aws-cdk-lib 2.176.0__py3-none-any.whl → 2.178.0__py3-none-any.whl

aws_cdk/aws_sns/__init__.py

@@ -351,6 +351,26 @@ topic = sns.Topic(self, "MyTopic",
     tracing_config=sns.TracingConfig.ACTIVE
 )
 ```
+
+## High-throughput mode for Amazon SNS FIFO Topics
+
+High throughput FIFO topics in Amazon SNS efficiently manage high message throughput while maintaining strict message order, ensuring reliability and scalability for applications processing numerous messages.
+This solution is ideal for scenarios demanding both high throughput and ordered message delivery.
+
+To improve message throughput using high throughput FIFO topics, increasing the number of message groups is recommended.
+
+For more information, see [High throughput FIFO topics in Amazon SNS](https://docs.aws.amazon.com/sns/latest/dg/fifo-high-throughput.html).
+
+You can configure high-throughput mode for your FIFO topics by setting the `fifoThroughputScope` property:
+
+```python
+topic = sns.Topic(self, "MyTopic",
+    fifo=True,
+    fifo_throughput_scope=sns.FifoThroughputScope.TOPIC
+)
+```
+
+**Note**: The `fifoThroughputScope` property is only available for FIFO topics.
 '''
 from pkgutil import extend_path
 __path__ = extend_path(__path__, __name__)
@@ -1126,6 +1146,7 @@ class CfnTopic(
                 success_feedback_sample_rate="successFeedbackSampleRate"
             )],
             display_name="displayName",
+            fifo_throughput_scope="fifoThroughputScope",
             fifo_topic=False,
             kms_master_key_id="kmsMasterKeyId",
             signature_version="signatureVersion",
@@ -1152,6 +1173,7 @@ class CfnTopic(
         data_protection_policy: typing.Any = None,
         delivery_status_logging: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union["CfnTopic.LoggingConfigProperty", typing.Dict[builtins.str, typing.Any]]]]]] = None,
         display_name: typing.Optional[builtins.str] = None,
+        fifo_throughput_scope: typing.Optional[builtins.str] = None,
         fifo_topic: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
         kms_master_key_id: typing.Optional[builtins.str] = None,
         signature_version: typing.Optional[builtins.str] = None,
@@ -1168,6 +1190,7 @@ class CfnTopic(
         :param data_protection_policy: The body of the policy document you want to use for this topic. You can only add one policy per topic. The policy must be in JSON string format. Length Constraints: Maximum length of 30,720.
         :param delivery_status_logging: The ``DeliveryStatusLogging`` configuration enables you to log the delivery status of messages sent from your Amazon SNS topic to subscribed endpoints with the following supported delivery protocols:. - HTTP - Amazon Kinesis Data Firehose - AWS Lambda - Platform application endpoint - Amazon Simple Queue Service Once configured, log entries are sent to Amazon CloudWatch Logs.
         :param display_name: The display name to use for an Amazon SNS topic with SMS subscriptions. The display name must be maximum 100 characters long, including hyphens (-), underscores (_), spaces, and tabs.
+        :param fifo_throughput_scope: Specifies the throughput quota and deduplication behavior to apply for the FIFO topic. Valid values are ``Topic`` or ``MessageGroup`` .
         :param fifo_topic: Set to true to create a FIFO topic.
         :param kms_master_key_id: The ID of an AWS managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see `Key terms <https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html#sse-key-terms>`_ . For more examples, see ``[KeyId](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters)`` in the *AWS Key Management Service API Reference* . This property applies only to `server-side-encryption <https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html>`_ .
         :param signature_version: The signature version corresponds to the hashing algorithm used while creating the signature of the notifications, subscription confirmations, or unsubscribe confirmation messages sent by Amazon SNS. By default, ``SignatureVersion`` is set to ``1`` .
@@ -1186,6 +1209,7 @@ class CfnTopic(
             data_protection_policy=data_protection_policy,
             delivery_status_logging=delivery_status_logging,
             display_name=display_name,
+            fifo_throughput_scope=fifo_throughput_scope,
             fifo_topic=fifo_topic,
             kms_master_key_id=kms_master_key_id,
             signature_version=signature_version,
@@ -1331,6 +1355,19 @@ class CfnTopic(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "displayName", value) # pyright: ignore[reportArgumentType]
 
+    @builtins.property
+    @jsii.member(jsii_name="fifoThroughputScope")
+    def fifo_throughput_scope(self) -> typing.Optional[builtins.str]:
+        '''Specifies the throughput quota and deduplication behavior to apply for the FIFO topic.'''
+        return typing.cast(typing.Optional[builtins.str], jsii.get(self, "fifoThroughputScope"))
+
+    @fifo_throughput_scope.setter
+    def fifo_throughput_scope(self, value: typing.Optional[builtins.str]) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__f138e6ceb99033a1d226873b4907fde5a0fa94382f4183d377b2de329c67e644)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "fifoThroughputScope", value) # pyright: ignore[reportArgumentType]
+
     @builtins.property
     @jsii.member(jsii_name="fifoTopic")
     def fifo_topic(
@@ -2008,6 +2045,7 @@ class CfnTopicPolicyProps:
         "data_protection_policy": "dataProtectionPolicy",
         "delivery_status_logging": "deliveryStatusLogging",
         "display_name": "displayName",
+        "fifo_throughput_scope": "fifoThroughputScope",
         "fifo_topic": "fifoTopic",
         "kms_master_key_id": "kmsMasterKeyId",
         "signature_version": "signatureVersion",
@@ -2026,6 +2064,7 @@ class CfnTopicProps:
         data_protection_policy: typing.Any = None,
         delivery_status_logging: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[CfnTopic.LoggingConfigProperty, typing.Dict[builtins.str, typing.Any]]]]]] = None,
         display_name: typing.Optional[builtins.str] = None,
+        fifo_throughput_scope: typing.Optional[builtins.str] = None,
         fifo_topic: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
         kms_master_key_id: typing.Optional[builtins.str] = None,
         signature_version: typing.Optional[builtins.str] = None,
@@ -2041,6 +2080,7 @@ class CfnTopicProps:
         :param data_protection_policy: The body of the policy document you want to use for this topic. You can only add one policy per topic. The policy must be in JSON string format. Length Constraints: Maximum length of 30,720.
         :param delivery_status_logging: The ``DeliveryStatusLogging`` configuration enables you to log the delivery status of messages sent from your Amazon SNS topic to subscribed endpoints with the following supported delivery protocols:. - HTTP - Amazon Kinesis Data Firehose - AWS Lambda - Platform application endpoint - Amazon Simple Queue Service Once configured, log entries are sent to Amazon CloudWatch Logs.
         :param display_name: The display name to use for an Amazon SNS topic with SMS subscriptions. The display name must be maximum 100 characters long, including hyphens (-), underscores (_), spaces, and tabs.
+        :param fifo_throughput_scope: Specifies the throughput quota and deduplication behavior to apply for the FIFO topic. Valid values are ``Topic`` or ``MessageGroup`` .
         :param fifo_topic: Set to true to create a FIFO topic.
         :param kms_master_key_id: The ID of an AWS managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see `Key terms <https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html#sse-key-terms>`_ . For more examples, see ``[KeyId](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters)`` in the *AWS Key Management Service API Reference* . This property applies only to `server-side-encryption <https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html>`_ .
         :param signature_version: The signature version corresponds to the hashing algorithm used while creating the signature of the notifications, subscription confirmations, or unsubscribe confirmation messages sent by Amazon SNS. By default, ``SignatureVersion`` is set to ``1`` .
