloudFormation::Macro`` resource is a CloudFormation resource type that creates a CloudFormation macro to perform custom processing on CloudFormation templates.
|
|
3061
3077
|
|
|
3062
|
-
For more information, see `
|
|
3078
|
+
For more information, see `Perform custom processing on CloudFormation templates with template macros <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-macros.html>`_ in the *AWS CloudFormation User Guide* .
|
|
3063
3079
|
|
|
3064
3080
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-macro.html
|
|
3065
3081
|
:cloudformationResource: AWS::CloudFormation::Macro
|
|
@@ -3096,11 +3112,11 @@ class CfnMacro(
|
|
|
3096
3112
|
'''
|
|
3097
3113
|
:param scope: Scope in which this resource is defined.
|
|
3098
3114
|
:param id: Construct identifier for this resource (unique in its scope).
|
|
3099
|
-
:param function_name: The Amazon Resource Name (ARN) of the underlying
|
|
3115
|
+
:param function_name: The Amazon Resource Name (ARN) of the underlying Lambda function that you want CloudFormation to invoke when the macro is run.
|
|
3100
3116
|
:param name: The name of the macro. The name of the macro must be unique across all macros in the account.
|
|
3101
3117
|
:param description: A description of the macro.
|
|
3102
|
-
:param log_group_name: The CloudWatch Logs group to which
|
|
3103
|
-
:param log_role_arn: The ARN of the role
|
|
3118
|
+
:param log_group_name: The CloudWatch Logs group to which CloudFormation sends error logging information when invoking the macro's underlying Lambda function.
|
|
3119
|
+
:param log_role_arn: The ARN of the role CloudFormation should assume when sending log entries to CloudWatch Logs .
|
|
3104
3120
|
'''
|
|
3105
3121
|
if __debug__:
|
|
3106
3122
|
type_hints = typing.get_type_hints(_typecheckingstub__459b4551acd819b198938843c729caa68cfe3bcc1ac16be0f4fd2dcd90f33831)
|
|
@@ -3162,7 +3178,7 @@ class CfnMacro(
|
|
|
3162
3178
|
@builtins.property
|
|
3163
3179
|
@jsii.member(jsii_name="functionName")
|
|
3164
3180
|
def function_name(self) -> builtins.str:
|
|
3165
|
-
'''The Amazon Resource Name (ARN) of the underlying
|
|
3181
|
+
'''The Amazon Resource Name (ARN) of the underlying Lambda function that you want CloudFormation to invoke when the macro is run.'''
|
|
3166
3182
|
return typing.cast(builtins.str, jsii.get(self, "functionName"))
|
|
3167
3183
|
|
|
3168
3184
|
@function_name.setter
|
|
@@ -3201,7 +3217,7 @@ class CfnMacro(
|
|
|
3201
3217
|
@builtins.property
|
|
3202
3218
|
@jsii.member(jsii_name="logGroupName")
|
|
3203
3219
|
def log_group_name(self) -> typing.Optional[builtins.str]:
|
|
3204
|
-
'''The CloudWatch Logs group to which
|
|
3220
|
+
'''The CloudWatch Logs group to which CloudFormation sends error logging information when invoking the macro's underlying Lambda function.'''
|
|
3205
3221
|
return typing.cast(typing.Optional[builtins.str], jsii.get(self, "logGroupName"))
|
|
3206
3222
|
|
|
3207
3223
|
@log_group_name.setter
|
|
@@ -3214,7 +3230,7 @@ class CfnMacro(
|
|
|
3214
3230
|
@builtins.property
|
|
3215
3231
|
@jsii.member(jsii_name="logRoleArn")
|
|
3216
3232
|
def log_role_arn(self) -> typing.Optional[builtins.str]:
|
|
3217
|
-
'''The ARN of the role
|
|
3233
|
+
'''The ARN of the role CloudFormation should assume when sending log entries to CloudWatch Logs .'''
|
|
3218
3234
|
return typing.cast(typing.Optional[builtins.str], jsii.get(self, "logRoleArn"))
|
|
3219
3235
|
|
|
3220
3236
|
@log_role_arn.setter
|
|
@@ -3248,11 +3264,11 @@ class CfnMacroProps:
|
|
|
3248
3264
|
) -> None:
|
|
3249
3265
|
'''Properties for defining a ``CfnMacro``.
|
|
3250
3266
|
|
|
3251
|
-
:param function_name: The Amazon Resource Name (ARN) of the underlying
|
|
3267
|
+
:param function_name: The Amazon Resource Name (ARN) of the underlying Lambda function that you want CloudFormation to invoke when the macro is run.
|
|
3252
3268
|
:param name: The name of the macro. The name of the macro must be unique across all macros in the account.
|
|
3253
3269
|
:param description: A description of the macro.
|
|
3254
|
-
:param log_group_name: The CloudWatch Logs group to which
|
|
3255
|
-
:param log_role_arn: The ARN of the role
|
|
3270
|
+
:param log_group_name: The CloudWatch Logs group to which CloudFormation sends error logging information when invoking the macro's underlying Lambda function.
|
|
3271
|
+
:param log_role_arn: The ARN of the role CloudFormation should assume when sending log entries to CloudWatch Logs .
|
|
3256
3272
|
|
|
3257
3273
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-macro.html
|
|
3258
3274
|
:exampleMetadata: fixture=_generated
|
|
@@ -3293,7 +3309,7 @@ class CfnMacroProps:
|
|
|
3293
3309
|
|
|
3294
3310
|
@builtins.property
|
|
3295
3311
|
def function_name(self) -> builtins.str:
|
|
3296
|
-
'''The Amazon Resource Name (ARN) of the underlying
|
|
3312
|
+
'''The Amazon Resource Name (ARN) of the underlying Lambda function that you want CloudFormation to invoke when the macro is run.
|
|
3297
3313
|
|
|
3298
3314
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-macro.html#cfn-cloudformation-macro-functionname
|
|
3299
3315
|
'''
|
|
@@ -3324,7 +3340,7 @@ class CfnMacroProps:
|
|
|
3324
3340
|
|
|
3325
3341
|
@builtins.property
|
|
3326
3342
|
def log_group_name(self) -> typing.Optional[builtins.str]:
|
|
3327
|
-
'''The CloudWatch Logs group to which
|
|
3343
|
+
'''The CloudWatch Logs group to which CloudFormation sends error logging information when invoking the macro's underlying Lambda function.
|
|
3328
3344
|
|
|
3329
3345
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-macro.html#cfn-cloudformation-macro-loggroupname
|
|
3330
3346
|
'''
|
|
@@ -3333,7 +3349,7 @@ class CfnMacroProps:
|
|
|
3333
3349
|
|
|
3334
3350
|
@builtins.property
|
|
3335
3351
|
def log_role_arn(self) -> typing.Optional[builtins.str]:
|
|
3336
|
-
'''The ARN of the role
|
|
3352
|
+
'''The ARN of the role CloudFormation should assume when sending log entries to CloudWatch Logs .
|
|
3337
3353
|
|
|
3338
3354
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-macro.html#cfn-cloudformation-macro-logrolearn
|
|
3339
3355
|
'''
|
|
@@ -3362,9 +3378,9 @@ class CfnModuleDefaultVersion(
|
|
|
3362
3378
|
|
|
3363
3379
|
The default version of the module will be used in CloudFormation operations for this account and Region.
|
|
3364
3380
|
|
|
3365
|
-
|
|
3381
|
+
For more information, see `Create reusable resource configurations that can be included across templates with CloudFormation modules <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/modules.html>`_ in the *AWS CloudFormation User Guide* .
|
|
3366
3382
|
|
|
3367
|
-
For
|
|
3383
|
+
For information about the CloudFormation registry, see `Managing extensions with the CloudFormation registry <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/registry.html>`_ in the *AWS CloudFormation User Guide* .
|
|
3368
3384
|
|
|
3369
3385
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-moduledefaultversion.html
|
|
3370
3386
|
:cloudformationResource: AWS::CloudFormation::ModuleDefaultVersion
|
|
@@ -3586,13 +3602,13 @@ class CfnModuleVersion(
|
|
|
3586
3602
|
metaclass=jsii.JSIIMeta,
|
|
3587
3603
|
jsii_type="aws-cdk-lib.aws_cloudformation.CfnModuleVersion",
|
|
3588
3604
|
):
|
|
3589
|
-
'''
|
|
3605
|
+
'''The ``AWS::CloudFormation::ModuleVersion`` resource registers the specified version of the module with the CloudFormation registry.
|
|
3590
3606
|
|
|
3591
3607
|
Registering a module makes it available for use in CloudFormation templates in your AWS account and Region.
|
|
3592
3608
|
|
|
3593
|
-
|
|
3609
|
+
For more information, see `Create reusable resource configurations that can be included across templates with CloudFormation modules <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/modules.html>`_ in the *CloudFormation User Guide* .
|
|
3594
3610
|
|
|
3595
|
-
For
|
|
3611
|
+
For information about the CloudFormation registry, see `Managing extensions with the CloudFormation registry <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/registry.html>`_ in the *AWS CloudFormation User Guide* .
|
|
3596
3612
|
|
|
3597
3613
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-moduleversion.html
|
|
3598
3614
|
:cloudformationResource: AWS::CloudFormation::ModuleVersion
|
|
@@ -3622,7 +3638,7 @@ class CfnModuleVersion(
|
|
|
3622
3638
|
:param scope: Scope in which this resource is defined.
|
|
3623
3639
|
:param id: Construct identifier for this resource (unique in its scope).
|
|
3624
3640
|
:param module_name: The name of the module being registered.
|
|
3625
|
-
:param module_package: A URL to the S3 bucket containing the package that contains the template fragment and schema files for the module version to register.
|
|
3641
|
+
:param module_package: A URL to the S3 bucket containing the package that contains the template fragment and schema files for the module version to register. For more information, see `Module structure and requirements <https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/modules-structure.html>`_ in the *AWS CloudFormation Command Line Interface (CLI) User Guide* . .. epigraph:: To register the module version, you must have ``s3:GetObject`` permissions to access the S3 objects.
|
|
3626
3642
|
'''
|
|
3627
3643
|
if __debug__:
|
|
3628
3644
|
type_hints = typing.get_type_hints(_typecheckingstub__50da97e251a6b1bacc1202d70f10c857ca74139ea4e8bcc35b2ff47e8b8b2729)
|
|
@@ -3667,7 +3683,7 @@ class CfnModuleVersion(
|
|
|
3667
3683
|
@builtins.property
|
|
3668
3684
|
@jsii.member(jsii_name="attrArn")
|
|
3669
3685
|
def attr_arn(self) -> builtins.str:
|
|
3670
|
-
'''The Amazon Resource Name (ARN) of the
|
|
3686
|
+
'''The Amazon Resource Name (ARN) of the module.
