aws-cdk-lib 2.175.1__py3-none-any.whl → 2.176.0__py3-none-any.whl

aws_cdk/aws_ecs/__init__.py

@@ -355,6 +355,17 @@ cluster.add_capacity("ASGEncryptedSNS",
 )
 ```
 
+### Container Insights
+
+On a cluster, CloudWatch Container Insights can be enabled by setting the `containerInsightsV2` property. [Container Insights](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html)
+can be disabled, enabled, or enhanced.
+
+```python
+cluster = ecs.Cluster(self, "Cluster",
+    container_insights_v2=ecs.ContainerInsights.ENHANCED
+)
+```
+
 ## Task definitions
 
 A task definition describes what a single copy of a **task** should look like.
@@ -1200,7 +1211,7 @@ task_definition.add_container("TheContainer",
 
 # An Rule that describes the event trigger (in this case a scheduled run)
 rule = events.Rule(self, "Rule",
-    schedule=events.Schedule.expression("rate(1 min)")
+    schedule=events.Schedule.expression("rate(1 minute)")
 )
 
 # Pass an environment variable to the container 'TheContainer' in the task
@@ -4360,7 +4371,7 @@ class AwsLogDriverMode(enum.Enum):
         
         # An Rule that describes the event trigger (in this case a scheduled run)
         rule = events.Rule(self, "Rule",
-            schedule=events.Schedule.expression("rate(1 min)")
+            schedule=events.Schedule.expression("rate(1 minute)")
         )
         
         # Pass an environment variable to the container 'TheContainer' in the task
@@ -19674,6 +19685,7 @@ class ClusterAttributes:
         "capacity": "capacity",
         "cluster_name": "clusterName",
         "container_insights": "containerInsights",
+        "container_insights_v2": "containerInsightsV2",
         "default_cloud_map_namespace": "defaultCloudMapNamespace",
         "enable_fargate_capacity_providers": "enableFargateCapacityProviders",
         "execute_command_configuration": "executeCommandConfiguration",
@@ -19688,6 +19700,7 @@ class ClusterProps:
         capacity: typing.Optional[typing.Union[AddCapacityOptions, typing.Dict[builtins.str, typing.Any]]] = None,
         cluster_name: typing.Optional[builtins.str] = None,
         container_insights: typing.Optional[builtins.bool] = None,
+        container_insights_v2: typing.Optional["ContainerInsights"] = None,
         default_cloud_map_namespace: typing.Optional[typing.Union[CloudMapNamespaceOptions, typing.Dict[builtins.str, typing.Any]]] = None,
         enable_fargate_capacity_providers: typing.Optional[builtins.bool] = None,
         execute_command_configuration: typing.Optional[typing.Union["ExecuteCommandConfiguration", typing.Dict[builtins.str, typing.Any]]] = None,
@@ -19698,7 +19711,8 @@ class ClusterProps:
 
         :param capacity: The ec2 capacity to add to the cluster. Default: - no EC2 capacity will be added, you can use ``addCapacity`` to add capacity later.
         :param cluster_name: The name for the cluster. Default: CloudFormation-generated name
-        :param container_insights: If true CloudWatch Container Insights will be enabled for the cluster. Default: - Container Insights will be disabled for this cluster.
+        :param container_insights: (deprecated) If true CloudWatch Container Insights will be enabled for the cluster. Default: - Container Insights will be disabled for this cluster.
+        :param container_insights_v2: The CloudWatch Container Insights configuration for the cluster. Default: {@link ContainerInsights.DISABLED } This may be overridden by ECS account level settings.
         :param default_cloud_map_namespace: The service discovery namespace created in this cluster. Default: - no service discovery namespace created, you can use ``addDefaultCloudMapNamespace`` to add a default service discovery namespace later.
         :param enable_fargate_capacity_providers: Whether to enable Fargate Capacity Providers. Default: false
         :param execute_command_configuration: The execute command configuration for the cluster. Default: - no configuration will be provided.