@@ -2074,6 +2114,7 @@ class CfnTopicProps:
                     success_feedback_sample_rate="successFeedbackSampleRate"
                 )],
                 display_name="displayName",
+                fifo_throughput_scope="fifoThroughputScope",
                 fifo_topic=False,
                 kms_master_key_id="kmsMasterKeyId",
                 signature_version="signatureVersion",
@@ -2096,6 +2137,7 @@ class CfnTopicProps:
             check_type(argname="argument data_protection_policy", value=data_protection_policy, expected_type=type_hints["data_protection_policy"])
             check_type(argname="argument delivery_status_logging", value=delivery_status_logging, expected_type=type_hints["delivery_status_logging"])
             check_type(argname="argument display_name", value=display_name, expected_type=type_hints["display_name"])
+            check_type(argname="argument fifo_throughput_scope", value=fifo_throughput_scope, expected_type=type_hints["fifo_throughput_scope"])
             check_type(argname="argument fifo_topic", value=fifo_topic, expected_type=type_hints["fifo_topic"])
             check_type(argname="argument kms_master_key_id", value=kms_master_key_id, expected_type=type_hints["kms_master_key_id"])
             check_type(argname="argument signature_version", value=signature_version, expected_type=type_hints["signature_version"])
@@ -2114,6 +2156,8 @@ class CfnTopicProps:
             self._values["delivery_status_logging"] = delivery_status_logging
         if display_name is not None:
             self._values["display_name"] = display_name
+        if fifo_throughput_scope is not None:
+            self._values["fifo_throughput_scope"] = fifo_throughput_scope
         if fifo_topic is not None:
             self._values["fifo_topic"] = fifo_topic
         if kms_master_key_id is not None:
@@ -2198,6 +2242,17 @@ class CfnTopicProps:
         result = self._values.get("display_name")
         return typing.cast(typing.Optional[builtins.str], result)
 
+    @builtins.property
+    def fifo_throughput_scope(self) -> typing.Optional[builtins.str]:
+        '''Specifies the throughput quota and deduplication behavior to apply for the FIFO topic.
+
+        Valid values are ``Topic`` or ``MessageGroup`` .
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sns-topic.html#cfn-sns-topic-fifothroughputscope
+        '''
+        result = self._values.get("fifo_throughput_scope")
+        return typing.cast(typing.Optional[builtins.str], result)
+
     @builtins.property
     def fifo_topic(
         self,
@@ -2405,6 +2460,32 @@ class DeliveryPolicy:
         )
 
 
+@jsii.enum(jsii_type="aws-cdk-lib.aws_sns.FifoThroughputScope")
+class FifoThroughputScope(enum.Enum):
+    '''The throughput quota and deduplication behavior to apply for the FIFO topic.
+
+    :exampleMetadata: infused
+
+    Example::
+
+        topic = sns.Topic(self, "MyTopic",
+            fifo=True,
+            fifo_throughput_scope=sns.FifoThroughputScope.TOPIC
+        )
+    '''
+
+    TOPIC = "TOPIC"
+    '''Topic scope - Throughput: 3000 messages per second and a bandwidth of 20MB per second.
+
+    - Deduplication: Message deduplication is verified on the entire FIFO topic.
+    '''
+    MESSAGE_GROUP = "MESSAGE_GROUP"
+    '''Message group scope - Throughput: Maximum regional limits.
+
+    - Deduplication: Message deduplication is only verified within a message group.
+    '''
+
+
 class FilterOrPolicy(
     metaclass=jsii.JSIIAbstractClass,
     jsii_type="aws-cdk-lib.aws_sns.FilterOrPolicy",
@@ -5085,6 +5166,11 @@ class TopicBase(
 
         jsii.create(self.__class__, self, [scope, id, props])
 
+    @jsii.member(jsii_name="addSSLPolicy")
+    def _add_ssl_policy(self) -> None:
+        '''Adds a SSL policy to the topic resource policy.'''
+        return typing.cast(None, jsii.invoke(self, "addSSLPolicy", []))
+
     @jsii.member(jsii_name="addSubscription")
     def add_subscription(self, topic_subscription: ITopicSubscription) -> Subscription:
         '''Subscribe some endpoint to this topic.
@@ -5104,8 +5190,11 @@ class TopicBase(
         '''Adds a statement to the IAM resource policy associated with this topic.
 
         If this topic was created in this stack (``new Topic``), a topic policy
-        will be automatically created upon the first call to ``addToResourcePolicy``. If
-        the topic is imported (``Topic.import``), then this is a no-op.
+        will be automatically created upon the first call to ``addToResourcePolicy``.
+        However, if ``enforceSSL`` is set to ``true``, the policy has already been created
+        before the first call to this method.
+
+        If the topic is imported (``Topic.import``), then this is a no-op.
 
         :param statement: -
         '''
@@ -5136,6 +5225,11 @@ class TopicBase(
         '''
         return typing.cast(_PolicyStatement_0fe33853, jsii.invoke(self, "createSSLPolicyDocument", []))
 
+    @jsii.member(jsii_name="createTopicPolicy")
+    def _create_topic_policy(self) -> None:
+        '''Creates a topic policy for this topic.'''
+        return typing.cast(None, jsii.invoke(self, "createTopicPolicy", []))
+
     @jsii.member(jsii_name="grantPublish")
     def grant_publish(self, grantee: _IGrantable_71c4f5de) -> _Grant_a7ae64f8:
         '''Grant topic publishing permissions to the given identity.
@@ -5903,6 +5997,7 @@ class TopicPolicyProps:
         "display_name": "displayName",
         "enforce_ssl": "enforceSSL",
         "fifo": "fifo",
+        "fifo_throughput_scope": "fifoThroughputScope",
         "logging_configs": "loggingConfigs",
         "master_key": "masterKey",
         "message_retention_period_in_days": "messageRetentionPeriodInDays",
@@ -5919,6 +6014,7 @@ class TopicProps:
         display_name: typing.Optional[builtins.str] = None,
         enforce_ssl: typing.Optional[builtins.bool] = None,
         fifo: typing.Optional[builtins.bool] = None,
+        fifo_throughput_scope: typing.Optional[FifoThroughputScope] = None,
         logging_configs: typing.Optional[typing.Sequence[typing.Union[LoggingConfig, typing.Dict[builtins.str, typing.Any]]]] = None,
         master_key: typing.Optional[_IKey_5f11635f] = None,
         message_retention_period_in_days: typing.Optional[jsii.Number] = None,
@@ -5932,6 +6028,7 @@ class TopicProps:
         :param display_name: A developer-defined string that can be used to identify this SNS topic. The display name must be maximum 100 characters long, including hyphens (-), underscores (_), spaces, and tabs. Default: None
         :param enforce_ssl: Adds a statement to enforce encryption of data in transit when publishing to the topic. Default: false
         :param fifo: Set to true to create a FIFO topic. Default: None
+        :param fifo_throughput_scope: Specifies the throughput quota and deduplication behavior to apply for the FIFO topic. You can only set this property when ``fifo`` is ``true``. Default: undefined - SNS default setting is FifoThroughputScope.TOPIC
         :param logging_configs: The list of delivery status logging configurations for the topic. Default: None
         :param master_key: A KMS Key, either managed by this CDK app, or imported. Default: None
         :param message_retention_period_in_days: The number of days Amazon SNS retains messages. It can only be set for FIFO topics. Default: - do not archive messages
@@ -5944,7 +6041,8 @@ class TopicProps:
         Example::
 
             topic = sns.Topic(self, "MyTopic",
-                tracing_config=sns.TracingConfig.ACTIVE
+                fifo=True,
+                fifo_throughput_scope=sns.FifoThroughputScope.TOPIC
             )
         '''
         if __debug__:
@@ -5953,6 +6051,7 @@ class TopicProps:
             check_type(argname="argument display_name", value=display_name, expected_type=type_hints["display_name"])
             check_type(argname="argument enforce_ssl", value=enforce_ssl, expected_type=type_hints["enforce_ssl"])
             check_type(argname="argument fifo", value=fifo, expected_type=type_hints["fifo"])
+            check_type(argname="argument fifo_throughput_scope", value=fifo_throughput_scope, expected_type=type_hints["fifo_throughput_scope"])
             check_type(argname="argument logging_configs", value=logging_configs, expected_type=type_hints["logging_configs"])
             check_type(argname="argument master_key", value=master_key, expected_type=type_hints["master_key"])
             check_type(argname="argument message_retention_period_in_days", value=message_retention_period_in_days, expected_type=type_hints["message_retention_period_in_days"])
@@ -5968,6 +6067,8 @@ class TopicProps:
             self._values["enforce_ssl"] = enforce_ssl
         if fifo is not None:
             self._values["fifo"] = fifo
+        if fifo_throughput_scope is not None:
+            self._values["fifo_throughput_scope"] = fifo_throughput_scope
         if logging_configs is not None:
             self._values["logging_configs"] = logging_configs
         if master_key is not None:
@@ -6022,6 +6123,17 @@ class TopicProps:
         result = self._values.get("fifo")
         return typing.cast(typing.Optional[builtins.bool], result)
 
+    @builtins.property
+    def fifo_throughput_scope(self) -> typing.Optional[FifoThroughputScope]:
+        '''Specifies the throughput quota and deduplication behavior to apply for the FIFO topic.