|
|
3671
3687
|
|
|
3672
3688
|
:cloudformationAttribute: Arn
|
|
3673
3689
|
'''
|
|
@@ -3676,7 +3692,7 @@ class CfnModuleVersion(
|
|
|
3676
3692
|
@builtins.property
|
|
3677
3693
|
@jsii.member(jsii_name="attrDescription")
|
|
3678
3694
|
def attr_description(self) -> builtins.str:
|
|
3679
|
-
'''The description of the
|
|
3695
|
+
'''The description of the module.
|
|
3680
3696
|
|
|
3681
3697
|
:cloudformationAttribute: Description
|
|
3682
3698
|
'''
|
|
@@ -3694,7 +3710,7 @@ class CfnModuleVersion(
|
|
|
3694
3710
|
@builtins.property
|
|
3695
3711
|
@jsii.member(jsii_name="attrIsDefaultVersion")
|
|
3696
3712
|
def attr_is_default_version(self) -> _IResolvable_da3f097b:
|
|
3697
|
-
'''Whether the specified
|
|
3713
|
+
'''Whether the specified module version is set as the default version.
|
|
3698
3714
|
|
|
3699
3715
|
This applies only to private extensions you have registered in your account, and extensions published by AWS . For public third-party extensions, whether they are activated in your account, CloudFormation returns ``null`` .
|
|
3700
3716
|
|
|
@@ -3705,9 +3721,7 @@ class CfnModuleVersion(
|
|
|
3705
3721
|
@builtins.property
|
|
3706
3722
|
@jsii.member(jsii_name="attrSchema")
|
|
3707
3723
|
def attr_schema(self) -> builtins.str:
|
|
3708
|
-
'''The schema that defines the
|
|
3709
|
-
|
|
3710
|
-
For more information about extension schemas, see `Resource type schema <https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-schema.html>`_ in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .
|
|
3724
|
+
'''The schema that defines the module.
|
|
3711
3725
|
|
|
3712
3726
|
:cloudformationAttribute: Schema
|
|
3713
3727
|
'''
|
|
@@ -3716,7 +3730,7 @@ class CfnModuleVersion(
|
|
|
3716
3730
|
@builtins.property
|
|
3717
3731
|
@jsii.member(jsii_name="attrTimeCreated")
|
|
3718
3732
|
def attr_time_created(self) -> builtins.str:
|
|
3719
|
-
'''When the specified private
|
|
3733
|
+
'''When the specified private module version was registered or activated in your account.
|
|
3720
3734
|
|
|
3721
3735
|
:cloudformationAttribute: TimeCreated
|
|
3722
3736
|
'''
|
|
@@ -3734,12 +3748,12 @@ class CfnModuleVersion(
|
|
|
3734
3748
|
@builtins.property
|
|
3735
3749
|
@jsii.member(jsii_name="attrVisibility")
|
|
3736
3750
|
def attr_visibility(self) -> builtins.str:
|
|
3737
|
-
'''The scope at which the
|
|
3751
|
+
'''The scope at which the module is visible and usable in CloudFormation operations.
|
|
3738
3752
|
|
|
3739
3753
|
Valid values include:
|
|
3740
3754
|
|
|
3741
|
-
- ``PRIVATE`` : The extension is only visible and usable within the account in which it is registered. CloudFormation marks any extensions you register as ``PRIVATE`` .
|
|
3742
|
-
- ``PUBLIC`` : The extension is publicly visible and usable within any AWS account.
|
|
3755
|
+
- ``PRIVATE`` : The extension (module) is only visible and usable within the account in which it is registered. CloudFormation marks any extensions you register as ``PRIVATE`` .
|
|
3756
|
+
- ``PUBLIC`` : The extension (module) is publicly visible and usable within any AWS account.
|
|
3743
3757
|
|
|
3744
3758
|
:cloudformationAttribute: Visibility
|
|
3745
3759
|
'''
|
|
@@ -3792,7 +3806,7 @@ class CfnModuleVersionProps:
|
|
|
3792
3806
|
'''Properties for defining a ``CfnModuleVersion``.
|
|
3793
3807
|
|
|
3794
3808
|
:param module_name: The name of the module being registered.
|
|
3795
|
-
:param module_package: A URL to the S3 bucket containing the package that contains the template fragment and schema files for the module version to register.
|
|
3809
|
+
:param module_package: A URL to the S3 bucket containing the package that contains the template fragment and schema files for the module version to register. For more information, see `Module structure and requirements <https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/modules-structure.html>`_ in the *AWS CloudFormation Command Line Interface (CLI) User Guide* . .. epigraph:: To register the module version, you must have ``s3:GetObject`` permissions to access the S3 objects.
|
|
3796
3810
|
|
|
3797
3811
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-moduleversion.html
|
|
3798
3812
|
:exampleMetadata: fixture=_generated
|
|
@@ -3831,9 +3845,10 @@ class CfnModuleVersionProps:
|
|
|
3831
3845
|
def module_package(self) -> builtins.str:
|
|
3832
3846
|
'''A URL to the S3 bucket containing the package that contains the template fragment and schema files for the module version to register.
|
|
3833
3847
|
|
|
3848
|
+
For more information, see `Module structure and requirements <https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/modules-structure.html>`_ in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .
|
|
3834
3849
|
.. epigraph::
|
|
3835
3850
|
|
|
3836
|
-
|
|
3851
|
+
To register the module version, you must have ``s3:GetObject`` permissions to access the S3 objects.
|
|
3837
3852
|
|
|
3838
3853
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-moduleversion.html#cfn-cloudformation-moduleversion-modulepackage
|
|
3839
3854
|
'''
|
|
@@ -3859,20 +3874,20 @@ class CfnPublicTypeVersion(
|
|
|
3859
3874
|
metaclass=jsii.JSIIMeta,
|
|
3860
3875
|
jsii_type="aws-cdk-lib.aws_cloudformation.CfnPublicTypeVersion",
|
|
3861
3876
|
):
|
|
3862
|
-
'''
|
|
3877
|
+
'''The ``AWS::CloudFormation::PublicTypeVersion`` resource tests and publishes a registered extension as a public, third-party extension.
|
|
3863
3878
|
|
|
3864
3879
|
CloudFormation first tests the extension to make sure it meets all necessary requirements for being published in the CloudFormation registry. If it does, CloudFormation then publishes it to the registry as a public third-party extension in this Region. Public extensions are available for use by all CloudFormation users.
|
|
3865
3880
|
|
|
3866
3881
|
- For resource types, testing includes passing all contracts tests defined for the type.
|
|
3867
3882
|
- For modules, testing includes determining if the module's model meets all necessary requirements.
|
|
3868
3883
|
|
|
3869
|
-
For more information, see `Testing your public extension prior to publishing <https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/publish-extension.html#publish-extension-testing>`_ in the *CloudFormation CLI User Guide* .
|
|
3884
|
+
For more information, see `Testing your public extension prior to publishing <https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/publish-extension.html#publish-extension-testing>`_ in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .
|
|
3870
3885
|
|
|
3871
3886
|
If you don't specify a version, CloudFormation uses the default version of the extension in your account and Region for testing.
|
|
3872
3887
|
|
|
3873
3888
|
To perform testing, CloudFormation assumes the execution role specified when the type was registered.
|
|
3874
3889
|
|
|
3875
|
-
An extension must have a test status of ``PASSED`` before it can be published. For more information, see `Publishing extensions to make them available for public use <https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/
|
|
3890
|
+
An extension must have a test status of ``PASSED`` before it can be published. For more information, see `Publishing extensions to make them available for public use <https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/publish-extension.html>`_ in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .
|
|
3876
3891
|
|
|
3877
3892
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-publictypeversion.html
|
|
3878
3893
|
:cloudformationResource: AWS::CloudFormation::PublicTypeVersion
|
|
@@ -3908,7 +3923,7 @@ class CfnPublicTypeVersion(
|
|
|
3908
3923
|
:param scope: Scope in which this resource is defined.
|
|
3909
3924
|
:param id: Construct identifier for this resource (unique in its scope).
|
|
3910
3925
|
:param arn: The Amazon Resource Number (ARN) of the extension. Conditional: You must specify ``Arn`` , or ``TypeName`` and ``Type`` .
|
|
3911
|
-
:param log_delivery_bucket: The S3 bucket to which CloudFormation delivers the contract test execution logs. CloudFormation delivers the logs by the time contract testing has completed and the extension has been assigned a test type status of ``PASSED`` or ``FAILED`` . The user initiating the stack operation must be able to access items in the specified S3 bucket. Specifically, the user needs the following permissions: - GetObject - PutObject
|
|
3926
|
+
:param log_delivery_bucket: The S3 bucket to which CloudFormation delivers the contract test execution logs. CloudFormation delivers the logs by the time contract testing has completed and the extension has been assigned a test type status of ``PASSED`` or ``FAILED`` . The user initiating the stack operation must be able to access items in the specified S3 bucket. Specifically, the user needs the following permissions: - s3:GetObject - s3:PutObject
|
|
3912
3927
|
:param public_version_number: The version number to assign to this version of the extension. Use the following format, and adhere to semantic versioning when assigning a version number to your extension: ``MAJOR.MINOR.PATCH`` For more information, see `Semantic Versioning 2.0.0 <https://docs.aws.amazon.com/https://semver.org/>`_ . If you don't specify a version number, CloudFormation increments the version number by one minor version release. You cannot specify a version number the first time you publish a type. CloudFormation automatically sets the first version number to be ``1.0.0`` .
|
|
3913
3928
|
:param type: The type of the extension to test. Conditional: You must specify ``Arn`` , or ``TypeName`` and ``Type`` .
|
|
3914
3929
|
:param type_name: The name of the extension to test. Conditional: You must specify ``Arn`` , or ``TypeName`` and ``Type`` .
|
|
@@ -4081,7 +4096,7 @@ class CfnPublicTypeVersionProps:
|
|
|
4081
4096
|
'''Properties for defining a ``CfnPublicTypeVersion``.
|
|
4082
4097
|
|
|
4083
4098
|
:param arn: The Amazon Resource Number (ARN) of the extension. Conditional: You must specify ``Arn`` , or ``TypeName`` and ``Type`` .