@@ -19709,24 +19723,28 @@ class ClusterProps:
 
         Example::
 
-            from aws_cdk import Tags
-            
+            vpc = ec2.Vpc.from_lookup(self, "Vpc",
+                is_default=True
+            )
+            cluster = ecs.Cluster(self, "ECSCluster", vpc=vpc)
             
-            vpc = ec2.Vpc(self, "Vpc", max_azs=1)
-            cluster = ecs.Cluster(self, "EcsCluster", vpc=vpc)
-            task_definition = ecs.FargateTaskDefinition(self, "TaskDef",
-                memory_limit_mi_b=512,
-                cpu=256
+            task_definition = ecs.TaskDefinition(self, "TD",
+                compatibility=ecs.Compatibility.FARGATE,
+                cpu="256",
+                memory_mi_b="512"
             )
-            task_definition.add_container("WebContainer",
-                image=ecs.ContainerImage.from_registry("amazon/amazon-ecs-sample")
+            
+            task_definition.add_container("TheContainer",
+                image=ecs.ContainerImage.from_registry("foo/bar")
             )
-            Tags.of(task_definition).add("my-tag", "my-tag-value")
-            scheduled_fargate_task = ecs_patterns.ScheduledFargateTask(self, "ScheduledFargateTask",
+            
+            run_task = tasks.EcsRunTask(self, "Run",
+                integration_pattern=sfn.IntegrationPattern.RUN_JOB,
                 cluster=cluster,
                 task_definition=task_definition,
-                schedule=appscaling.Schedule.expression("rate(1 minute)"),
-                propagate_tags=ecs.PropagatedTagSource.TASK_DEFINITION
+                launch_target=tasks.EcsFargateLaunchTarget(),
+                cpu="1024",
+                memory_mi_b="1048"
             )
         '''
         if isinstance(capacity, dict):
@@ -19742,6 +19760,7 @@ class ClusterProps:
             check_type(argname="argument capacity", value=capacity, expected_type=type_hints["capacity"])
             check_type(argname="argument cluster_name", value=cluster_name, expected_type=type_hints["cluster_name"])
             check_type(argname="argument container_insights", value=container_insights, expected_type=type_hints["container_insights"])
+            check_type(argname="argument container_insights_v2", value=container_insights_v2, expected_type=type_hints["container_insights_v2"])
             check_type(argname="argument default_cloud_map_namespace", value=default_cloud_map_namespace, expected_type=type_hints["default_cloud_map_namespace"])
             check_type(argname="argument enable_fargate_capacity_providers", value=enable_fargate_capacity_providers, expected_type=type_hints["enable_fargate_capacity_providers"])
             check_type(argname="argument execute_command_configuration", value=execute_command_configuration, expected_type=type_hints["execute_command_configuration"])
@@ -19754,6 +19773,8 @@ class ClusterProps:
             self._values["cluster_name"] = cluster_name
         if container_insights is not None:
             self._values["container_insights"] = container_insights
+        if container_insights_v2 is not None:
+            self._values["container_insights_v2"] = container_insights_v2
         if default_cloud_map_namespace is not None:
             self._values["default_cloud_map_namespace"] = default_cloud_map_namespace
         if enable_fargate_capacity_providers is not None:
@@ -19785,13 +19806,26 @@ class ClusterProps:
 
     @builtins.property
     def container_insights(self) -> typing.Optional[builtins.bool]:
-        '''If true CloudWatch Container Insights will be enabled for the cluster.
+        '''(deprecated) If true CloudWatch Container Insights will be enabled for the cluster.
 
         :default: - Container Insights will be disabled for this cluster.
+
+        :deprecated: See {@link containerInsightsV2 }
+
+        :stability: deprecated
         '''
         result = self._values.get("container_insights")
         return typing.cast(typing.Optional[builtins.bool], result)
 
+    @builtins.property
+    def container_insights_v2(self) -> typing.Optional["ContainerInsights"]:
+        '''The CloudWatch Container Insights configuration for the cluster.
+
+        :default: {@link ContainerInsights.DISABLED } This may be overridden by ECS account level settings.
+        '''
+        result = self._values.get("container_insights_v2")
+        return typing.cast(typing.Optional["ContainerInsights"], result)
+
     @builtins.property
     def default_cloud_map_namespace(self) -> typing.Optional[CloudMapNamespaceOptions]:
         '''The service discovery namespace created in this cluster.
@@ -22608,6 +22642,28 @@ class ContainerImageConfig:
         )
 
 
+@jsii.enum(jsii_type="aws-cdk-lib.aws_ecs.ContainerInsights")
+class ContainerInsights(enum.Enum):
+    '''The CloudWatch Container Insights setting.
+
+    :see: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html
+    :exampleMetadata: infused
+
+    Example::
+
+        cluster = ecs.Cluster(self, "Cluster",
+            container_insights_v2=ecs.ContainerInsights.ENHANCED
+        )
+    '''
+
+    ENABLED = "ENABLED"
+    '''Enable CloudWatch Container Insights for the cluster.'''
+    DISABLED = "DISABLED"
+    '''Disable CloudWatch Container Insights for the cluster.'''
+    ENHANCED = "ENHANCED"
+    '''Enable CloudWatch Container Insights with enhanced observability for the cluster.'''