+
+        You can only set this property when ``fifo`` is ``true``.
+
+        :default: undefined - SNS default setting is FifoThroughputScope.TOPIC
+        '''
+        result = self._values.get("fifo_throughput_scope")
+        return typing.cast(typing.Optional[FifoThroughputScope], result)
+
     @builtins.property
     def logging_configs(self) -> typing.Optional[typing.List[LoggingConfig]]:
         '''The list of delivery status logging configurations for the topic.
@@ -6465,18 +6577,17 @@ class Topic(TopicBase, metaclass=jsii.JSIIMeta, jsii_type="aws-cdk-lib.aws_sns.T
 
     Example::
 
-        import aws_cdk.aws_sns as sns
+        from aws_cdk.aws_kinesisfirehose_alpha import DeliveryStream
+        # stream: DeliveryStream
         
         
-        topic = sns.Topic(self, "MyTopic")
+        topic = sns.Topic(self, "Topic")
         
-        topic_rule = iot.TopicRule(self, "TopicRule",
-            sql=iot.IotSql.from_string_as_ver20160323("SELECT topic(2) as device_id, year, month, day FROM 'device/+/data'"),
-            actions=[
-                actions.SnsTopicAction(topic,
-                    message_format=actions.SnsActionMessageFormat.JSON
-                )
-            ]
+        sns.Subscription(self, "Subscription",
+            topic=topic,
+            endpoint=stream.delivery_stream_arn,
+            protocol=sns.SubscriptionProtocol.FIREHOSE,
+            subscription_role_arn="SAMPLE_ARN"
         )
     '''
 
@@ -6489,6 +6600,7 @@ class Topic(TopicBase, metaclass=jsii.JSIIMeta, jsii_type="aws-cdk-lib.aws_sns.T
         display_name: typing.Optional[builtins.str] = None,
         enforce_ssl: typing.Optional[builtins.bool] = None,
         fifo: typing.Optional[builtins.bool] = None,
+        fifo_throughput_scope: typing.Optional[FifoThroughputScope] = None,
         logging_configs: typing.Optional[typing.Sequence[typing.Union[LoggingConfig, typing.Dict[builtins.str, typing.Any]]]] = None,
         master_key: typing.Optional[_IKey_5f11635f] = None,
         message_retention_period_in_days: typing.Optional[jsii.Number] = None,
@@ -6503,6 +6615,7 @@ class Topic(TopicBase, metaclass=jsii.JSIIMeta, jsii_type="aws-cdk-lib.aws_sns.T
         :param display_name: A developer-defined string that can be used to identify this SNS topic. The display name must be maximum 100 characters long, including hyphens (-), underscores (_), spaces, and tabs. Default: None
         :param enforce_ssl: Adds a statement to enforce encryption of data in transit when publishing to the topic. Default: false
         :param fifo: Set to true to create a FIFO topic. Default: None
+        :param fifo_throughput_scope: Specifies the throughput quota and deduplication behavior to apply for the FIFO topic. You can only set this property when ``fifo`` is ``true``. Default: undefined - SNS default setting is FifoThroughputScope.TOPIC
         :param logging_configs: The list of delivery status logging configurations for the topic. Default: None
         :param master_key: A KMS Key, either managed by this CDK app, or imported. Default: None
         :param message_retention_period_in_days: The number of days Amazon SNS retains messages. It can only be set for FIFO topics. Default: - do not archive messages
@@ -6519,6 +6632,7 @@ class Topic(TopicBase, metaclass=jsii.JSIIMeta, jsii_type="aws-cdk-lib.aws_sns.T
             display_name=display_name,
             enforce_ssl=enforce_ssl,
             fifo=fifo,
+            fifo_throughput_scope=fifo_throughput_scope,
             logging_configs=logging_configs,
             master_key=master_key,
             message_retention_period_in_days=message_retention_period_in_days,
@@ -6652,6 +6766,7 @@ __all__ = [
     "CfnTopicPolicyProps",
     "CfnTopicProps",
     "DeliveryPolicy",
+    "FifoThroughputScope",
     "Filter",
     "FilterOrPolicy",
     "FilterOrPolicyType",
@@ -6813,6 +6928,7 @@ def _typecheckingstub__3c3e689eaa6b740299fa6db2e53acc51021bc5deb0a8dd6d7bc29e8a3
     data_protection_policy: typing.Any = None,
     delivery_status_logging: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[CfnTopic.LoggingConfigProperty, typing.Dict[builtins.str, typing.Any]]]]]] = None,
     display_name: typing.Optional[builtins.str] = None,
+    fifo_throughput_scope: typing.Optional[builtins.str] = None,
     fifo_topic: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
     kms_master_key_id: typing.Optional[builtins.str] = None,
     signature_version: typing.Optional[builtins.str] = None,
@@ -6866,6 +6982,12 @@ def _typecheckingstub__7e672f7b6cfea2a409a715963f8ef1b01848153bb4867f8ad868e0bcb
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__f138e6ceb99033a1d226873b4907fde5a0fa94382f4183d377b2de329c67e644(
+    value: typing.Optional[builtins.str],
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__2a91ed56c1865e9ea5cd3d8d5ffef0aab07b45ce41c2580607fd141166a194ea(
     value: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]],
 ) -> None:
@@ -7017,6 +7139,7 @@ def _typecheckingstub__39eaeffb1fed865d99c7cf51cdf720d8471aec20b2163161ef50035fb
     data_protection_policy: typing.Any = None,
     delivery_status_logging: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[CfnTopic.LoggingConfigProperty, typing.Dict[builtins.str, typing.Any]]]]]] = None,
     display_name: typing.Optional[builtins.str] = None,
+    fifo_throughput_scope: typing.Optional[builtins.str] = None,
     fifo_topic: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
     kms_master_key_id: typing.Optional[builtins.str] = None,
     signature_version: typing.Optional[builtins.str] = None,
@@ -7322,6 +7445,7 @@ def _typecheckingstub__093960c1ab5457cc6797eb4a06c9e8fc74e41d4eaa9d0a17f00fa896d
     display_name: typing.Optional[builtins.str] = None,
     enforce_ssl: typing.Optional[builtins.bool] = None,
     fifo: typing.Optional[builtins.bool] = None,
+    fifo_throughput_scope: typing.Optional[FifoThroughputScope] = None,
     logging_configs: typing.Optional[typing.Sequence[typing.Union[LoggingConfig, typing.Dict[builtins.str, typing.Any]]]] = None,
     master_key: typing.Optional[_IKey_5f11635f] = None,
     message_retention_period_in_days: typing.Optional[jsii.Number] = None,
@@ -7364,6 +7488,7 @@ def _typecheckingstub__5bf7b7a1001dc600e81a7f1c5015e367dc471dcd727360f62a7eaf6eb
     display_name: typing.Optional[builtins.str] = None,
     enforce_ssl: typing.Optional[builtins.bool] = None,
     fifo: typing.Optional[builtins.bool] = None,
+    fifo_throughput_scope: typing.Optional[FifoThroughputScope] = None,
     logging_configs: typing.Optional[typing.Sequence[typing.Union[LoggingConfig, typing.Dict[builtins.str, typing.Any]]]] = None,
     master_key: typing.Optional[_IKey_5f11635f] = None,
     message_retention_period_in_days: typing.Optional[jsii.Number] = None,

aws_cdk/aws_ssm/__init__.py

@@ -332,7 +332,7 @@ class CfnAssociation(
         :param name: The name of the SSM document that contains the configuration information for the instance. You can specify ``Command`` or ``Automation`` documents. The documents can be AWS -predefined documents, documents you created, or a document that is shared with you from another account. For SSM documents that are shared with you from other AWS accounts , you must specify the complete SSM document ARN, in the following format: ``arn:partition:ssm:region:account-id:document/document-name`` For example: ``arn:aws:ssm:us-east-2:12345678912:document/My-Shared-Document`` For AWS -predefined documents and SSM documents you created in your account, you only need to specify the document name. For example, ``AWS -ApplyPatchBaseline`` or ``My-Document`` .