|
|
4084
|
-
:param log_delivery_bucket: The S3 bucket to which CloudFormation delivers the contract test execution logs. CloudFormation delivers the logs by the time contract testing has completed and the extension has been assigned a test type status of ``PASSED`` or ``FAILED`` . The user initiating the stack operation must be able to access items in the specified S3 bucket. Specifically, the user needs the following permissions: - GetObject - PutObject
|
|
4099
|
+
:param log_delivery_bucket: The S3 bucket to which CloudFormation delivers the contract test execution logs. CloudFormation delivers the logs by the time contract testing has completed and the extension has been assigned a test type status of ``PASSED`` or ``FAILED`` . The user initiating the stack operation must be able to access items in the specified S3 bucket. Specifically, the user needs the following permissions: - s3:GetObject - s3:PutObject
|
|
4085
4100
|
:param public_version_number: The version number to assign to this version of the extension. Use the following format, and adhere to semantic versioning when assigning a version number to your extension: ``MAJOR.MINOR.PATCH`` For more information, see `Semantic Versioning 2.0.0 <https://docs.aws.amazon.com/https://semver.org/>`_ . If you don't specify a version number, CloudFormation increments the version number by one minor version release. You cannot specify a version number the first time you publish a type. CloudFormation automatically sets the first version number to be ``1.0.0`` .
|
|
4086
4101
|
:param type: The type of the extension to test. Conditional: You must specify ``Arn`` , or ``TypeName`` and ``Type`` .
|
|
4087
4102
|
:param type_name: The name of the extension to test. Conditional: You must specify ``Arn`` , or ``TypeName`` and ``Type`` .
|
|
@@ -4141,10 +4156,8 @@ class CfnPublicTypeVersionProps:
|
|
|
4141
4156
|
|
|
4142
4157
|
The user initiating the stack operation must be able to access items in the specified S3 bucket. Specifically, the user needs the following permissions:
|
|
4143
4158
|
|
|
4144
|
-
- GetObject
|
|
4145
|
-
- PutObject
|
|
4146
|
-
|
|
4147
|
-
For more information, see `Actions, Resources, and Condition Keys for Amazon S3 <https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazons3.html>`_ in the *AWS Identity and Access Management User Guide* .
|
|
4159
|
+
- s3:GetObject
|
|
4160
|
+
- s3:PutObject
|
|
4148
4161
|
|
|
4149
4162
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-publictypeversion.html#cfn-cloudformation-publictypeversion-logdeliverybucket
|
|
4150
4163
|
'''
|
|
@@ -4210,11 +4223,11 @@ class CfnPublisher(
|
|
|
4210
4223
|
metaclass=jsii.JSIIMeta,
|
|
4211
4224
|
jsii_type="aws-cdk-lib.aws_cloudformation.CfnPublisher",
|
|
4212
4225
|
):
|
|
4213
|
-
'''
|
|
4226
|
+
'''The ``AWS::CloudFormation::Publisher`` resource registers your account as a publisher of public extensions in the CloudFormation registry.
|
|
4214
4227
|
|
|
4215
4228
|
Public extensions are available for use by all CloudFormation users.
|
|
4216
4229
|
|
|
4217
|
-
For information on requirements for registering as a public extension publisher, see `
|
|
4230
|
+
For information on requirements for registering as a public extension publisher, see `Publishing extensions to make them available for public use <https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/publish-extension.htm>`_ in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .
|
|
4218
4231
|
|
|
4219
4232
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-publisher.html
|
|
4220
4233
|
:cloudformationResource: AWS::CloudFormation::Publisher
|
|
@@ -4453,10 +4466,12 @@ class CfnResourceDefaultVersion(
|
|
|
4453
4466
|
metaclass=jsii.JSIIMeta,
|
|
4454
4467
|
jsii_type="aws-cdk-lib.aws_cloudformation.CfnResourceDefaultVersion",
|
|
4455
4468
|
):
|
|
4456
|
-
'''
|
|
4469
|
+
'''The ``AWS::CloudFormation::ResourceDefaultVersion`` resource specifies the default version of a resource.
|
|
4457
4470
|
|
|
4458
4471
|
The default version of a resource will be used in CloudFormation operations.
|
|
4459
4472
|
|
|
4473
|
+
For information about the CloudFormation registry, see `Managing extensions with the CloudFormation registry <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/registry.html>`_ in the *AWS CloudFormation User Guide* .
|
|
4474
|
+
|
|
4460
4475
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-resourcedefaultversion.html
|
|
4461
4476
|
:cloudformationResource: AWS::CloudFormation::ResourceDefaultVersion
|
|
4462
4477
|
:exampleMetadata: fixture=_generated
|
|
@@ -4690,7 +4705,7 @@ class CfnResourceVersion(
|
|
|
4690
4705
|
metaclass=jsii.JSIIMeta,
|
|
4691
4706
|
jsii_type="aws-cdk-lib.aws_cloudformation.CfnResourceVersion",
|
|
4692
4707
|
):
|
|
4693
|
-
'''
|
|
4708
|
+
'''The ``AWS::CloudFormation::ResourceVersion`` resource registers a resource version with the CloudFormation registry.
|
|
4694
4709
|
|
|
4695
4710
|
Registering a resource version makes it available for use in CloudFormation templates in your AWS account , and includes:
|
|
4696
4711
|
|
|
@@ -4698,7 +4713,7 @@ class CfnResourceVersion(
|
|
|
4698
4713
|
- Determining which handlers, if any, have been specified for the resource.
|
|
4699
4714
|
- Making the resource available for use in your account.
|
|
4700
4715
|
|
|
4701
|
-
For
|
|
4716
|
+
For information about the CloudFormation registry, see `Managing extensions with the CloudFormation registry <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/registry.html>`_ in the *AWS CloudFormation User Guide* .
|
|
4702
4717
|
|
|
4703
4718
|
You can have a maximum of 50 resource versions registered at a time. This maximum is per account and per Region.
|
|
4704
4719
|
|
|
@@ -4738,9 +4753,9 @@ class CfnResourceVersion(
|
|
|
4738
4753
|
'''
|
|
4739
4754
|
:param scope: Scope in which this resource is defined.
|
|
4740
4755
|
:param id: Construct identifier for this resource (unique in its scope).
|
|
4741
|
-
:param schema_handler_package: A URL to the S3 bucket containing the resource project package that contains the necessary files for the resource you want to register. For information on generating a schema handler package
|
|
4756
|
+
:param schema_handler_package: A URL to the S3 bucket containing the resource project package that contains the necessary files for the resource you want to register. For information on generating a schema handler package, see `Modeling resource types to use with AWS CloudFormation <https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-model.html>`_ in the *AWS CloudFormation Command Line Interface (CLI) User Guide* . .. epigraph:: To register the resource version, you must have ``s3:GetObject`` permissions to access the S3 objects.
|
|
4742
4757
|
:param type_name: The name of the resource being registered. We recommend that resource names adhere to the following pattern: *company_or_organization* :: *service* :: *type* . .. epigraph:: The following organization namespaces are reserved and can't be used in your resource names: - ``Alexa`` - ``AMZN`` - ``Amazon`` - ``AWS`` - ``Custom`` - ``Dev``
|
|
4743
|
-
:param execution_role_arn: The Amazon Resource Name (ARN) of the IAM role for CloudFormation to assume when invoking the resource. If your resource calls AWS APIs in any of its handlers, you must create an
|
|
4758
|
+
:param execution_role_arn: The Amazon Resource Name (ARN) of the IAM role for CloudFormation to assume when invoking the resource. If your resource calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. When CloudFormation needs to invoke the resource type handler, CloudFormation assumes this execution role to create a temporary session token, which it then passes to the resource type handler, thereby supplying your resource type with the appropriate credentials.
|
|
4744
4759
|
:param logging_config: Logging configuration information for a resource.
|
|
4745
4760
|
'''
|
|
4746
4761
|
if __debug__:
|
|
@@ -4789,7 +4804,7 @@ class CfnResourceVersion(
|
|
|
4789
4804
|
@builtins.property
|
|
4790
4805
|
@jsii.member(jsii_name="attrArn")
|
|
4791
4806
|
def attr_arn(self) -> builtins.str:
|
|
4792
|
-
'''The Amazon Resource Name (ARN) of the
|
|
4807
|
+
'''The Amazon Resource Name (ARN) of the resource.
|
|
4793
4808
|
|
|
4794
4809
|
:cloudformationAttribute: Arn
|
|
4795
4810
|
'''
|
|
@@ -4798,7 +4813,7 @@ class CfnResourceVersion(
|
|
|
4798
4813
|
@builtins.property
|
|
4799
4814
|
@jsii.member(jsii_name="attrIsDefaultVersion")
|
|
4800
4815
|
def attr_is_default_version(self) -> _IResolvable_da3f097b:
|
|
4801
|
-
'''Whether the specified
|
|
4816
|
+
'''Whether the specified resource version is set as the default version.
|
|
4802
4817
|
|
|
4803
4818
|
This applies only to private extensions you have registered in your account, and extensions published by AWS . For public third-party extensions, whether they are activated in your account, CloudFormation returns ``null`` .
|
|
4804
4819
|
|
|
@@ -4829,7 +4844,7 @@ class CfnResourceVersion(
|
|
|
4829
4844
|
@builtins.property
|
|
4830
4845
|
@jsii.member(jsii_name="attrTypeArn")
|
|
4831
4846
|
def attr_type_arn(self) -> builtins.str:
|
|
4832
|
-
'''The Amazon Resource Name (ARN)
|
|
4847
|
+
'''The Amazon Resource Name (ARN) for the extension.
|
|
4833
4848
|
|
|
4834
4849
|
:cloudformationAttribute: TypeArn
|
|
4835
4850
|
'''
|
|
@@ -4838,11 +4853,9 @@ class CfnResourceVersion(
|
|
|
4838
4853
|
@builtins.property
|
|
4839
4854
|
@jsii.member(jsii_name="attrVersionId")
|
|
4840
4855
|
def attr_version_id(self) -> builtins.str:
|
|
4841
|
-
'''The ID of a specific version of the
|
|
4842
|
-
|
|
4843
|
-
The version ID is the value at the end of the Amazon Resource Name (ARN) assigned to the extension version when it is registered.
|
|
4856
|
+
'''The ID of a specific version of the resource.
|
|
4844
4857
|
|
|
4845
|
-
|
|
4858
|
+
The version ID is the value at the end of the Amazon Resource Name (ARN) assigned to the resource version when it is registered.
|
|
4846
4859
|
|
|
4847
4860
|
:cloudformationAttribute: VersionId
|
|
4848
4861
|
'''
|
|
@@ -4851,12 +4864,12 @@ class CfnResourceVersion(
|
|
|
4851
4864
|
@builtins.property
|
|
4852
4865
|
@jsii.member(jsii_name="attrVisibility")
|
|
4853
4866
|
def attr_visibility(self) -> builtins.str:
|
|
4854
|
-
'''The scope at which the
|
|
4867
|
+
'''The scope at which the resource is visible and usable in CloudFormation operations.