+
+
 @jsii.data_type(
     jsii_type="aws-cdk-lib.aws_ecs.ContainerMountPoint",
     jsii_struct_bases=[BaseMountPoint],
@@ -38838,7 +38894,7 @@ class AwsLogDriver(
         
         # An Rule that describes the event trigger (in this case a scheduled run)
         rule = events.Rule(self, "Rule",
-            schedule=events.Schedule.expression("rate(1 min)")
+            schedule=events.Schedule.expression("rate(1 minute)")
         )
         
         # Pass an environment variable to the container 'TheContainer' in the task
@@ -38935,28 +38991,31 @@ class Cluster(
 
     Example::
 
-        vpc = ec2.Vpc.from_lookup(self, "Vpc",
-            is_default=True
-        )
-        cluster = ecs.Cluster(self, "ECSCluster", vpc=vpc)
+        import aws_cdk.aws_elasticloadbalancingv2 as elbv2
         
-        task_definition = ecs.TaskDefinition(self, "TD",
-            compatibility=ecs.Compatibility.FARGATE,
-            cpu="256",
-            memory_mi_b="512"
+        
+        # The VPC and subnet must have associated IPv6 CIDR blocks.
+        vpc = ec2.Vpc(self, "Vpc",
+            ip_protocol=ec2.IpProtocol.DUAL_STACK
         )
+        cluster = ecs.Cluster(self, "EcsCluster", vpc=vpc)
         
-        task_definition.add_container("TheContainer",
-            image=ecs.ContainerImage.from_registry("foo/bar")
+        service = ecs_patterns.ApplicationLoadBalancedFargateService(self, "myService",
+            cluster=cluster,
+            task_image_options=ecsPatterns.ApplicationLoadBalancedTaskImageOptions(
+                image=ecs.ContainerImage.from_registry("amazon/amazon-ecs-sample")
+            ),
+            min_healthy_percent=100,
+            ip_address_type=elbv2.IpAddressType.DUAL_STACK
         )
         
-        run_task = tasks.EcsRunTask(self, "Run",
-            integration_pattern=sfn.IntegrationPattern.RUN_JOB,
+        application_load_balanced_ec2_service = ecs_patterns.ApplicationLoadBalancedEc2Service(self, "myService",
             cluster=cluster,
-            task_definition=task_definition,
-            launch_target=tasks.EcsFargateLaunchTarget(),
-            cpu="1024",
-            memory_mi_b="1048"
+            task_image_options=ecsPatterns.ApplicationLoadBalancedTaskImageOptions(
+                image=ecs.ContainerImage.from_registry("amazon/amazon-ecs-sample")
+            ),
+            min_healthy_percent=100,
+            ip_address_type=elbv2.IpAddressType.DUAL_STACK
         )
     '''
 
@@ -38968,6 +39027,7 @@ class Cluster(
         capacity: typing.Optional[typing.Union[AddCapacityOptions, typing.Dict[builtins.str, typing.Any]]] = None,
         cluster_name: typing.Optional[builtins.str] = None,
         container_insights: typing.Optional[builtins.bool] = None,
+        container_insights_v2: typing.Optional[ContainerInsights] = None,
         default_cloud_map_namespace: typing.Optional[typing.Union[CloudMapNamespaceOptions, typing.Dict[builtins.str, typing.Any]]] = None,
         enable_fargate_capacity_providers: typing.Optional[builtins.bool] = None,
         execute_command_configuration: typing.Optional[typing.Union[ExecuteCommandConfiguration, typing.Dict[builtins.str, typing.Any]]] = None,
@@ -38980,7 +39040,8 @@ class Cluster(
         :param id: -
         :param capacity: The ec2 capacity to add to the cluster. Default: - no EC2 capacity will be added, you can use ``addCapacity`` to add capacity later.
         :param cluster_name: The name for the cluster. Default: CloudFormation-generated name
-        :param container_insights: If true CloudWatch Container Insights will be enabled for the cluster. Default: - Container Insights will be disabled for this cluster.
+        :param container_insights: (deprecated) If true CloudWatch Container Insights will be enabled for the cluster. Default: - Container Insights will be disabled for this cluster.
+        :param container_insights_v2: The CloudWatch Container Insights configuration for the cluster. Default: {@link ContainerInsights.DISABLED } This may be overridden by ECS account level settings.
         :param default_cloud_map_namespace: The service discovery namespace created in this cluster. Default: - no service discovery namespace created, you can use ``addDefaultCloudMapNamespace`` to add a default service discovery namespace later.
         :param enable_fargate_capacity_providers: Whether to enable Fargate Capacity Providers. Default: false
         :param execute_command_configuration: The execute command configuration for the cluster. Default: - no configuration will be provided.