         :param apply_only_at_cron_interval: By default, when you create a new association, the system runs it immediately after it is created and then according to the schedule you specified. Specify this option if you don't want an association to run immediately after you create it. This parameter is not supported for rate expressions.
         :param association_name: Specify a descriptive name for the association.
-        :param automation_target_parameter_name: Choose the parameter that will define how your automation will branch out. This target is required for associations that use an Automation runbook and target resources by using rate controls. Automation is a capability of AWS Systems Manager .
+        :param automation_target_parameter_name: Choose the parameter that will define how your automation will branch out. This target is required for associations that use an Automation runbook and target resources by using rate controls. Automation is a tool in AWS Systems Manager .
         :param calendar_names: The names or Amazon Resource Names (ARNs) of the Change Calendar type documents your associations are gated under. The associations only run when that Change Calendar is open. For more information, see `AWS Systems Manager Change Calendar <https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-change-calendar>`_ .
         :param compliance_severity: The severity level that is assigned to the association.
         :param document_version: The version of the SSM document to associate with the target. .. epigraph:: Note the following important information. - State Manager doesn't support running associations that use a new version of a document if that document is shared from another account. State Manager always runs the ``default`` version of a document if shared from another account, even though the Systems Manager console shows that a new version was processed. If you want to run an association using a new version of a document shared form another account, you must set the document version to ``default`` . - ``DocumentVersion`` is not valid for documents owned by AWS , such as ``AWS-RunPatchBaseline`` or ``AWS-UpdateSSMAgent`` . If you specify ``DocumentVersion`` for an AWS document, the system returns the following error: "Error occurred during operation 'CreateAssociation'." (RequestToken: , HandlerErrorCode: GeneralServiceException).
@@ -937,7 +937,7 @@ class CfnAssociationProps:
         :param name: The name of the SSM document that contains the configuration information for the instance. You can specify ``Command`` or ``Automation`` documents. The documents can be AWS -predefined documents, documents you created, or a document that is shared with you from another account. For SSM documents that are shared with you from other AWS accounts , you must specify the complete SSM document ARN, in the following format: ``arn:partition:ssm:region:account-id:document/document-name`` For example: ``arn:aws:ssm:us-east-2:12345678912:document/My-Shared-Document`` For AWS -predefined documents and SSM documents you created in your account, you only need to specify the document name. For example, ``AWS -ApplyPatchBaseline`` or ``My-Document`` .
         :param apply_only_at_cron_interval: By default, when you create a new association, the system runs it immediately after it is created and then according to the schedule you specified. Specify this option if you don't want an association to run immediately after you create it. This parameter is not supported for rate expressions.
         :param association_name: Specify a descriptive name for the association.
-        :param automation_target_parameter_name: Choose the parameter that will define how your automation will branch out. This target is required for associations that use an Automation runbook and target resources by using rate controls. Automation is a capability of AWS Systems Manager .
+        :param automation_target_parameter_name: Choose the parameter that will define how your automation will branch out. This target is required for associations that use an Automation runbook and target resources by using rate controls. Automation is a tool in AWS Systems Manager .
         :param calendar_names: The names or Amazon Resource Names (ARNs) of the Change Calendar type documents your associations are gated under. The associations only run when that Change Calendar is open. For more information, see `AWS Systems Manager Change Calendar <https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-change-calendar>`_ .
         :param compliance_severity: The severity level that is assigned to the association.
         :param document_version: The version of the SSM document to associate with the target. .. epigraph:: Note the following important information. - State Manager doesn't support running associations that use a new version of a document if that document is shared from another account. State Manager always runs the ``default`` version of a document if shared from another account, even though the Systems Manager console shows that a new version was processed. If you want to run an association using a new version of a document shared form another account, you must set the document version to ``default`` . - ``DocumentVersion`` is not valid for documents owned by AWS , such as ``AWS-RunPatchBaseline`` or ``AWS-UpdateSSMAgent`` . If you specify ``DocumentVersion`` for an AWS document, the system returns the following error: "Error occurred during operation 'CreateAssociation'." (RequestToken: , HandlerErrorCode: GeneralServiceException).
@@ -1093,7 +1093,7 @@ class CfnAssociationProps:
     def automation_target_parameter_name(self) -> typing.Optional[builtins.str]:
         '''Choose the parameter that will define how your automation will branch out.
 
-        This target is required for associations that use an Automation runbook and target resources by using rate controls. Automation is a capability of AWS Systems Manager .
+        This target is required for associations that use an Automation runbook and target resources by using rate controls. Automation is a tool in AWS Systems Manager .
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-association.html#cfn-ssm-association-automationtargetparametername
         '''
@@ -1285,7 +1285,7 @@ class CfnDocument(
 ):
     '''The ``AWS::SSM::Document`` resource creates a Systems Manager (SSM) document in AWS Systems Manager .
 
-    This document d efines the actions that Systems Manager performs on your AWS resources.
+    This document defines the actions that Systems Manager performs on your AWS resources.
     .. epigraph::
 
        This resource does not support AWS CloudFormation drift detection.
@@ -7217,7 +7217,7 @@ class CfnResourcePolicy(
 ):
     '''Creates or updates a Systems Manager resource policy.
 
-    A resource policy helps you to define the IAM entity (for example, an AWS account ) that can manage your Systems Manager resources. Currently, ``OpsItemGroup`` is the only resource that supports Systems Manager resource policies. The resource policy for ``OpsItemGroup`` enables AWS accounts to view and interact with OpsCenter operational work items (OpsItems). OpsCenter is a capability of Systems Manager .
+    A resource policy helps you to define the IAM entity (for example, an AWS account ) that can manage your Systems Manager resources. Currently, ``OpsItemGroup`` is the only resource that supports Systems Manager resource policies. The resource policy for ``OpsItemGroup`` enables AWS accounts to view and interact with OpsCenter operational work items (OpsItems). OpsCenter is a tool in Systems Manager .