|
|
4855
4868
|
|
|
4856
4869
|
Valid values include:
|
|
4857
4870
|
|
|
4858
|
-
- ``PRIVATE`` : The extension is only visible and usable within the account in which it is registered. CloudFormation marks any extensions you register as ``PRIVATE`` .
|
|
4859
|
-
- ``PUBLIC`` : The extension is publicly visible and usable within any AWS account.
|
|
4871
|
+
- ``PRIVATE`` : The extension (resource) is only visible and usable within the account in which it is registered. CloudFormation marks any extensions you register as ``PRIVATE`` .
|
|
4872
|
+
- ``PUBLIC`` : The extension (resource) is publicly visible and usable within any AWS account.
|
|
4860
4873
|
|
|
4861
4874
|
:cloudformationAttribute: Visibility
|
|
4862
4875
|
'''
|
|
@@ -5016,9 +5029,9 @@ class CfnResourceVersionProps:
|
|
|
5016
5029
|
) -> None:
|
|
5017
5030
|
'''Properties for defining a ``CfnResourceVersion``.
|
|
5018
5031
|
|
|
5019
|
-
:param schema_handler_package: A URL to the S3 bucket containing the resource project package that contains the necessary files for the resource you want to register. For information on generating a schema handler package
|
|
5032
|
+
:param schema_handler_package: A URL to the S3 bucket containing the resource project package that contains the necessary files for the resource you want to register. For information on generating a schema handler package, see `Modeling resource types to use with AWS CloudFormation <https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-model.html>`_ in the *AWS CloudFormation Command Line Interface (CLI) User Guide* . .. epigraph:: To register the resource version, you must have ``s3:GetObject`` permissions to access the S3 objects.
|
|
5020
5033
|
:param type_name: The name of the resource being registered. We recommend that resource names adhere to the following pattern: *company_or_organization* :: *service* :: *type* . .. epigraph:: The following organization namespaces are reserved and can't be used in your resource names: - ``Alexa`` - ``AMZN`` - ``Amazon`` - ``AWS`` - ``Custom`` - ``Dev``
|
|
5021
|
-
:param execution_role_arn: The Amazon Resource Name (ARN) of the IAM role for CloudFormation to assume when invoking the resource. If your resource calls AWS APIs in any of its handlers, you must create an
|
|
5034
|
+
:param execution_role_arn: The Amazon Resource Name (ARN) of the IAM role for CloudFormation to assume when invoking the resource. If your resource calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. When CloudFormation needs to invoke the resource type handler, CloudFormation assumes this execution role to create a temporary session token, which it then passes to the resource type handler, thereby supplying your resource type with the appropriate credentials.
|
|
5022
5035
|
:param logging_config: Logging configuration information for a resource.
|
|
5023
5036
|
|
|
5024
5037
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-resourceversion.html
|
|
@@ -5061,10 +5074,10 @@ class CfnResourceVersionProps:
|
|
|
5061
5074
|
def schema_handler_package(self) -> builtins.str:
|
|
5062
5075
|
'''A URL to the S3 bucket containing the resource project package that contains the necessary files for the resource you want to register.
|
|
5063
5076
|
|
|
5064
|
-
For information on generating a schema handler package
|
|
5077
|
+
For information on generating a schema handler package, see `Modeling resource types to use with AWS CloudFormation <https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-model.html>`_ in the *AWS CloudFormation Command Line Interface (CLI) User Guide* .
|
|
5065
5078
|
.. epigraph::
|
|
5066
5079
|
|
|
5067
|
-
|
|
5080
|
+
To register the resource version, you must have ``s3:GetObject`` permissions to access the S3 objects.
|
|
5068
5081
|
|
|
5069
5082
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-resourceversion.html#cfn-cloudformation-resourceversion-schemahandlerpackage
|
|
5070
5083
|
'''
|
|
@@ -5098,7 +5111,7 @@ class CfnResourceVersionProps:
|
|
|
5098
5111
|
def execution_role_arn(self) -> typing.Optional[builtins.str]:
|
|
5099
5112
|
'''The Amazon Resource Name (ARN) of the IAM role for CloudFormation to assume when invoking the resource.
|
|
5100
5113
|
|
|
5101
|
-
If your resource calls AWS APIs in any of its handlers, you must create an
|
|
5114
|
+
If your resource calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. When CloudFormation needs to invoke the resource type handler, CloudFormation assumes this execution role to create a temporary session token, which it then passes to the resource type handler, thereby supplying your resource type with the appropriate credentials.
|
|
5102
5115
|
|
|
5103
5116
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-resourceversion.html#cfn-cloudformation-resourceversion-executionrolearn
|
|
5104
5117
|
'''
|
|
@@ -5136,15 +5149,18 @@ class CfnStack(
|
|
|
5136
5149
|
):
|
|
5137
5150
|
'''The ``AWS::CloudFormation::Stack`` resource nests a stack as a resource in a top-level template.
|
|
5138
5151
|
|
|
5152
|
+
For more information, see `Embed stacks within other stacks using nested stacks <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-nested-stacks.html>`_ in the *AWS CloudFormation User Guide* .
|
|
5153
|
+
|
|
5139
5154
|
You can add output values from a nested stack within the containing template. You use the `GetAtt <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html>`_ function with the nested stack's logical name and the name of the output value in the nested stack in the format ``Outputs. *NestedStackOutputName*`` .
|
|
5140
|
-
.. epigraph::
|
|
5141
5155
|
|
|
5142
|
-
|
|
5156
|
+
We strongly recommend that updates to nested stacks are run from the parent stack.
|
|
5143
5157
|
|
|
5144
|
-
When you apply template changes to update a top-level stack, CloudFormation updates the top-level stack and initiates an update to its nested stacks. CloudFormation updates the resources of modified nested stacks, but doesn't update the resources of unmodified nested stacks.
|
|
5158
|
+
When you apply template changes to update a top-level stack, CloudFormation updates the top-level stack and initiates an update to its nested stacks. CloudFormation updates the resources of modified nested stacks, but doesn't update the resources of unmodified nested stacks.
|
|
5159
|
+
|
|
5160
|
+
You must acknowledge IAM capabilities for nested stacks that contain IAM resources. Also, verify that you have cancel update stack permissions, which is required if an update rolls back. For more information about IAM and CloudFormation , see `Controlling access with AWS Identity and Access Management <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/control-access-with-iam.html>`_ in the *AWS CloudFormation User Guide* .
|
|
5145
5161
|
.. epigraph::
|
|
5146
5162
|
|
|
5147
|
-
|
|
5163
|
+
A subset of ``AWS::CloudFormation::Stack`` resource type properties listed below are available to customers using CloudFormation , AWS CDK , and AWS Cloud Control API to configure.
|
|
5148
5164
|
|
|
5149
5165
|
- ``NotificationARNs``
|
|
5150
5166
|
- ``Parameters``
|
|
@@ -5152,7 +5168,7 @@ class CfnStack(
|
|
|
5152
5168
|
- ``TemplateURL``
|
|
5153
5169
|
- ``TimeoutInMinutes``
|
|
5154
5170
|
|
|
5155
|
-
These properties can be configured only when using AWS Cloud Control API . This is because the below properties are set by the parent stack, and thus cannot be configured using
|
|
5171
|
+
These properties can be configured only when using AWS Cloud Control API . This is because the below properties are set by the parent stack, and thus cannot be configured using CloudFormation or AWS CDK but only AWS Cloud Control API .
|
|
5156
5172
|
|
|
5157
5173
|
- ``Capabilities``
|
|
5158
5174
|
- ``Description``
|
|
@@ -5165,7 +5181,7 @@ class CfnStack(
|
|
|
5165
5181
|
- ``StackStatusReason``
|
|
5166
5182
|
- ``TemplateBody``
|
|
5167
5183
|
|
|
5168
|
-
Customers that configure ``AWS::CloudFormation::Stack`` using
|
|
5184
|
+
Customers that configure ``AWS::CloudFormation::Stack`` using CloudFormation and AWS CDK can do so for nesting a CloudFormation stack as a resource in their top-level template.
|
|
5169
5185
|
|
|
5170
5186
|
These read-only properties can be accessed only when using AWS Cloud Control API .
|
|
5171
5187
|
|
|
@@ -5219,7 +5235,7 @@ class CfnStack(
|
|
|
5219
5235
|
:param notification_arns: The Amazon SNS topic ARNs to publish stack related events. You can find your Amazon SNS topic ARNs using the Amazon SNS console or your Command Line Interface (CLI).
|
|
5220
5236
|
:param parameters: The set value pairs that represent the parameters passed to CloudFormation when this nested stack is created. Each parameter has a name corresponding to a parameter defined in the embedded template and a value representing the value that you want to set for the parameter. .. epigraph:: If you use the ``Ref`` function to pass a parameter value to a nested stack, comma-delimited list parameters must be of type ``String`` . In other words, you can't pass values that are of type ``CommaDelimitedList`` to nested stacks. Conditional. Required if the nested stack requires input parameters. Whether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.
|
|
5221
5237
|
:param tags: Key-value pairs to associate with this stack. CloudFormation also propagates these tags to the resources created in the stack. A maximum number of 50 tags can be specified.
|
|
5222
|
-
:param template_url:
|
|
5238
|
+
:param template_url: The URL of a file containing the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket. The location for an Amazon S3 bucket must start with ``https://`` . Whether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.
|
|
5223
5239
|
:param timeout_in_minutes: The length of time, in minutes, that CloudFormation waits for the nested stack to reach the ``CREATE_COMPLETE`` state. The default is no timeout. When CloudFormation detects that the nested stack has reached the ``CREATE_COMPLETE`` state, it marks the nested stack resource as ``CREATE_COMPLETE`` in the parent stack and resumes creating the parent stack. If the timeout period expires before the nested stack reaches ``CREATE_COMPLETE`` , CloudFormation marks the nested stack as failed and rolls back both the nested stack and parent stack. Updates aren't supported.
|
|
5224
5240
|
'''
|
|
5225
5241
|
if __debug__:
|
|
@@ -5311,8 +5327,6 @@ class CfnStack(
|
|
|
5311
5327
|
|
|
5312
5328
|
For the first level of nested stacks, the root stack is also the parent stack.
|
|
5313
5329
|
|
|
5314
|
-
For more information, see `Working with Nested Stacks <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-nested-stacks.html>`_ in the *AWS CloudFormation User Guide* .