@@ -38995,6 +39056,7 @@ class Cluster(
             capacity=capacity,
             cluster_name=cluster_name,
             container_insights=container_insights,
+            container_insights_v2=container_insights_v2,
             default_cloud_map_namespace=default_cloud_map_namespace,
             enable_fargate_capacity_providers=enable_fargate_capacity_providers,
             execute_command_configuration=execute_command_configuration,
@@ -42231,6 +42293,7 @@ __all__ = [
     "ContainerDependencyCondition",
     "ContainerImage",
     "ContainerImageConfig",
+    "ContainerInsights",
     "ContainerMountPoint",
     "CpuArchitecture",
     "CpuUtilizationScalingProps",
@@ -44133,6 +44196,7 @@ def _typecheckingstub__8819884fed76c2873e86d47e66faba011202f5d697aa512d17a66e595
     capacity: typing.Optional[typing.Union[AddCapacityOptions, typing.Dict[builtins.str, typing.Any]]] = None,
     cluster_name: typing.Optional[builtins.str] = None,
     container_insights: typing.Optional[builtins.bool] = None,
+    container_insights_v2: typing.Optional[ContainerInsights] = None,
     default_cloud_map_namespace: typing.Optional[typing.Union[CloudMapNamespaceOptions, typing.Dict[builtins.str, typing.Any]]] = None,
     enable_fargate_capacity_providers: typing.Optional[builtins.bool] = None,
     execute_command_configuration: typing.Optional[typing.Union[ExecuteCommandConfiguration, typing.Dict[builtins.str, typing.Any]]] = None,
@@ -46098,6 +46162,7 @@ def _typecheckingstub__3bfa430ae70aac83ab429fdb76501803ea8a276abbb829c3c149f8a8b
     capacity: typing.Optional[typing.Union[AddCapacityOptions, typing.Dict[builtins.str, typing.Any]]] = None,
     cluster_name: typing.Optional[builtins.str] = None,
     container_insights: typing.Optional[builtins.bool] = None,
+    container_insights_v2: typing.Optional[ContainerInsights] = None,
     default_cloud_map_namespace: typing.Optional[typing.Union[CloudMapNamespaceOptions, typing.Dict[builtins.str, typing.Any]]] = None,
     enable_fargate_capacity_providers: typing.Optional[builtins.bool] = None,
     execute_command_configuration: typing.Optional[typing.Union[ExecuteCommandConfiguration, typing.Dict[builtins.str, typing.Any]]] = None,

aws_cdk/aws_elasticloadbalancingv2/__init__.py

@@ -49,6 +49,13 @@ listener.add_targets("ApplicationFleet",
 The security groups of the load balancer and the target are automatically
 updated to allow the network traffic.
 
+> NOTE: If the `@aws-cdk/aws-elasticloadbalancingV2:albDualstackWithoutPublicIpv4SecurityGroupRulesDefault` feature flag is set (the default for new projects), and `addListener()` is called with `open: true`,
+> the load balancer's security group will automatically include both IPv4 and IPv6 ingress rules when using `IpAddressType.DUAL_STACK_WITHOUT_PUBLIC_IPV4`.
+>
+> For existing projects that only have IPv4 rules, you can opt-in to IPv6 ingress rules
+> by enabling the feature flag in your cdk.json file. Note that enabling this feature flag
+> will modify existing security group rules.
+
 One (or more) security groups can be associated with the load balancer;
 if a security group isn't provided, one will be automatically created.
 
@@ -260,7 +267,7 @@ For more information, see [Load balancer attributes](https://docs.aws.amazon.com
 ### Setting up Access Log Bucket on Application Load Balancer
 
 The only server-side encryption option that's supported is Amazon S3-managed keys (SSE-S3). For more information
-Documentation: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/enable-access-logging.html
+Documentation: [https://docs.aws.amazon.com/elasticloadbalancing/latest/application/enable-access-logging.html](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/enable-access-logging.html)
 
 ```python
 # vpc: ec2.Vpc
@@ -277,7 +284,7 @@ lb.log_access_logs(bucket)
 ### Setting up Connection Log Bucket on Application Load Balancer
 
 Like access log bucket, the only server-side encryption option that's supported is Amazon S3-managed keys (SSE-S3). For more information
-Documentation: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/enable-connection-logging.html
+Documentation: [https://docs.aws.amazon.com/elasticloadbalancing/latest/application/enable-connection-logging.html](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/enable-connection-logging.html)
 
 ```python
 # vpc: ec2.Vpc
@@ -305,7 +312,7 @@ lb = elbv2.ApplicationLoadBalancer(self, "LB",
 )
 ```
 
-By setting `DUAL_STACK_WITHOUT_PUBLIC_IPV4`, you can provision load balancers without public IPv4s
+By setting `DUAL_STACK_WITHOUT_PUBLIC_IPV4`, you can provision load balancers without public IPv4s:
 
 ```python
 # vpc: ec2.Vpc
@@ -313,6 +320,7 @@ By setting `DUAL_STACK_WITHOUT_PUBLIC_IPV4`, you can provision load balancers wi
 
 lb = elbv2.ApplicationLoadBalancer(self, "LB",
     vpc=vpc,
+    internet_facing=True,
     ip_address_type=elbv2.IpAddressType.DUAL_STACK_WITHOUT_PUBLIC_IPV4
 )
 ```
@@ -549,7 +557,7 @@ tg = elbv2.ApplicationTargetGroup(self, "TG",
 )
 ```
 
-For more information see: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/sticky-sessions.html#application-based-stickiness
+For more information see: [https://docs.aws.amazon.com/elasticloadbalancing/latest/application/sticky-sessions.html#application-based-stickiness](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/sticky-sessions.html#application-based-stickiness)
 
 ### Setting the target group protocol version
 
@@ -22373,6 +22381,15 @@ class IApplicationLoadBalancer(
     def ip_address_type(self) -> typing.Optional[IpAddressType]:
         '''The IP Address Type for this load balancer.