 
     :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-resourcepolicy.html
     :cloudformationResource: AWS::SSM::ResourcePolicy

aws_cdk/aws_ssmquicksetup/__init__.py

@@ -307,7 +307,7 @@ class CfnConfigurationManager(
         def __init__(
             self,
             *,
-            parameters: typing.Union[_IResolvable_da3f097b, typing.Mapping[builtins.str, builtins.str]],
+            parameters: typing.Union[typing.Mapping[builtins.str, builtins.str], _IResolvable_da3f097b],
             type: builtins.str,
             id: typing.Optional[builtins.str] = None,
             local_deployment_administration_role_arn: typing.Optional[builtins.str] = None,
@@ -316,7 +316,7 @@ class CfnConfigurationManager(
         ) -> None:
             '''The definition of a Quick Setup configuration.
 
-            :param parameters: The parameters for the configuration definition type. Parameters for configuration definitions vary based the configuration type. The following lists outline the parameters for each configuration type. - **AWS Config Recording (Type: AWS QuickSetupType-CFGRecording)** - - ``RecordAllResources`` - Description: (Optional) A boolean value that determines whether all supported resources are recorded. The default value is " ``true`` ". - ``ResourceTypesToRecord`` - Description: (Optional) A comma separated list of resource types you want to record. - ``RecordGlobalResourceTypes`` - Description: (Optional) A boolean value that determines whether global resources are recorded with all resource configurations. The default value is " ``false`` ". - ``GlobalResourceTypesRegion`` - Description: (Optional) Determines the AWS Region where global resources are recorded. - ``UseCustomBucket`` - Description: (Optional) A boolean value that determines whether a custom Amazon S3 bucket is used for delivery. The default value is " ``false`` ". - ``DeliveryBucketName`` - Description: (Optional) The name of the Amazon S3 bucket you want AWS Config to deliver configuration snapshots and configuration history files to. - ``DeliveryBucketPrefix`` - Description: (Optional) The key prefix you want to use in the custom Amazon S3 bucket. - ``NotificationOptions`` - Description: (Optional) Determines the notification configuration for the recorder. The valid values are ``NoStreaming`` , ``UseExistingTopic`` , and ``CreateTopic`` . The default value is ``NoStreaming`` . - ``CustomDeliveryTopicAccountId`` - Description: (Optional) The ID of the AWS account where the Amazon SNS topic you want to use for notifications resides. You must specify a value for this parameter if you use the ``UseExistingTopic`` notification option. - ``CustomDeliveryTopicName`` - Description: (Optional) The name of the Amazon SNS topic you want to use for notifications. You must specify a value for this parameter if you use the ``UseExistingTopic`` notification option. - ``RemediationSchedule`` - Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are ``rate(30 days)`` , ``rate(7 days)`` , ``rate(1 days)`` , and ``none`` . The default value is " ``none`` ". - ``TargetAccounts`` - Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either ``TargetAccounts`` or ``TargetOrganizationalUnits`` . - ``TargetOrganizationalUnits`` - Description: (Optional) The ID of the root of your Organization. This configuration type doesn't currently support choosing specific OUs. The configuration will be deployed to all the OUs in the Organization. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. - **Change Manager (Type: AWS QuickSetupType-SSMChangeMgr)** - - ``DelegatedAccountId`` - Description: (Required) The ID of the delegated administrator account. - ``JobFunction`` - Description: (Required) The name for the Change Manager job function. - ``PermissionType`` - Description: (Optional) Specifies whether you want to use default administrator permissions for the job function role, or provide a custom IAM policy. The valid values are ``CustomPermissions`` and ``AdminPermissions`` . The default value for the parameter is ``CustomerPermissions`` . - ``CustomPermissions`` - Description: (Optional) A JSON string containing the IAM policy you want your job function to use. You must provide a value for this parameter if you specify ``CustomPermissions`` for the ``PermissionType`` parameter. - ``TargetOrganizationalUnits`` - Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. - **Conformance Packs (Type: AWS QuickSetupType-CFGCPacks)** - - ``DelegatedAccountId`` - Description: (Optional) The ID of the delegated administrator account. This parameter is required for Organization deployments. - ``RemediationSchedule`` - Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are ``rate(30 days)`` , ``rate(14 days)`` , ``rate(2 days)`` , and ``none`` . The default value is " ``none`` ". - ``CPackNames`` - Description: (Required) A comma separated list of AWS Config conformance packs. - ``TargetAccounts`` - Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either ``TargetAccounts`` or ``TargetOrganizationalUnits`` . - ``TargetOrganizationalUnits`` - Description: (Optional) The ID of the root of your Organization. This configuration type doesn't currently support choosing specific OUs. The configuration will be deployed to all the OUs in the Organization. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. - **Default Host Management Configuration (Type: AWS QuickSetupType-DHMC)** - - ``UpdateSSMAgent`` - Description: (Optional) A boolean value that determines whether the SSM Agent is updated on the target instances every 2 weeks. The default value is " ``true`` ". - ``TargetOrganizationalUnits`` - Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. - **DevOps Guru (Type: AWS QuickSetupType-DevOpsGuru)** - - ``AnalyseAllResources`` - Description: (Optional) A boolean value that determines whether DevOps Guru analyzes all AWS CloudFormation stacks in the account. The default value is " ``false`` ". - ``EnableSnsNotifications`` - Description: (Optional) A boolean value that determines whether DevOps Guru sends notifications when an insight is created. The default value is " ``true`` ". - ``EnableSsmOpsItems`` - Description: (Optional) A boolean value that determines whether DevOps Guru creates an OpsCenter OpsItem when an insight is created. The default value is " ``true`` ". - ``EnableDriftRemediation`` - Description: (Optional) A boolean value that determines whether a drift remediation schedule is used. The default value is " ``false`` ". - ``RemediationSchedule`` - Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are ``rate(30 days)`` , ``rate(14 days)`` , ``rate(1 days)`` , and ``none`` . The default value is " ``none`` ". - ``TargetAccounts`` - Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either ``TargetAccounts`` or ``TargetOrganizationalUnits`` . - ``TargetOrganizationalUnits`` - Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. - **Distributor (Type: AWS QuickSetupType-Distributor)** - - ``PackagesToInstall`` - Description: (Required) A comma separated list of packages you want to install on the target instances. The valid values are ``AWSEFSTools`` , ``AWSCWAgent`` , and ``AWSEC2LaunchAgent`` . - ``RemediationSchedule`` - Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are ``rate(30 days)`` , ``rate(14 days)`` , ``rate(2 days)`` , and ``none`` . The default value is " ``rate(30 days)`` ". - ``IsPolicyAttachAllowed`` - Description: (Optional) A boolean value that determines whether Quick Setup attaches policies to instances profiles already associated with the target instances. The default value is " ``false`` ". - ``TargetType`` - Description: (Optional) Determines how instances are targeted for local account deployments. Don't specify a value for this parameter if you're deploying to OUs. The valid values are ``*`` , ``InstanceIds`` , ``ResourceGroups`` , and ``Tags`` . Use ``*`` to target all instances in the account. - ``TargetInstances`` - Description: (Optional) A comma separated list of instance IDs. You must provide a value for this parameter if you specify ``InstanceIds`` for the ``TargetType`` parameter. - ``TargetTagKey`` - Description: (Required) The tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify ``Tags`` for the ``TargetType`` parameter. - ``TargetTagValue`` - Description: (Required) The value of the tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify ``Tags`` for the ``TargetType`` parameter. - ``ResourceGroupName`` - Description: (Required) The name of the resource group associated with the instances you want to target. You must provide a value for this parameter if you specify ``ResourceGroups`` for the ``TargetType`` parameter. - ``TargetAccounts`` - Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either ``TargetAccounts`` or ``TargetOrganizationalUnits`` . - ``TargetOrganizationalUnits`` - Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. - **Host Management (Type: AWS QuickSetupType-SSMHostMgmt)** - - ``UpdateSSMAgent`` - Description: (Optional) A boolean value that determines whether the SSM Agent is updated on the target instances every 2 weeks. The default value is " ``true`` ". - ``UpdateEc2LaunchAgent`` - Description: (Optional) A boolean value that determines whether the EC2 Launch agent is updated on the target instances every month. The default value is " ``false`` ". - ``CollectInventory`` - Description: (Optional) A boolean value that determines whether the EC2 Launch agent is updated on the target instances every month. The default value is " ``true`` ". - ``ScanInstances`` - Description: (Optional) A boolean value that determines whether the target instances are scanned daily for available patches. The default value is " ``true`` ". - ``InstallCloudWatchAgent`` - Description: (Optional) A boolean value that determines whether the Amazon CloudWatch agent is installed on the target instances. The default value is " ``false`` ". - ``UpdateCloudWatchAgent`` - Description: (Optional) A boolean value that determines whether the Amazon CloudWatch agent is updated on the target instances every month. The default value is " ``false`` ". - ``IsPolicyAttachAllowed`` - Description: (Optional) A boolean value that determines whether Quick Setup attaches policies to instances profiles already associated with the target instances. The default value is " ``false`` ". - ``TargetType`` - Description: (Optional) Determines how instances are targeted for local account deployments. Don't specify a value for this parameter if you're deploying to OUs. The valid values are ``*`` , ``InstanceIds`` , ``ResourceGroups`` , and ``Tags`` . Use ``*`` to target all instances in the account. - ``TargetInstances`` - Description: (Optional) A comma separated list of instance IDs. You must provide a value for this parameter if you specify ``InstanceIds`` for the ``TargetType`` parameter. - ``TargetTagKey`` - Description: (Optional) The tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify ``Tags`` for the ``TargetType`` parameter. - ``TargetTagValue`` - Description: (Optional) The value of the tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify ``Tags`` for the ``TargetType`` parameter. - ``ResourceGroupName`` - Description: (Optional) The name of the resource group associated with the instances you want to target. You must provide a value for this parameter if you specify ``ResourceGroups`` for the ``TargetType`` parameter. - ``TargetAccounts`` - Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either ``TargetAccounts`` or ``TargetOrganizationalUnits`` . - ``TargetOrganizationalUnits`` - Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. - **OpsCenter (Type: AWS QuickSetupType-SSMOpsCenter)** - - ``DelegatedAccountId`` - Description: (Required) The ID of the delegated administrator account. - ``TargetOrganizationalUnits`` - Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. - **Patch Policy (Type: AWS QuickSetupType-PatchPolicy)** - - ``PatchPolicyName`` - Description: (Required) A name for the patch policy. The value you provide is applied to target Amazon EC2 instances as a tag. - ``SelectedPatchBaselines`` - Description: (Required) An array of JSON objects containing the information for the patch baselines to include in your patch policy. - ``PatchBaselineUseDefault`` - Description: (Optional) A boolean value that determines whether the selected patch baselines are all AWS provided. - ``ConfigurationOptionsPatchOperation`` - Description: (Optional) Determines whether target instances scan for available patches, or scan and install available patches. The valid values are ``Scan`` and ``ScanAndInstall`` . The default value for the parameter is ``Scan`` . - ``ConfigurationOptionsScanValue`` - Description: (Optional) A cron expression that is used as the schedule for when instances scan for available patches. - ``ConfigurationOptionsInstallValue`` - Description: (Optional) A cron expression that is used as the schedule for when instances install available patches. - ``ConfigurationOptionsScanNextInterval`` - Description: (Optional) A boolean value that determines whether instances should scan for available patches at the next cron interval. The default value is " ``false`` ". - ``ConfigurationOptionsInstallNextInterval`` - Description: (Optional) A boolean value that determines whether instances should scan for available patches at the next cron interval. The default value is " ``false`` ". - ``RebootOption`` - Description: (Optional) Determines whether instances are rebooted after patches are installed. Valid values are ``RebootIfNeeded`` and ``NoReboot`` . - ``IsPolicyAttachAllowed`` - Description: (Optional) A boolean value that determines whether Quick Setup attaches policies to instances profiles already associated with the target instances. The default value is " ``false`` ". - ``OutputLogEnableS3`` - Description: (Optional) A boolean value that determines whether command output logs are sent to Amazon S3. - ``OutputS3Location`` - Description: (Optional) A JSON string containing information about the Amazon S3 bucket where you want to store the output details of the request. - ``OutputS3BucketRegion`` - Description: (Optional) The AWS Region where the Amazon S3 bucket you want to deliver command output to is located. - ``OutputS3BucketName`` - Description: (Optional) The name of the Amazon S3 bucket you want to deliver command output to. - ``OutputS3KeyPrefix`` - Description: (Optional) The key prefix you want to use in the custom Amazon S3 bucket. - ``TargetType`` - Description: (Optional) Determines how instances are targeted for local account deployments. Don't specify a value for this parameter if you're deploying to OUs. The valid values are ``*`` , ``InstanceIds`` , ``ResourceGroups`` , and ``Tags`` . Use ``*`` to target all instances in the account. - ``TargetInstances`` - Description: (Optional) A comma separated list of instance IDs. You must provide a value for this parameter if you specify ``InstanceIds`` for the ``TargetType`` parameter. - ``TargetTagKey`` - Description: (Required) The tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify ``Tags`` for the ``TargetType`` parameter. - ``TargetTagValue`` - Description: (Required) The value of the tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify ``Tags`` for the ``TargetType`` parameter. - ``ResourceGroupName`` - Description: (Required) The name of the resource group associated with the instances you want to target. You must provide a value for this parameter if you specify ``ResourceGroups`` for the ``TargetType`` parameter. - ``TargetAccounts`` - Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either ``TargetAccounts`` or ``TargetOrganizationalUnits`` . - ``TargetOrganizationalUnits`` - Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. - **Resource Explorer (Type: AWS QuickSetupType-ResourceExplorer)** - - ``SelectedAggregatorRegion`` - Description: (Required) The AWS Region where you want to create the aggregator index. - ``ReplaceExistingAggregator`` - Description: (Required) A boolean value that determines whether to demote an existing aggregator if it is in a Region that differs from the value you specify for the ``SelectedAggregatorRegion`` . - ``TargetOrganizationalUnits`` - Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. - **Resource Scheduler (Type: AWS QuickSetupType-Scheduler)** - - ``TargetTagKey`` - Description: (Required) The tag key assigned to the instances you want to target. - ``TargetTagValue`` - Description: (Required) The value of the tag key assigned to the instances you want to target. - ``ICalendarString`` - Description: (Required) An iCalendar formatted string containing the schedule you want Change Manager to use. - ``TargetAccounts`` - Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either ``TargetAccounts`` or ``TargetOrganizationalUnits`` . - ``TargetOrganizationalUnits`` - Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.