|
|
5315
|
-
|
|
5316
5330
|
:cloudformationAttribute: ParentId
|
|
5317
5331
|
'''
|
|
5318
5332
|
return typing.cast(builtins.str, jsii.get(self, "attrParentId"))
|
|
@@ -5322,8 +5336,6 @@ class CfnStack(
|
|
|
5322
5336
|
def attr_root_id(self) -> builtins.str:
|
|
5323
5337
|
'''For nested stacks--stacks created as resources for another stack--returns the stack ID of the top-level stack to which the nested stack ultimately belongs.
|
|
5324
5338
|
|
|
5325
|
-
For more information, see `Working with Nested Stacks <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-nested-stacks.html>`_ in the *AWS CloudFormation User Guide* .
|
|
5326
|
-
|
|
5327
5339
|
:cloudformationAttribute: RootId
|
|
5328
5340
|
'''
|
|
5329
5341
|
return typing.cast(builtins.str, jsii.get(self, "attrRootId"))
|
|
@@ -5407,7 +5419,7 @@ class CfnStack(
|
|
|
5407
5419
|
@builtins.property
|
|
5408
5420
|
@jsii.member(jsii_name="templateUrl")
|
|
5409
5421
|
def template_url(self) -> typing.Optional[builtins.str]:
|
|
5410
|
-
'''
|
|
5422
|
+
'''The URL of a file containing the template body.'''
|
|
5411
5423
|
return typing.cast(typing.Optional[builtins.str], jsii.get(self, "templateUrl"))
|
|
5412
5424
|
|
|
5413
5425
|
@template_url.setter
|
|
@@ -5562,7 +5574,7 @@ class CfnStackProps:
|
|
|
5562
5574
|
:param notification_arns: The Amazon SNS topic ARNs to publish stack related events. You can find your Amazon SNS topic ARNs using the Amazon SNS console or your Command Line Interface (CLI).
|
|
5563
5575
|
:param parameters: The set value pairs that represent the parameters passed to CloudFormation when this nested stack is created. Each parameter has a name corresponding to a parameter defined in the embedded template and a value representing the value that you want to set for the parameter. .. epigraph:: If you use the ``Ref`` function to pass a parameter value to a nested stack, comma-delimited list parameters must be of type ``String`` . In other words, you can't pass values that are of type ``CommaDelimitedList`` to nested stacks. Conditional. Required if the nested stack requires input parameters. Whether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.
|
|
5564
5576
|
:param tags: Key-value pairs to associate with this stack. CloudFormation also propagates these tags to the resources created in the stack. A maximum number of 50 tags can be specified.
|
|
5565
|
-
:param template_url:
|
|
5577
|
+
:param template_url: The URL of a file containing the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket. The location for an Amazon S3 bucket must start with ``https://`` . Whether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.
|
|
5566
5578
|
:param timeout_in_minutes: The length of time, in minutes, that CloudFormation waits for the nested stack to reach the ``CREATE_COMPLETE`` state. The default is no timeout. When CloudFormation detects that the nested stack has reached the ``CREATE_COMPLETE`` state, it marks the nested stack resource as ``CREATE_COMPLETE`` in the parent stack and resumes creating the parent stack. If the timeout period expires before the nested stack reaches ``CREATE_COMPLETE`` , CloudFormation marks the nested stack as failed and rolls back both the nested stack and parent stack. Updates aren't supported.
|
|
5567
5579
|
|
|
5568
5580
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-stack.html
|
|
@@ -5650,9 +5662,9 @@ class CfnStackProps:
|
|
|
5650
5662
|
|
|
5651
5663
|
@builtins.property
|
|
5652
5664
|
def template_url(self) -> typing.Optional[builtins.str]:
|
|
5653
|
-
'''
|
|
5665
|
+
'''The URL of a file containing the template body.
|
|
5654
5666
|
|
|
5655
|
-
The URL must point to a template (max size:
|
|
5667
|
+
The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket. The location for an Amazon S3 bucket must start with ``https://`` .
|
|
5656
5668
|
|
|
5657
5669
|
Whether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.
|
|
5658
5670
|
|
|
@@ -5692,7 +5704,7 @@ class CfnStackSet(
|
|
|
5692
5704
|
metaclass=jsii.JSIIMeta,
|
|
5693
5705
|
jsii_type="aws-cdk-lib.aws_cloudformation.CfnStackSet",
|
|
5694
5706
|
):
|
|
5695
|
-
'''The ``AWS::CloudFormation::StackSet`` enables you to provision stacks into AWS accounts and across Regions by using a single CloudFormation template.
|
|
5707
|
+
'''The ``AWS::CloudFormation::StackSet`` resource enables you to provision stacks into AWS accounts and across Regions by using a single CloudFormation template.
|
|
5696
5708
|
|
|
5697
5709
|
In the stack set, you specify the template to use, in addition to any parameters and capabilities that the template requires.
|
|
5698
5710
|
.. epigraph::
|
|
@@ -5787,21 +5799,21 @@ class CfnStackSet(
|
|
|
5787
5799
|
'''
|
|
5788
5800
|
:param scope: Scope in which this resource is defined.
|
|
5789
5801
|
:param id: Construct identifier for this resource (unique in its scope).
|
|
5790
|
-
:param permission_model: Describes how the IAM roles required for stack set operations are created. - With ``SELF_MANAGED`` permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see `Grant
|
|
5802
|
+
:param permission_model: Describes how the IAM roles required for stack set operations are created. - With ``SELF_MANAGED`` permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see `Grant self-managed permissions <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html>`_ in the *AWS CloudFormation User Guide* . - With ``SERVICE_MANAGED`` permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations . For more information, see `Activate trusted access for stack sets with AWS Organizations <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-activate-trusted-access.html>`_ in the *AWS CloudFormation User Guide* .
|
|
5791
5803
|
:param stack_set_name: The name to associate with the stack set. The name must be unique in the Region where you create your stack set. .. epigraph:: The ``StackSetName`` property is required.
|
|
5792
|
-
:param administration_role_arn: The Amazon Resource Number (ARN) of the IAM role to use to create this stack set. Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. Use customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see `
|
|
5804
|
+
:param administration_role_arn: The Amazon Resource Number (ARN) of the IAM role to use to create this stack set. Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. Use customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see `Grant self-managed permissions <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html>`_ in the *AWS CloudFormation User Guide* . *Minimum* : ``20`` *Maximum* : ``2048``
|
|
5793
5805
|
:param auto_deployment: [ ``Service-managed`` permissions] Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU).
|
|
5794
5806
|
:param call_as: [Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. By default, ``SELF`` is specified. Use ``SELF`` for stack sets with self-managed permissions. - To create a stack set with service-managed permissions while signed in to the management account, specify ``SELF`` . - To create a stack set with service-managed permissions while signed in to a delegated administrator account, specify ``DELEGATED_ADMIN`` . Your AWS account must be registered as a delegated admin in the management account. For more information, see `Register a delegated administrator <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-delegated-admin.html>`_ in the *AWS CloudFormation User Guide* . Stack sets with service-managed permissions are created in the management account, including stack sets that are created by delegated administrators. *Valid Values* : ``SELF`` | ``DELEGATED_ADMIN``
|
|
5795
|
-
:param capabilities: The capabilities that are allowed in the stack set. Some stack set templates might include resources that can affect permissions in your AWS account —for example, by creating new
|
|
5807
|
+
:param capabilities: The capabilities that are allowed in the stack set. Some stack set templates might include resources that can affect permissions in your AWS account —for example, by creating new IAM users. For more information, see `Acknowledging IAM resources in CloudFormation templates <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/control-access-with-iam.html#using-iam-capabilities>`_ in the *AWS CloudFormation User Guide* .
|
|
5796
5808
|
:param description: A description of the stack set. *Minimum* : ``1`` *Maximum* : ``1024``
|
|
5797
|
-
:param execution_role_name: The name of the IAM execution role to use to create the stack set. If you don't specify an execution role,
|
|
5809
|
+
:param execution_role_name: The name of the IAM execution role to use to create the stack set. If you don't specify an execution role, CloudFormation uses the ``AWSCloudFormationStackSetExecutionRole`` role for the stack set operation. *Minimum* : ``1`` *Maximum* : ``64`` *Pattern* : ``[a-zA-Z_0-9+=,.@-]+``
|
|
5798
5810
|
:param managed_execution: Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations. When active, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order. .. epigraph:: If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting. You can't modify your stack set's execution configuration while there are running or queued operations for that stack set. When inactive (default), StackSets performs one operation at a time in request order.
|
|
5799
|
-
:param operation_preferences: The user-specified preferences for how
|
|
5811
|
+
:param operation_preferences: The user-specified preferences for how CloudFormation performs a stack set operation.
|
|
5800
5812
|
:param parameters: The input parameters for the stack set template.
|
|
5801
5813
|
:param stack_instances_group: A group of stack instances with parameters in some specific accounts and Regions.
|
|
5802
5814
|
:param tags: Key-value pairs to associate with this stack. CloudFormation also propagates these tags to supported resources in the stack. You can specify a maximum number of 50 tags. If you don't specify this parameter, CloudFormation doesn't modify the stack's tags. If you specify an empty value, CloudFormation removes all associated tags.
|
|
5803
5815
|
:param template_body: The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes. You must include either ``TemplateURL`` or ``TemplateBody`` in a StackSet, but you can't use both. Dynamic references in the ``TemplateBody`` may not work correctly in all cases. It's recommended to pass templates containing dynamic references through ``TemplateUrl`` instead.
|
|
5804
|
-
:param template_url:
|
|
5816
|
+
:param template_url: The URL of a file containing the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket or a Systems Manager document. The location for an Amazon S3 bucket must start with ``https://`` . Conditional: You must specify only one of the following parameters: ``TemplateBody`` , ``TemplateURL`` .
|
|
5805
5817
|
'''
|
|
5806
5818
|
if __debug__:
|
|
5807
5819
|
type_hints = typing.get_type_hints(_typecheckingstub__6d9c85250c99fa8473d88e65c23c7c33031b75b34da26e2bece38ee28bd4570d)
|
|
@@ -6004,7 +6016,7 @@ class CfnStackSet(
|
|
|
6004
6016
|
def operation_preferences(
|
|
6005
6017
|
self,
|
|
6006
6018
|
) -> typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnStackSet.OperationPreferencesProperty"]]:
|
|
6007
|
-
'''The user-specified preferences for how
|
|
6019
|
+
'''The user-specified preferences for how CloudFormation performs a stack set operation.'''