 
+        If the ``@aws-cdk/aws-elasticloadbalancingV2:albDualstackWithoutPublicIpv4SecurityGroupRulesDefault``
+        feature flag is set (the default for new projects), and ``addListener()`` is called with ``open: true``,
+        the load balancer's security group will automatically include both IPv4 and IPv6 ingress rules
+        when using ``IpAddressType.DUAL_STACK_WITHOUT_PUBLIC_IPV4``.
+
+        For existing projects that only have IPv4 rules, you can opt-in to IPv6 ingress rules
+        by enabling the feature flag in your cdk.json file. Note that enabling this feature flag
+        will modify existing security group rules.
+
         :default: IpAddressType.IPV4
         '''
         ...
@@ -22450,6 +22467,15 @@ class _IApplicationLoadBalancerProxy(
     def ip_address_type(self) -> typing.Optional[IpAddressType]:
         '''The IP Address Type for this load balancer.
 
+        If the ``@aws-cdk/aws-elasticloadbalancingV2:albDualstackWithoutPublicIpv4SecurityGroupRulesDefault``
+        feature flag is set (the default for new projects), and ``addListener()`` is called with ``open: true``,
+        the load balancer's security group will automatically include both IPv4 and IPv6 ingress rules
+        when using ``IpAddressType.DUAL_STACK_WITHOUT_PUBLIC_IPV4``.
+
+        For existing projects that only have IPv4 rules, you can opt-in to IPv6 ingress rules
+        by enabling the feature flag in your cdk.json file. Note that enabling this feature flag
+        will modify existing security group rules.
+
         :default: IpAddressType.IPV4
         '''
         return typing.cast(typing.Optional[IpAddressType], jsii.get(self, "ipAddressType"))
@@ -25063,7 +25089,17 @@ class ApplicationLoadBalancer(
     @builtins.property
     @jsii.member(jsii_name="ipAddressType")
     def ip_address_type(self) -> typing.Optional[IpAddressType]:
-        '''The IP Address Type for this load balancer.'''
+        '''The IP Address Type for this load balancer.
+
+        If the ``@aws-cdk/aws-elasticloadbalancingV2:albDualstackWithoutPublicIpv4SecurityGroupRulesDefault``
+        feature flag is set (the default for new projects), and ``addListener()`` is called with ``open: true``,
+        the load balancer's security group will automatically include both IPv4 and IPv6 ingress rules
+        when using ``IpAddressType.DUAL_STACK_WITHOUT_PUBLIC_IPV4``.
+
+        For existing projects that only have IPv4 rules, you can opt-in to IPv6 ingress rules
+        by enabling the feature flag in your cdk.json file. Note that enabling this feature flag
+        will modify existing security group rules.
+        '''
         return typing.cast(typing.Optional[IpAddressType], jsii.get(self, "ipAddressType"))
 
 

aws_cdk/aws_healthlake/__init__.py

@@ -137,11 +137,11 @@ class CfnFHIRDatastore(
         '''
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
-        :param datastore_type_version: The FHIR version of the data store. The only supported version is R4.
-        :param datastore_name: The user generated name for the data store.
-        :param identity_provider_configuration: The identity provider configuration that you gave when the data store was created.
-        :param preload_data_config: The preloaded data configuration for the data store. Only data preloaded from Synthea is supported.
-        :param sse_configuration: The server-side encryption key configuration for a customer provided encryption key specified for creating a data store.
+        :param datastore_type_version: The FHIR release version supported by the data store. Current support is for version ``R4`` .
+        :param datastore_name: The data store name (user-generated).
+        :param identity_provider_configuration: The identity provider configuration selected when the data store was created.
+        :param preload_data_config: The preloaded Synthea data configuration for the data store.