+            :param parameters: The parameters for the configuration definition type. Parameters for configuration definitions vary based the configuration type. The following lists outline the parameters for each configuration type. - **AWS Config Recording (Type: AWS QuickSetupType-CFGRecording)** - - ``RecordAllResources`` - Description: (Optional) A boolean value that determines whether all supported resources are recorded. The default value is " ``true`` ". - ``ResourceTypesToRecord`` - Description: (Optional) A comma separated list of resource types you want to record. - ``RecordGlobalResourceTypes`` - Description: (Optional) A boolean value that determines whether global resources are recorded with all resource configurations. The default value is " ``false`` ". - ``GlobalResourceTypesRegion`` - Description: (Optional) Determines the AWS Region where global resources are recorded. - ``UseCustomBucket`` - Description: (Optional) A boolean value that determines whether a custom Amazon S3 bucket is used for delivery. The default value is " ``false`` ". - ``DeliveryBucketName`` - Description: (Optional) The name of the Amazon S3 bucket you want AWS Config to deliver configuration snapshots and configuration history files to. - ``DeliveryBucketPrefix`` - Description: (Optional) The key prefix you want to use in the custom Amazon S3 bucket. - ``NotificationOptions`` - Description: (Optional) Determines the notification configuration for the recorder. The valid values are ``NoStreaming`` , ``UseExistingTopic`` , and ``CreateTopic`` . The default value is ``NoStreaming`` . - ``CustomDeliveryTopicAccountId`` - Description: (Optional) The ID of the AWS account where the Amazon SNS topic you want to use for notifications resides. You must specify a value for this parameter if you use the ``UseExistingTopic`` notification option. - ``CustomDeliveryTopicName`` - Description: (Optional) The name of the Amazon SNS topic you want to use for notifications. You must specify a value for this parameter if you use the ``UseExistingTopic`` notification option. - ``RemediationSchedule`` - Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are ``rate(30 days)`` , ``rate(7 days)`` , ``rate(1 days)`` , and ``none`` . The default value is " ``none`` ". - ``TargetAccounts`` - Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either ``TargetAccounts`` or ``TargetOrganizationalUnits`` . - ``TargetOrganizationalUnits`` - Description: (Optional) The ID of the root of your Organization. This configuration type doesn't currently support choosing specific OUs. The configuration will be deployed to all the OUs in the Organization. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. - **Change Manager (Type: AWS QuickSetupType-SSMChangeMgr)** - - ``DelegatedAccountId`` - Description: (Required) The ID of the delegated administrator account. - ``JobFunction`` - Description: (Required) The name for the Change Manager job function. - ``PermissionType`` - Description: (Optional) Specifies whether you want to use default administrator permissions for the job function role, or provide a custom IAM policy. The valid values are ``CustomPermissions`` and ``AdminPermissions`` . The default value for the parameter is ``CustomerPermissions`` . - ``CustomPermissions`` - Description: (Optional) A JSON string containing the IAM policy you want your job function to use. You must provide a value for this parameter if you specify ``CustomPermissions`` for the ``PermissionType`` parameter. - ``TargetOrganizationalUnits`` - Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. - **Conformance Packs (Type: AWS QuickSetupType-CFGCPacks)** - - ``DelegatedAccountId`` - Description: (Optional) The ID of the delegated administrator account. This parameter is required for Organization deployments. - ``RemediationSchedule`` - Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are ``rate(30 days)`` , ``rate(14 days)`` , ``rate(2 days)`` , and ``none`` . The default value is " ``none`` ". - ``CPackNames`` - Description: (Required) A comma separated list of AWS Config conformance packs. - ``TargetAccounts`` - Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either ``TargetAccounts`` or ``TargetOrganizationalUnits`` . - ``TargetOrganizationalUnits`` - Description: (Optional) The ID of the root of your Organization. This configuration type doesn't currently support choosing specific OUs. The configuration will be deployed to all the OUs in the Organization. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. - **Default Host Management Configuration (Type: AWS QuickSetupType-DHMC)** - - ``UpdateSSMAgent`` - Description: (Optional) A boolean value that determines whether the SSM Agent is updated on the target instances every 2 weeks. The default value is " ``true`` ". - ``TargetOrganizationalUnits`` - Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. - **DevOps Guru (Type: AWS QuickSetupType-DevOpsGuru)** - - ``AnalyseAllResources`` - Description: (Optional) A boolean value that determines whether DevOps Guru analyzes all AWS CloudFormation stacks in the account. The default value is " ``false`` ". - ``EnableSnsNotifications`` - Description: (Optional) A boolean value that determines whether DevOps Guru sends notifications when an insight is created. The default value is " ``true`` ". - ``EnableSsmOpsItems`` - Description: (Optional) A boolean value that determines whether DevOps Guru creates an OpsCenter OpsItem when an insight is created. The default value is " ``true`` ". - ``EnableDriftRemediation`` - Description: (Optional) A boolean value that determines whether a drift remediation schedule is used. The default value is " ``false`` ". - ``RemediationSchedule`` - Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are ``rate(30 days)`` , ``rate(14 days)`` , ``rate(1 days)`` , and ``none`` . The default value is " ``none`` ". - ``TargetAccounts`` - Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either ``TargetAccounts`` or ``TargetOrganizationalUnits`` . - ``TargetOrganizationalUnits`` - Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. - **Distributor (Type: AWS QuickSetupType-Distributor)** - - ``PackagesToInstall`` - Description: (Required) A comma separated list of packages you want to install on the target instances. The valid values are ``AWSEFSTools`` , ``AWSCWAgent`` , and ``AWSEC2LaunchAgent`` . - ``RemediationSchedule`` - Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are ``rate(30 days)`` , ``rate(14 days)`` , ``rate(2 days)`` , and ``none`` . The default value is " ``rate(30 days)`` ". - ``IsPolicyAttachAllowed`` - Description: (Optional) A boolean value that determines whether Quick Setup attaches policies to instances profiles already associated with the target instances. The default value is " ``false`` ". - ``TargetType`` - Description: (Optional) Determines how instances are targeted for local account deployments. Don't specify a value for this parameter if you're deploying to OUs. The valid values are ``*`` , ``InstanceIds`` , ``ResourceGroups`` , and ``Tags`` . Use ``*`` to target all instances in the account. - ``TargetInstances`` - Description: (Optional) A comma separated list of instance IDs. You must provide a value for this parameter if you specify ``InstanceIds`` for the ``TargetType`` parameter. - ``TargetTagKey`` - Description: (Required) The tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify ``Tags`` for the ``TargetType`` parameter. - ``TargetTagValue`` - Description: (Required) The value of the tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify ``Tags`` for the ``TargetType`` parameter. - ``ResourceGroupName`` - Description: (Required) The name of the resource group associated with the instances you want to target. You must provide a value for this parameter if you specify ``ResourceGroups`` for the ``TargetType`` parameter. - ``TargetAccounts`` - Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either ``TargetAccounts`` or ``TargetOrganizationalUnits`` . - ``TargetOrganizationalUnits`` - Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. - **Host Management (Type: AWS QuickSetupType-SSMHostMgmt)** - - ``UpdateSSMAgent`` - Description: (Optional) A boolean value that determines whether the SSM Agent is updated on the target instances every 2 weeks. The default value is " ``true`` ". - ``UpdateEc2LaunchAgent`` - Description: (Optional) A boolean value that determines whether the EC2 Launch agent is updated on the target instances every month. The default value is " ``false`` ". - ``CollectInventory`` - Description: (Optional) A boolean value that determines whether instance metadata is collected on the target instances every 30 minutes. The default value is " ``true`` ". - ``ScanInstances`` - Description: (Optional) A boolean value that determines whether the target instances are scanned daily for available patches. The default value is " ``true`` ". - ``InstallCloudWatchAgent`` - Description: (Optional) A boolean value that determines whether the Amazon CloudWatch agent is installed on the target instances. The default value is " ``false`` ". - ``UpdateCloudWatchAgent`` - Description: (Optional) A boolean value that determines whether the Amazon CloudWatch agent is