|
|
6008
6020
|
return typing.cast(typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnStackSet.OperationPreferencesProperty"]], jsii.get(self, "operationPreferences"))
|
|
6009
6021
|
|
|
6010
6022
|
@operation_preferences.setter
|
|
@@ -6082,7 +6094,7 @@ class CfnStackSet(
|
|
|
6082
6094
|
@builtins.property
|
|
6083
6095
|
@jsii.member(jsii_name="templateUrl")
|
|
6084
6096
|
def template_url(self) -> typing.Optional[builtins.str]:
|
|
6085
|
-
'''
|
|
6097
|
+
'''The URL of a file containing the template body.'''
|
|
6086
6098
|
return typing.cast(typing.Optional[builtins.str], jsii.get(self, "templateUrl"))
|
|
6087
6099
|
|
|
6088
6100
|
@template_url.setter
|
|
@@ -6195,9 +6207,9 @@ class CfnStackSet(
|
|
|
6195
6207
|
'''The AWS OrganizationalUnitIds or Accounts for which to create stack instances in the specified Regions.
|
|
6196
6208
|
|
|
6197
6209
|
:param account_filter_type: Limit deployment targets to individual accounts or include additional accounts with provided OUs. The following is a list of possible values for the ``AccountFilterType`` operation. - ``INTERSECTION`` : StackSet deploys to the accounts specified in the ``Accounts`` parameter. - ``DIFFERENCE`` : StackSet deploys to the OU, excluding the accounts specified in the ``Accounts`` parameter. - ``UNION`` StackSet deploys to the OU, and the accounts specified in the ``Accounts`` parameter. ``UNION`` is not supported for create operations when using StackSet as a resource.
|
|
6198
|
-
:param accounts: The
|
|
6199
|
-
:param accounts_url:
|
|
6200
|
-
:param organizational_unit_ids: The organization root ID or organizational unit (OU) IDs
|
|
6210
|
+
:param accounts: The account IDs of the AWS accounts . If you have many account numbers, you can provide those accounts using the ``AccountsUrl`` property instead. *Pattern* : ``^[0-9]{12}$``
|
|
6211
|
+
:param accounts_url: The Amazon S3 URL path to a file that contains a list of AWS account IDs. The file format must be either ``.csv`` or ``.txt`` , and the data can be comma-separated or new-line-separated. There is currently a 10MB limit for the data (approximately 800,000 accounts).
|
|
6212
|
+
:param organizational_unit_ids: The organization root ID or organizational unit (OU) IDs. *Pattern* : ``^(ou-[a-z0-9]{4,32}-[a-z0-9]{8,32}|r-[a-z0-9]{4,32})$``
|
|
6201
6213
|
|
|
6202
6214
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-stackset-deploymenttargets.html
|
|
6203
6215
|
:exampleMetadata: fixture=_generated
|
|
@@ -6248,7 +6260,9 @@ class CfnStackSet(
|
|
|
6248
6260
|
|
|
6249
6261
|
@builtins.property
|
|
6250
6262
|
def accounts(self) -> typing.Optional[typing.List[builtins.str]]:
|
|
6251
|
-
'''The
|
|
6263
|
+
'''The account IDs of the AWS accounts .
|
|
6264
|
+
|
|
6265
|
+
If you have many account numbers, you can provide those accounts using the ``AccountsUrl`` property instead.
|
|
6252
6266
|
|
|
6253
6267
|
*Pattern* : ``^[0-9]{12}$``
|
|
6254
6268
|
|
|
@@ -6259,7 +6273,9 @@ class CfnStackSet(
|
|
|
6259
6273
|
|
|
6260
6274
|
@builtins.property
|
|
6261
6275
|
def accounts_url(self) -> typing.Optional[builtins.str]:
|
|
6262
|
-
'''
|
|
6276
|
+
'''The Amazon S3 URL path to a file that contains a list of AWS account IDs.
|
|
6277
|
+
|
|
6278
|
+
The file format must be either ``.csv`` or ``.txt`` , and the data can be comma-separated or new-line-separated. There is currently a 10MB limit for the data (approximately 800,000 accounts).
|
|
6263
6279
|
|
|
6264
6280
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-stackset-deploymenttargets.html#cfn-cloudformation-stackset-deploymenttargets-accountsurl
|
|
6265
6281
|
'''
|
|
@@ -6268,7 +6284,7 @@ class CfnStackSet(
|
|
|
6268
6284
|
|
|
6269
6285
|
@builtins.property
|
|
6270
6286
|
def organizational_unit_ids(self) -> typing.Optional[typing.List[builtins.str]]:
|
|
6271
|
-
'''The organization root ID or organizational unit (OU) IDs
|
|
6287
|
+
'''The organization root ID or organizational unit (OU) IDs.
|
|
6272
6288
|
|
|
6273
6289
|
*Pattern* : ``^(ou-[a-z0-9]{4,32}-[a-z0-9]{8,32}|r-[a-z0-9]{4,32})$``
|
|
6274
6290
|
|
|
@@ -6379,15 +6395,15 @@ class CfnStackSet(
|
|
|
6379
6395
|
region_concurrency_type: typing.Optional[builtins.str] = None,
|
|
6380
6396
|
region_order: typing.Optional[typing.Sequence[builtins.str]] = None,
|
|
6381
6397
|
) -> None:
|
|
6382
|
-
'''The user-specified preferences for how
|
|
6398
|
+
'''The user-specified preferences for how CloudFormation performs a stack set operation.
|
|
6383
6399
|
|
|
6384
|
-
For more information on maximum concurrent accounts and failure tolerance, see `Stack set operation options <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-concepts.html#stackset-ops-options>`_ .
|
|
6400
|
+
For more information on maximum concurrent accounts and failure tolerance, see `Stack set operation options <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-concepts.html#stackset-ops-options>`_ in the *AWS CloudFormation User Guide* .
|
|
6385
6401
|
|
|
6386
6402
|
:param concurrency_mode: Specifies how the concurrency level behaves during the operation execution. - ``STRICT_FAILURE_TOLERANCE`` : This option dynamically lowers the concurrency level to ensure the number of failed accounts never exceeds the value of ``FailureToleranceCount`` +1. The initial actual concurrency is set to the lower of either the value of the ``MaxConcurrentCount`` , or the value of ``FailureToleranceCount`` +1. The actual concurrency is then reduced proportionally by the number of failures. This is the default behavior. If failure tolerance or Maximum concurrent accounts are set to percentages, the behavior is similar. - ``SOFT_FAILURE_TOLERANCE`` : This option decouples ``FailureToleranceCount`` from the actual concurrency. This allows stack set operations to run at the concurrency level set by the ``MaxConcurrentCount`` value, or ``MaxConcurrentPercentage`` , regardless of the number of failures.
|
|
6387
|
-
:param failure_tolerance_count: The number of accounts, per Region, for which this operation can fail before
|
|
6388
|
-
:param failure_tolerance_percentage: The percentage of accounts, per Region, for which this stack operation can fail before
|
|
6403
|
+
:param failure_tolerance_count: The number of accounts, per Region, for which this operation can fail before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions. Conditional: You must specify either ``FailureToleranceCount`` or ``FailureTolerancePercentage`` (but not both).
|
|
6404
|
+
:param failure_tolerance_percentage: The percentage of accounts, per Region, for which this stack operation can fail before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions. When calculating the number of accounts based on the specified percentage, CloudFormation rounds *down* to the next whole number. Conditional: You must specify either ``FailureToleranceCount`` or ``FailureTolerancePercentage`` , but not both.
|
|
6389
6405
|
:param max_concurrent_count: The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of ``FailureToleranceCount`` . ``MaxConcurrentCount`` is at most one more than the ``FailureToleranceCount`` . Note that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling. Conditional: You must specify either ``MaxConcurrentCount`` or ``MaxConcurrentPercentage`` , but not both.
|
|
6390
|
-
:param max_concurrent_percentage: The maximum percentage of accounts in which to perform this operation at one time. When calculating the number of accounts based on the specified percentage,
|
|
6406
|
+
:param max_concurrent_percentage: The maximum percentage of accounts in which to perform this operation at one time. When calculating the number of accounts based on the specified percentage, CloudFormation rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, CloudFormation sets the number as one instead. Note that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling. Conditional: You must specify either ``MaxConcurrentCount`` or ``MaxConcurrentPercentage`` , but not both.
|
|
6391
6407
|
:param region_concurrency_type: The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.
|
|
6392
6408
|
:param region_order: The order of the Regions where you want to perform the stack operation. .. epigraph:: ``RegionOrder`` isn't followed if ``AutoDeployment`` is enabled.
|
|
6393
6409
|
|
|
@@ -6452,9 +6468,9 @@ class CfnStackSet(
|
|
|
6452
6468
|
|
|
6453
6469
|
@builtins.property
|
|
6454
6470
|
def failure_tolerance_count(self) -> typing.Optional[jsii.Number]:
|
|
6455
|
-
'''The number of accounts, per Region, for which this operation can fail before
|
|
6471
|
+
'''The number of accounts, per Region, for which this operation can fail before CloudFormation stops the operation in that Region.
|
|
6456
6472
|
|
|
6457
|
-
If the operation is stopped in a Region,
|
|
6473
|
+
If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.
|
|
6458
6474
|
|
|
6459
6475
|
Conditional: You must specify either ``FailureToleranceCount`` or ``FailureTolerancePercentage`` (but not both).
|
|
6460
6476
|
|
|
@@ -6465,11 +6481,11 @@ class CfnStackSet(
|
|
|
6465
6481
|
|
|
6466
6482
|
@builtins.property
|
|
6467
6483
|
def failure_tolerance_percentage(self) -> typing.Optional[jsii.Number]:
|
|
6468
|
-
'''The percentage of accounts, per Region, for which this stack operation can fail before
|
|
6484
|
+
'''The percentage of accounts, per Region, for which this stack operation can fail before CloudFormation stops the operation in that Region.
|
|
6469
6485
|
|
|
6470
|
-
If the operation is stopped in a Region,
|
|
6486
|
+
If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions.
|
|
6471
6487
|
|
|
6472
|
-
When calculating the number of accounts based on the specified percentage,
|
|
6488
|
+
When calculating the number of accounts based on the specified percentage, CloudFormation rounds *down* to the next whole number.
|
|
6473
6489
|
|
|
6474
6490
|
Conditional: You must specify either ``FailureToleranceCount`` or ``FailureTolerancePercentage`` , but not both.
|
|
6475
6491
|
|
|
@@ -6497,7 +6513,7 @@ class CfnStackSet(
|
|
|
6497
6513
|
def max_concurrent_percentage(self) -> typing.Optional[jsii.Number]:
|
|
6498
6514
|
'''The maximum percentage of accounts in which to perform this operation at one time.
|
|
6499
6515
|
|
|
6500
|
-
When calculating the number of accounts based on the specified percentage,
|
|
6516
|
+
When calculating the number of accounts based on the specified percentage, CloudFormation rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, CloudFormation sets the number as one instead.