+        :param sse_configuration: The server-side encryption key configuration for a customer-provided encryption key specified for creating a data store.
         :param tags: An array of key-value pairs to apply to this resource. For more information, see `Tag <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html>`_ .
         '''
         if __debug__:
@@ -268,7 +268,7 @@ class CfnFHIRDatastore(
     @builtins.property
     @jsii.member(jsii_name="datastoreTypeVersion")
     def datastore_type_version(self) -> builtins.str:
-        '''The FHIR version of the data store.'''
+        '''The FHIR release version supported by the data store.'''
         return typing.cast(builtins.str, jsii.get(self, "datastoreTypeVersion"))
 
     @datastore_type_version.setter
@@ -281,7 +281,7 @@ class CfnFHIRDatastore(
     @builtins.property
     @jsii.member(jsii_name="datastoreName")
     def datastore_name(self) -> typing.Optional[builtins.str]:
-        '''The user generated name for the data store.'''
+        '''The data store name (user-generated).'''
         return typing.cast(typing.Optional[builtins.str], jsii.get(self, "datastoreName"))
 
     @datastore_name.setter
@@ -296,7 +296,7 @@ class CfnFHIRDatastore(
     def identity_provider_configuration(
         self,
     ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnFHIRDatastore.IdentityProviderConfigurationProperty"]]:
-        '''The identity provider configuration that you gave when the data store was created.'''
+        '''The identity provider configuration selected when the data store was created.'''
         return typing.cast(typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnFHIRDatastore.IdentityProviderConfigurationProperty"]], jsii.get(self, "identityProviderConfiguration"))
 
     @identity_provider_configuration.setter
@@ -314,7 +314,7 @@ class CfnFHIRDatastore(
     def preload_data_config(
         self,
     ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnFHIRDatastore.PreloadDataConfigProperty"]]:
-        '''The preloaded data configuration for the data store.'''
+        '''The preloaded Synthea data configuration for the data store.'''
         return typing.cast(typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnFHIRDatastore.PreloadDataConfigProperty"]], jsii.get(self, "preloadDataConfig"))
 
     @preload_data_config.setter
@@ -332,7 +332,7 @@ class CfnFHIRDatastore(
     def sse_configuration(
         self,
     ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnFHIRDatastore.SseConfigurationProperty"]]:
-        '''The server-side encryption key configuration for a customer provided encryption key specified for creating a data store.'''
+        '''The server-side encryption key configuration for a customer-provided encryption key specified for creating a data store.'''
         return typing.cast(typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnFHIRDatastore.SseConfigurationProperty"]], jsii.get(self, "sseConfiguration"))
 
     @sse_configuration.setter
@@ -443,12 +443,12 @@ class CfnFHIRDatastore(
             idp_lambda_arn: typing.Optional[builtins.str] = None,
             metadata: typing.Optional[builtins.str] = None,
         ) -> None:
-            '''The identity provider configuration that you gave when the data store was created.
+            '''The identity provider configuration selected when the data store was created.
 
-            :param authorization_strategy: The authorization strategy that you selected when you created the data store.
-            :param fine_grained_authorization_enabled: If you enabled fine-grained authorization when you created the data store.
-            :param idp_lambda_arn: The Amazon Resource Name (ARN) of the Lambda function that you want to use to decode the access token created by the authorization server.
-            :param metadata: The JSON metadata elements that you want to use in your identity provider configuration. Required elements are listed based on the launch specification of the SMART application. For more information on all possible elements, see `Metadata <https://docs.aws.amazon.com/https://build.fhir.org/ig/HL7/smart-app-launch/conformance.html#metadata>`_ in SMART's App Launch specification. ``authorization_endpoint`` : The URL to the OAuth2 authorization endpoint. ``grant_types_supported`` : An array of grant types that are supported at the token endpoint. You must provide at least one grant type option. Valid options are ``authorization_code`` and ``client_credentials`` . ``token_endpoint`` : The URL to the OAuth2 token endpoint. ``capabilities`` : An array of strings of the SMART capabilities that the authorization server supports. ``code_challenge_methods_supported`` : An array of strings of supported PKCE code challenge methods. You must include the ``S256`` method in the array of PKCE code challenge methods.
+            :param authorization_strategy: The authorization strategy selected when the data store was created.
+            :param fine_grained_authorization_enabled: The parameter to enable SMART on FHIR fine-grained authorization for the data store.
+            :param idp_lambda_arn: The Amazon Resource Name (ARN) of the Lambda function to use to decode the access token created by the authorization server.
+            :param metadata: The JSON metadata elements to use in your identity provider configuration. Required elements are listed based on the launch specification of the SMART application. For more information on all possible elements, see `Metadata <https://docs.aws.amazon.com/https://build.fhir.org/ig/HL7/smart-app-launch/conformance.html#metadata>`_ in SMART's App Launch specification. ``authorization_endpoint`` : The URL to the OAuth2 authorization endpoint. ``grant_types_supported`` : An array of grant types that are supported at the token endpoint. You must provide at least one grant type option. Valid options are ``authorization_code`` and ``client_credentials`` . ``token_endpoint`` : The URL to the OAuth2 token endpoint. ``capabilities`` : An array of strings of the SMART capabilities that the authorization server supports. ``code_challenge_methods_supported`` : An array of strings of supported PKCE code challenge methods. You must include the ``S256`` method in the array of PKCE code challenge methods.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-healthlake-fhirdatastore-identityproviderconfiguration.html
             :exampleMetadata: fixture=_generated
@@ -486,7 +486,7 @@ class CfnFHIRDatastore(
 
         @builtins.property
         def authorization_strategy(self) -> builtins.str:
-            '''The authorization strategy that you selected when you created the data store.
+            '''The authorization strategy selected when the data store was created.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-healthlake-fhirdatastore-identityproviderconfiguration.html#cfn-healthlake-fhirdatastore-identityproviderconfiguration-authorizationstrategy
             '''
@@ -498,7 +498,7 @@ class CfnFHIRDatastore(
         def fine_grained_authorization_enabled(
             self,
         ) -> typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]]:
-            '''If you enabled fine-grained authorization when you created the data store.
+            '''The parameter to enable SMART on FHIR fine-grained authorization for the data store.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-healthlake-fhirdatastore-identityproviderconfiguration.html#cfn-healthlake-fhirdatastore-identityproviderconfiguration-finegrainedauthorizationenabled
             '''
@@ -507,7 +507,7 @@ class CfnFHIRDatastore(
 
         @builtins.property
         def idp_lambda_arn(self) -> typing.Optional[builtins.str]:
-            '''The Amazon Resource Name (ARN) of the Lambda function that you want to use to decode the access token created by the authorization server.
+            '''The Amazon Resource Name (ARN) of the Lambda function to use to decode the access token created by the authorization server.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-healthlake-fhirdatastore-identityproviderconfiguration.html#cfn-healthlake-fhirdatastore-identityproviderconfiguration-idplambdaarn
             '''
@@ -516,7 +516,7 @@ class CfnFHIRDatastore(
 
         @builtins.property
         def metadata(self) -> typing.Optional[builtins.str]:
-            '''The JSON metadata elements that you want to use in your identity provider configuration.
+            '''The JSON metadata elements to use in your identity provider configuration.
 
             Required elements are listed based on the launch specification of the SMART application. For more information on all possible elements, see `Metadata <https://docs.aws.amazon.com/https://build.fhir.org/ig/HL7/smart-app-launch/conformance.html#metadata>`_ in SMART's App Launch specification.
 
@@ -563,7 +563,7 @@ class CfnFHIRDatastore(
             If a customer owned key is not specified, an Amazon owned key will be used for encryption.
 
             :param cmk_type: The type of customer-managed-key(CMK) used for encryption. The two types of supported CMKs are customer owned CMKs and Amazon owned CMKs. For more information on CMK types, see `KmsEncryptionConfig <https://docs.aws.amazon.com/healthlake/latest/APIReference/API_KmsEncryptionConfig.html#HealthLake-Type-KmsEncryptionConfig-CmkType>`_ .
-            :param kms_key_id: The KMS encryption key id/alias used to encrypt the data store contents at rest.
+            :param kms_key_id: The Key Management Service (KMS) encryption key id/alias used to encrypt the data store contents at rest.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-healthlake-fhirdatastore-kmsencryptionconfig.html
             :exampleMetadata: fixture=_generated
@@ -605,7 +605,7 @@ class CfnFHIRDatastore(
 
         @builtins.property
         def kms_key_id(self) -> typing.Optional[builtins.str]:
-            '''The KMS encryption key id/alias used to encrypt the data store contents at rest.
+            '''The Key Management Service (KMS) encryption key id/alias used to encrypt the data store contents at rest.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-healthlake-fhirdatastore-kmsencryptionconfig.html#cfn-healthlake-fhirdatastore-kmsencryptionconfig-kmskeyid
             '''
@@ -630,9 +630,7 @@ class CfnFHIRDatastore(
     )
     class PreloadDataConfigProperty:
         def __init__(self, *, preload_data_type: builtins.str) -> None:
-            '''Optional parameter to preload data upon creation of the data store.
-
-            Currently, the only supported preloaded data is synthetic data generated from Synthea.
+            '''An optional parameter to preload (import) open source Synthea FHIR data upon creation of the data store.
 
             :param preload_data_type: The type of preloaded data. Only Synthea preloaded data is supported.