|
|
6501
6517
|
|
|
6502
6518
|
Note that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.
|
|
6503
6519
|
|
|
@@ -6558,7 +6574,7 @@ class CfnStackSet(
|
|
|
6558
6574
|
) -> None:
|
|
6559
6575
|
'''The Parameter data type.
|
|
6560
6576
|
|
|
6561
|
-
:param parameter_key: The key associated with the parameter. If you don't specify a key and value for a particular parameter,
|
|
6577
|
+
:param parameter_key: The key associated with the parameter. If you don't specify a key and value for a particular parameter, CloudFormation uses the default value that's specified in your template.
|
|
6562
6578
|
:param parameter_value: The input value associated with the parameter.
|
|
6563
6579
|
|
|
6564
6580
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-stackset-parameter.html
|
|
@@ -6588,7 +6604,7 @@ class CfnStackSet(
|
|
|
6588
6604
|
def parameter_key(self) -> builtins.str:
|
|
6589
6605
|
'''The key associated with the parameter.
|
|
6590
6606
|
|
|
6591
|
-
If you don't specify a key and value for a particular parameter,
|
|
6607
|
+
If you don't specify a key and value for a particular parameter, CloudFormation uses the default value that's specified in your template.
|
|
6592
6608
|
|
|
6593
6609
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudformation-stackset-parameter.html#cfn-cloudformation-stackset-parameter-parameterkey
|
|
6594
6610
|
'''
|
|
@@ -6765,21 +6781,21 @@ class CfnStackSetProps:
|
|
|
6765
6781
|
) -> None:
|
|
6766
6782
|
'''Properties for defining a ``CfnStackSet``.
|
|
6767
6783
|
|
|
6768
|
-
:param permission_model: Describes how the IAM roles required for stack set operations are created. - With ``SELF_MANAGED`` permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see `Grant
|
|
6784
|
+
:param permission_model: Describes how the IAM roles required for stack set operations are created. - With ``SELF_MANAGED`` permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see `Grant self-managed permissions <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html>`_ in the *AWS CloudFormation User Guide* . - With ``SERVICE_MANAGED`` permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations . For more information, see `Activate trusted access for stack sets with AWS Organizations <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-activate-trusted-access.html>`_ in the *AWS CloudFormation User Guide* .
|
|
6769
6785
|
:param stack_set_name: The name to associate with the stack set. The name must be unique in the Region where you create your stack set. .. epigraph:: The ``StackSetName`` property is required.
|
|
6770
|
-
:param administration_role_arn: The Amazon Resource Number (ARN) of the IAM role to use to create this stack set. Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. Use customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see `
|
|
6786
|
+
:param administration_role_arn: The Amazon Resource Number (ARN) of the IAM role to use to create this stack set. Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. Use customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see `Grant self-managed permissions <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html>`_ in the *AWS CloudFormation User Guide* . *Minimum* : ``20`` *Maximum* : ``2048``
|
|
6771
6787
|
:param auto_deployment: [ ``Service-managed`` permissions] Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU).
|
|
6772
6788
|
:param call_as: [Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account. By default, ``SELF`` is specified. Use ``SELF`` for stack sets with self-managed permissions. - To create a stack set with service-managed permissions while signed in to the management account, specify ``SELF`` . - To create a stack set with service-managed permissions while signed in to a delegated administrator account, specify ``DELEGATED_ADMIN`` . Your AWS account must be registered as a delegated admin in the management account. For more information, see `Register a delegated administrator <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-delegated-admin.html>`_ in the *AWS CloudFormation User Guide* . Stack sets with service-managed permissions are created in the management account, including stack sets that are created by delegated administrators. *Valid Values* : ``SELF`` | ``DELEGATED_ADMIN``
|
|
6773
|
-
:param capabilities: The capabilities that are allowed in the stack set. Some stack set templates might include resources that can affect permissions in your AWS account —for example, by creating new
|
|
6789
|
+
:param capabilities: The capabilities that are allowed in the stack set. Some stack set templates might include resources that can affect permissions in your AWS account —for example, by creating new IAM users. For more information, see `Acknowledging IAM resources in CloudFormation templates <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/control-access-with-iam.html#using-iam-capabilities>`_ in the *AWS CloudFormation User Guide* .
|
|
6774
6790
|
:param description: A description of the stack set. *Minimum* : ``1`` *Maximum* : ``1024``
|
|
6775
|
-
:param execution_role_name: The name of the IAM execution role to use to create the stack set. If you don't specify an execution role,
|
|
6791
|
+
:param execution_role_name: The name of the IAM execution role to use to create the stack set. If you don't specify an execution role, CloudFormation uses the ``AWSCloudFormationStackSetExecutionRole`` role for the stack set operation. *Minimum* : ``1`` *Maximum* : ``64`` *Pattern* : ``[a-zA-Z_0-9+=,.@-]+``
|
|
6776
6792
|
:param managed_execution: Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations. When active, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order. .. epigraph:: If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting. You can't modify your stack set's execution configuration while there are running or queued operations for that stack set. When inactive (default), StackSets performs one operation at a time in request order.
|
|
6777
|
-
:param operation_preferences: The user-specified preferences for how
|
|
6793
|
+
:param operation_preferences: The user-specified preferences for how CloudFormation performs a stack set operation.
|
|
6778
6794
|
:param parameters: The input parameters for the stack set template.
|
|
6779
6795
|
:param stack_instances_group: A group of stack instances with parameters in some specific accounts and Regions.
|
|
6780
6796
|
:param tags: Key-value pairs to associate with this stack. CloudFormation also propagates these tags to supported resources in the stack. You can specify a maximum number of 50 tags. If you don't specify this parameter, CloudFormation doesn't modify the stack's tags. If you specify an empty value, CloudFormation removes all associated tags.
|
|
6781
6797
|
:param template_body: The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes. You must include either ``TemplateURL`` or ``TemplateBody`` in a StackSet, but you can't use both. Dynamic references in the ``TemplateBody`` may not work correctly in all cases. It's recommended to pass templates containing dynamic references through ``TemplateUrl`` instead.
|
|
6782
|
-
:param template_url:
|
|
6798
|
+
:param template_url: The URL of a file containing the template body. The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket or a Systems Manager document. The location for an Amazon S3 bucket must start with ``https://`` . Conditional: You must specify only one of the following parameters: ``TemplateBody`` , ``TemplateURL`` .
|
|
6783
6799
|
|
|
6784
6800
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-stackset.html
|
|
6785
6801
|
:exampleMetadata: fixture=_generated
|
|
@@ -6895,8 +6911,8 @@ class CfnStackSetProps:
|
|
|
6895
6911
|
def permission_model(self) -> builtins.str:
|
|
6896
6912
|
'''Describes how the IAM roles required for stack set operations are created.
|
|
6897
6913
|
|
|
6898
|
-
- With ``SELF_MANAGED`` permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see `Grant
|
|
6899
|
-
- With ``SERVICE_MANAGED`` permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations .
|
|
6914
|
+
- With ``SELF_MANAGED`` permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see `Grant self-managed permissions <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html>`_ in the *AWS CloudFormation User Guide* .
|
|
6915
|
+
- With ``SERVICE_MANAGED`` permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations . For more information, see `Activate trusted access for stack sets with AWS Organizations <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-activate-trusted-access.html>`_ in the *AWS CloudFormation User Guide* .
|
|
6900
6916
|
|
|
6901
6917
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-stackset.html#cfn-cloudformation-stackset-permissionmodel
|
|
6902
6918
|
'''
|
|
@@ -6925,7 +6941,7 @@ class CfnStackSetProps:
|
|
|
6925
6941
|
|
|
6926
6942
|
Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account.
|
|
6927
6943
|
|
|
6928
|
-
Use customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see `
|
|
6944
|
+
Use customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see `Grant self-managed permissions <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html>`_ in the *AWS CloudFormation User Guide* .
|
|
6929
6945
|
|
|
6930
6946
|
*Minimum* : ``20``
|
|
6931
6947
|
|
|
@@ -6971,7 +6987,7 @@ class CfnStackSetProps:
|
|
|
6971
6987
|
def capabilities(self) -> typing.Optional[typing.List[builtins.str]]:
|
|
6972
6988
|
'''The capabilities that are allowed in the stack set.
|
|
6973
6989
|
|
|
6974
|
-
Some stack set templates might include resources that can affect permissions in your AWS account —for example, by creating new
|
|
6990
|
+
Some stack set templates might include resources that can affect permissions in your AWS account —for example, by creating new IAM users. For more information, see `Acknowledging IAM resources in CloudFormation templates <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/control-access-with-iam.html#using-iam-capabilities>`_ in the *AWS CloudFormation User Guide* .
|
|
6975
6991
|
|
|
6976
6992
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-stackset.html#cfn-cloudformation-stackset-capabilities
|
|
6977
6993
|
'''
|
|
@@ -6995,7 +7011,7 @@ class CfnStackSetProps:
|
|
|
6995
7011
|
def execution_role_name(self) -> typing.Optional[builtins.str]:
|
|
6996
7012
|
'''The name of the IAM execution role to use to create the stack set.
|
|
6997
7013
|
|
|
6998
|
-
If you don't specify an execution role,
|
|
7014
|
+
If you don't specify an execution role, CloudFormation uses the ``AWSCloudFormationStackSetExecutionRole`` role for the stack set operation.
|
|
6999
7015
|
|
|
7000
7016
|
*Minimum* : ``1``
|
|
7001
7017
|
|
|
@@ -7030,7 +7046,7 @@ class CfnStackSetProps:
|
|
|
7030
7046
|
def operation_preferences(
|
|
7031
7047
|
self,
|
|
7032
7048
|
) -> typing.Optional[typing.Union[_IResolvable_da3f097b, CfnStackSet.OperationPreferencesProperty]]:
|
|
7033
|
-
'''The user-specified preferences for how
|
|
7049
|
+
'''The user-specified preferences for how CloudFormation performs a stack set operation.
|
|
7034
7050
|
|
|
7035
7051
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-stackset.html#cfn-cloudformation-stackset-operationpreferences
|
|
7036
7052
|
'''
|
|
@@ -7085,9 +7101,9 @@ class CfnStackSetProps:
|
|
|
7085
7101
|
|
|
7086
7102
|
@builtins.property
|
|
7087
7103
|
def template_url(self) -> typing.Optional[builtins.str]:
|
|
7088
|
-
'''
|
|
7104
|
+
'''The URL of a file containing the template body.
|
|
7089
7105
|
|
|
7090
|
-
The URL must point to a template that's located in an Amazon S3 bucket or a Systems Manager document.
|
|
7106
|
+
The URL must point to a template (max size: 1 MB) that's located in an Amazon S3 bucket or a Systems Manager document. The location for an Amazon S3 bucket must start with ``https://`` .
|
|
7091
7107
|
|
|
7092
7108
|
Conditional: You must specify only one of the following parameters: ``TemplateBody`` , ``TemplateURL`` .
|
|
7093
7109
|
|
|
@@ -7114,9 +7130,9 @@ class CfnTypeActivation(
|
|
|
7114
7130
|
metaclass=jsii.JSIIMeta,
|
|
7115
7131
|
jsii_type="aws-cdk-lib.aws_cloudformation.CfnTypeActivation",
|
|
7116
7132
|
):
|
|
7117
|
-
'''
|
|
7133
|
+
'''The ``AWS::CloudFormation::TypeActivation`` resource activates a public third-party extension, making it available for use in stack templates.
|
|
7118
7134
|
|
|
7119
|
-
|
|
7135
|
+
For information about the CloudFormation registry, see `Managing extensions with the CloudFormation registry <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/registry.html>`_ in the *AWS CloudFormation User Guide* .
|
|
7120
7136
|
|
|
7121
7137
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-typeactivation.html
|
|
7122
7138
|
:cloudformationResource: AWS::CloudFormation::TypeActivation
|
|
@@ -7689,21 +7705,12 @@ class CfnWaitCondition(
|
|
|
7689
7705
|
metaclass=jsii.JSIIMeta,
|
|
7690
7706
|
jsii_type="aws-cdk-lib.aws_cloudformation.CfnWaitCondition",
|
|
7691
7707
|
):
|
|
7692
|
-
'''
|
|
7693
|
-
|
|
7694
|
-
For Amazon EC2 and Auto Scaling resources, we recommend that you use a ``CreationPolicy`` attribute instead of wait conditions.
|
|
7695
|
-
|
|
7696
|
-
Add a CreationPolicy attribute to those resources, and use the cfn-signal helper script to signal when an instance creation process has completed successfully.
|
|
7697
|
-
|
|
7698
|
-
You can use a wait condition for situations like the following:
|
|
7708
|
+
'''The ``AWS::CloudFormation::WaitCondition`` resource provides a way to coordinate stack resource creation with configuration actions that are external to the stack creation or to track the status of a configuration process.
|
|
7699
7709
|
|
|
7700
|
-
-
|
|
7701
|
-
- To track the status of a configuration process.
|
|
7702
|
-
|
|
7703
|
-
For these situations, we recommend that you associate a `CreationPolicy <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-creationpolicy.html>`_ attribute with the wait condition so that you don't have to use a wait condition handle. For more information and an example, see `Creating wait conditions in a template <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-waitcondition.html>`_ . If you use a CreationPolicy with a wait condition, don't specify any of the wait condition's properties.
|
|
7710
|
+
In these situations, we recommend that you associate a ``CreationPolicy`` attribute with the wait condition instead of using a wait condition handle. For more information and an example, see `CreationPolicy attribute <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-creationpolicy.html>`_ in the *AWS CloudFormation User Guide* . If you use a ``CreationPolicy`` with a wait condition, don't specify any of the wait condition's properties.
|
|
7704
7711
|
.. epigraph::
|
|
7705
7712
|
|
|
7706
|
-
If you use
|
|
7713
|
+
If you use AWS PrivateLink , resources in the VPC that respond to wait conditions must have access to CloudFormation , specific Amazon S3 buckets. Resources must send wait condition responses to a presigned Amazon S3 URL. If they can't send responses to Amazon S3 , CloudFormation won't receive a response and the stack operation fails. For more information, see `Access CloudFormation using an interface endpoint ( AWS PrivateLink ) <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/vpc-interface-endpoints.html>`_ in the *AWS CloudFormation User Guide* . > For Amazon EC2 and Auto Scaling resources, we recommend that you use a ``CreationPolicy`` attribute instead of wait conditions. Add a ``CreationPolicy`` attribute to those resources, and use the ``cfn-signal`` helper script to signal when an instance creation process has completed successfully.
|
|
7707
7714
|
|
|
7708
7715
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-waitcondition.html
|
|
7709
7716
|
:cloudformationResource: AWS::CloudFormation::WaitCondition
|
|
@@ -7735,7 +7742,7 @@ class CfnWaitCondition(
|
|
|
7735
7742
|
:param scope: Scope in which this resource is defined.
|
|
7736
7743
|
:param id: Construct identifier for this resource (unique in its scope).
|
|
7737
7744
|
:param count: The number of success signals that CloudFormation must receive before it continues the stack creation process. When the wait condition receives the requisite number of success signals, CloudFormation resumes the creation of the stack. If the wait condition doesn't receive the specified number of success signals before the Timeout period expires, CloudFormation assumes that the wait condition has failed and rolls the stack back. Updates aren't supported.
|
|
7738
|
-
:param handle: A reference to the wait condition handle used to signal this wait condition. Use the ``Ref`` intrinsic function to specify an
|
|
7745
|
+
:param handle: A reference to the wait condition handle used to signal this wait condition. Use the ``Ref`` intrinsic function to specify an `AWS::CloudFormation::WaitConditionHandle <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-waitconditionhandle.html>`_ resource. Anytime you add a ``WaitCondition`` resource during a stack update, you must associate the wait condition with a new WaitConditionHandle resource. Don't reuse an old wait condition handle that has already been defined in the template. If you reuse a wait condition handle, the wait condition might evaluate old signals from a previous create or update stack command. Updates aren't supported.
|
|
7739
7746
|
:param timeout: The length of time (in seconds) to wait for the number of signals that the ``Count`` property specifies. ``Timeout`` is a minimum-bound property, meaning the timeout occurs no sooner than the time you specify, but can occur shortly thereafter. The maximum time that can be specified for this property is 12 hours (43200 seconds). Updates aren't supported.
|
|
7740
7747
|
'''
|
|
7741
7748
|
if __debug__:
|
|
@@ -7843,19 +7850,15 @@ class CfnWaitConditionHandle(
|
|
|
7843
7850
|
metaclass=jsii.JSIIMeta,
|
|
7844
7851
|
jsii_type="aws-cdk-lib.aws_cloudformation.CfnWaitConditionHandle",
|
|
7845
7852
|
):
|
|
7846
|
-
'''
|
|
7847
|
-
|
|
7848
|
-
For Amazon EC2 and Auto Scaling resources, we recommend that you use a ``CreationPolicy`` attribute instead of wait conditions.
|
|
7853
|
+
'''The ``AWS::CloudFormation::WaitConditionHandle`` type has no properties.
|
|
7849
7854
|
|
|
7850
|
-
|
|
7851
|
-
.. epigraph::
|
|
7855
|
+
When you reference the ``WaitConditionHandle`` resource by using the ``Ref`` function, CloudFormation returns a presigned URL. You pass this URL to applications or scripts that are running on your Amazon EC2 instances to send signals to that URL. An associated ``AWS::CloudFormation::WaitCondition`` resource checks the URL for the required number of success signals or for a failure signal.
|
|
7852
7856
|
|
|
7853
|
-
|
|
7857
|
+
For more information, see `Create wait conditions in a CloudFormation template <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-waitcondition.html>`_ in the *AWS CloudFormation User Guide* .
|
|
7854
7858
|
|
|
7855
|
-
|
|
7856
|
-
.. epigraph::
|
|
7859
|
+
Anytime you add a ``WaitCondition`` resource during a stack update or update a resource with a wait condition, you must associate the wait condition with a new ``WaitConditionHandle`` resource. Don't reuse an old wait condition handle that has already been defined in the template. If you reuse a wait condition handle, the wait condition might evaluate old signals from a previous create or update stack command.
|
|
7857
7860
|
|
|
7858
|
-
|
|
7861
|
+
Updates aren't supported for this resource.
|
|
7859
7862
|
|
|
7860
7863
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-waitconditionhandle.html
|
|
7861
7864
|
:cloudformationResource: AWS::CloudFormation::WaitConditionHandle
|
|
@@ -7978,7 +7981,7 @@ class CfnWaitConditionProps:
|
|
|
7978
7981
|
'''Properties for defining a ``CfnWaitCondition``.
|
|
7979
7982
|
|
|
7980
7983
|
:param count: The number of success signals that CloudFormation must receive before it continues the stack creation process. When the wait condition receives the requisite number of success signals, CloudFormation resumes the creation of the stack. If the wait condition doesn't receive the specified number of success signals before the Timeout period expires, CloudFormation assumes that the wait condition has failed and rolls the stack back. Updates aren't supported.
|
|
7981
|
-
:param handle: A reference to the wait condition handle used to signal this wait condition. Use the ``Ref`` intrinsic function to specify an
|
|
7984
|
+
:param handle: A reference to the wait condition handle used to signal this wait condition. Use the ``Ref`` intrinsic function to specify an `AWS::CloudFormation::WaitConditionHandle <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-waitconditionhandle.html>`_ resource. Anytime you add a ``WaitCondition`` resource during a stack update, you must associate the wait condition with a new WaitConditionHandle resource. Don't reuse an old wait condition handle that has already been defined in the template. If you reuse a wait condition handle, the wait condition might evaluate old signals from a previous create or update stack command. Updates aren't supported.
|
|
7982
7985
|
:param timeout: The length of time (in seconds) to wait for the number of signals that the ``Count`` property specifies. ``Timeout`` is a minimum-bound property, meaning the timeout occurs no sooner than the time you specify, but can occur shortly thereafter. The maximum time that can be specified for this property is 12 hours (43200 seconds). Updates aren't supported.
|
|
7983
7986
|
|
|
7984
7987
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-waitcondition.html
|
|
@@ -8026,7 +8029,7 @@ class CfnWaitConditionProps:
|
|
|
8026
8029
|
def handle(self) -> typing.Optional[builtins.str]:
|
|
8027
8030
|
'''A reference to the wait condition handle used to signal this wait condition.
|
|
8028
8031
|
|
|
8029
|
-
Use the ``Ref`` intrinsic function to specify an
|
|
8032
|
+
Use the ``Ref`` intrinsic function to specify an `AWS::CloudFormation::WaitConditionHandle <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-waitconditionhandle.html>`_ resource.
|
|
8030
8033
|
|
|
8031
8034
|
Anytime you add a ``WaitCondition`` resource during a stack update, you must associate the wait condition with a new WaitConditionHandle resource. Don't reuse an old wait condition handle that has already been defined in the template. If you reuse a wait condition handle, the wait condition might evaluate old signals from a previous create or update stack command.
|
|
8032
8035
|
|