 
@@ -690,9 +688,9 @@ class CfnFHIRDatastore(
             *,
             kms_encryption_config: typing.Union[_IResolvable_da3f097b, typing.Union["CfnFHIRDatastore.KmsEncryptionConfigProperty", typing.Dict[builtins.str, typing.Any]]],
         ) -> None:
-            '''The server-side encryption key configuration for a customer provided encryption key.
+            '''The server-side encryption key configuration for a customer-provided encryption key.
 
-            :param kms_encryption_config: The server-side encryption key configuration for a customer provided encryption key (CMK).
+            :param kms_encryption_config: The server-side encryption key configuration for a customer provided encryption key.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-healthlake-fhirdatastore-sseconfiguration.html
             :exampleMetadata: fixture=_generated
@@ -723,7 +721,7 @@ class CfnFHIRDatastore(
         def kms_encryption_config(
             self,
         ) -> typing.Union[_IResolvable_da3f097b, "CfnFHIRDatastore.KmsEncryptionConfigProperty"]:
-            '''The server-side encryption key configuration for a customer provided encryption key (CMK).
+            '''The server-side encryption key configuration for a customer provided encryption key.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-healthlake-fhirdatastore-sseconfiguration.html#cfn-healthlake-fhirdatastore-sseconfiguration-kmsencryptionconfig
             '''
@@ -768,11 +766,11 @@ class CfnFHIRDatastoreProps:
     ) -> None:
         '''Properties for defining a ``CfnFHIRDatastore``.
 
-        :param datastore_type_version: The FHIR version of the data store. The only supported version is R4.
-        :param datastore_name: The user generated name for the data store.
-        :param identity_provider_configuration: The identity provider configuration that you gave when the data store was created.
-        :param preload_data_config: The preloaded data configuration for the data store. Only data preloaded from Synthea is supported.
-        :param sse_configuration: The server-side encryption key configuration for a customer provided encryption key specified for creating a data store.
+        :param datastore_type_version: The FHIR release version supported by the data store. Current support is for version ``R4`` .
+        :param datastore_name: The data store name (user-generated).
+        :param identity_provider_configuration: The identity provider configuration selected when the data store was created.
+        :param preload_data_config: The preloaded Synthea data configuration for the data store.
+        :param sse_configuration: The server-side encryption key configuration for a customer-provided encryption key specified for creating a data store.
         :param tags: An array of key-value pairs to apply to this resource. For more information, see `Tag <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html>`_ .
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-healthlake-fhirdatastore.html
@@ -838,9 +836,9 @@ class CfnFHIRDatastoreProps:
 
     @builtins.property
     def datastore_type_version(self) -> builtins.str:
-        '''The FHIR version of the data store.
+        '''The FHIR release version supported by the data store.
 
-        The only supported version is R4.
+        Current support is for version ``R4`` .
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-healthlake-fhirdatastore.html#cfn-healthlake-fhirdatastore-datastoretypeversion
         '''
@@ -850,7 +848,7 @@ class CfnFHIRDatastoreProps:
 
     @builtins.property
     def datastore_name(self) -> typing.Optional[builtins.str]:
-        '''The user generated name for the data store.
+        '''The data store name (user-generated).
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-healthlake-fhirdatastore.html#cfn-healthlake-fhirdatastore-datastorename
         '''
@@ -861,7 +859,7 @@ class CfnFHIRDatastoreProps:
     def identity_provider_configuration(
         self,
     ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, CfnFHIRDatastore.IdentityProviderConfigurationProperty]]:
-        '''The identity provider configuration that you gave when the data store was created.
+        '''The identity provider configuration selected when the data store was created.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-healthlake-fhirdatastore.html#cfn-healthlake-fhirdatastore-identityproviderconfiguration
         '''
@@ -872,9 +870,7 @@ class CfnFHIRDatastoreProps:
     def preload_data_config(
         self,
     ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, CfnFHIRDatastore.PreloadDataConfigProperty]]:
-        '''The preloaded data configuration for the data store.
-
-        Only data preloaded from Synthea is supported.
+        '''The preloaded Synthea data configuration for the data store.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-healthlake-fhirdatastore.html#cfn-healthlake-fhirdatastore-preloaddataconfig
         '''
@@ -885,7 +881,7 @@ class CfnFHIRDatastoreProps:
     def sse_configuration(
         self,
     ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, CfnFHIRDatastore.SseConfigurationProperty]]:
-        '''The server-side encryption key configuration for a customer provided encryption key specified for creating a data store.
+        '''The server-side encryption key configuration for a customer-provided encryption key specified for creating a data store.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-healthlake-fhirdatastore.html#cfn-healthlake-fhirdatastore-sseconfiguration
         '''