updated on the target instances every month. The default value is " ``false`` ". - ``IsPolicyAttachAllowed`` - Description: (Optional) A boolean value that determines whether Quick Setup attaches policies to instances profiles already associated with the target instances. The default value is " ``false`` ". - ``TargetType`` - Description: (Optional) Determines how instances are targeted for local account deployments. Don't specify a value for this parameter if you're deploying to OUs. The valid values are ``*`` , ``InstanceIds`` , ``ResourceGroups`` , and ``Tags`` . Use ``*`` to target all instances in the account. - ``TargetInstances`` - Description: (Optional) A comma separated list of instance IDs. You must provide a value for this parameter if you specify ``InstanceIds`` for the ``TargetType`` parameter. - ``TargetTagKey`` - Description: (Optional) The tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify ``Tags`` for the ``TargetType`` parameter. - ``TargetTagValue`` - Description: (Optional) The value of the tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify ``Tags`` for the ``TargetType`` parameter. - ``ResourceGroupName`` - Description: (Optional) The name of the resource group associated with the instances you want to target. You must provide a value for this parameter if you specify ``ResourceGroups`` for the ``TargetType`` parameter. - ``TargetAccounts`` - Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either ``TargetAccounts`` or ``TargetOrganizationalUnits`` . - ``TargetOrganizationalUnits`` - Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. - **OpsCenter (Type: AWS QuickSetupType-SSMOpsCenter)** - - ``DelegatedAccountId`` - Description: (Required) The ID of the delegated administrator account. - ``TargetOrganizationalUnits`` - Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. - **Patch Policy (Type: AWS QuickSetupType-PatchPolicy)** - - ``PatchPolicyName`` - Description: (Required) A name for the patch policy. The value you provide is applied to target Amazon EC2 instances as a tag. - ``SelectedPatchBaselines`` - Description: (Required) An array of JSON objects containing the information for the patch baselines to include in your patch policy. - ``PatchBaselineUseDefault`` - Description: (Optional) A boolean value that determines whether the selected patch baselines are all AWS provided. - ``ConfigurationOptionsPatchOperation`` - Description: (Optional) Determines whether target instances scan for available patches, or scan and install available patches. The valid values are ``Scan`` and ``ScanAndInstall`` . The default value for the parameter is ``Scan`` . - ``ConfigurationOptionsScanValue`` - Description: (Optional) A cron expression that is used as the schedule for when instances scan for available patches. - ``ConfigurationOptionsInstallValue`` - Description: (Optional) A cron expression that is used as the schedule for when instances install available patches. - ``ConfigurationOptionsScanNextInterval`` - Description: (Optional) A boolean value that determines whether instances should scan for available patches at the next cron interval. The default value is " ``false`` ". - ``ConfigurationOptionsInstallNextInterval`` - Description: (Optional) A boolean value that determines whether instances should scan for available patches at the next cron interval. The default value is " ``false`` ". - ``RebootOption`` - Description: (Optional) Determines whether instances are rebooted after patches are installed. Valid values are ``RebootIfNeeded`` and ``NoReboot`` . - ``IsPolicyAttachAllowed`` - Description: (Optional) A boolean value that determines whether Quick Setup attaches policies to instances profiles already associated with the target instances. The default value is " ``false`` ". - ``OutputLogEnableS3`` - Description: (Optional) A boolean value that determines whether command output logs are sent to Amazon S3. - ``OutputS3Location`` - Description: (Optional) A JSON string containing information about the Amazon S3 bucket where you want to store the output details of the request. - ``OutputS3BucketRegion`` - Description: (Optional) The AWS Region where the Amazon S3 bucket you want to deliver command output to is located. - ``OutputS3BucketName`` - Description: (Optional) The name of the Amazon S3 bucket you want to deliver command output to. - ``OutputS3KeyPrefix`` - Description: (Optional) The key prefix you want to use in the custom Amazon S3 bucket. - ``TargetType`` - Description: (Optional) Determines how instances are targeted for local account deployments. Don't specify a value for this parameter if you're deploying to OUs. The valid values are ``*`` , ``InstanceIds`` , ``ResourceGroups`` , and ``Tags`` . Use ``*`` to target all instances in the account. - ``TargetInstances`` - Description: (Optional) A comma separated list of instance IDs. You must provide a value for this parameter if you specify ``InstanceIds`` for the ``TargetType`` parameter. - ``TargetTagKey`` - Description: (Required) The tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify ``Tags`` for the ``TargetType`` parameter. - ``TargetTagValue`` - Description: (Required) The value of the tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify ``Tags`` for the ``TargetType`` parameter. - ``ResourceGroupName`` - Description: (Required) The name of the resource group associated with the instances you want to target. You must provide a value for this parameter if you specify ``ResourceGroups`` for the ``TargetType`` parameter. - ``TargetAccounts`` - Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either ``TargetAccounts`` or ``TargetOrganizationalUnits`` . - ``TargetOrganizationalUnits`` - Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. - **Resource Explorer (Type: AWS QuickSetupType-ResourceExplorer)** - - ``SelectedAggregatorRegion`` - Description: (Required) The AWS Region where you want to create the aggregator index. - ``ReplaceExistingAggregator`` - Description: (Required) A boolean value that determines whether to demote an existing aggregator if it is in a Region that differs from the value you specify for the ``SelectedAggregatorRegion`` . - ``TargetOrganizationalUnits`` - Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. - **Resource Scheduler (Type: AWS QuickSetupType-Scheduler)** - - ``TargetTagKey`` - Description: (Required) The tag key assigned to the instances you want to target. - ``TargetTagValue`` - Description: (Required) The value of the tag key assigned to the instances you want to target. - ``ICalendarString`` - Description: (Required) An iCalendar formatted string containing the schedule you want Change Manager to use. - ``TargetAccounts`` - Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either ``TargetAccounts`` or ``TargetOrganizationalUnits`` . - ``TargetOrganizationalUnits`` - Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to. - ``TargetRegions`` - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to.
             :param type: The type of the Quick Setup configuration.
             :param id: The ID of the configuration definition.
             :param local_deployment_administration_role_arn: The ARN of the IAM role used to administrate local configuration deployments.
@@ -369,7 +369,7 @@ class CfnConfigurationManager(
         @builtins.property
         def parameters(
             self,
-        ) -> typing.Union[_IResolvable_da3f097b, typing.Mapping[builtins.str, builtins.str]]:
+        ) -> typing.Union[typing.Mapping[builtins.str, builtins.str], _IResolvable_da3f097b]:
             '''The parameters for the configuration definition type.
 
             Parameters for configuration definitions vary based the configuration type. The following lists outline the parameters for each configuration type.
@@ -475,7 +475,7 @@ class CfnConfigurationManager(
             - ``UpdateEc2LaunchAgent``
             - Description: (Optional) A boolean value that determines whether the EC2 Launch agent is updated on the target instances every month. The default value is " ``false`` ".
             - ``CollectInventory``
-            - Description: (Optional) A boolean value that determines whether the EC2 Launch agent is updated on the target instances every month. The default value is " ``true`` ".
+            - Description: (Optional) A boolean value that determines whether instance metadata is collected on the target instances every 30 minutes. The default value is " ``true`` ".
             - ``ScanInstances``
             - Description: (Optional) A boolean value that determines whether the target instances are scanned daily for available patches. The default value is " ``true`` ".
             - ``InstallCloudWatchAgent``
@@ -577,7 +577,7 @@ class CfnConfigurationManager(
             '''
             result = self._values.get("parameters")
             assert result is not None, "Required property 'parameters' is missing"
-            return typing.cast(typing.Union[_IResolvable_da3f097b, typing.Mapping[builtins.str, builtins.str]], result)
+            return typing.cast(typing.Union[typing.Mapping[builtins.str, builtins.str], _IResolvable_da3f097b], result)
 
         @builtins.property
         def type(self) -> builtins.str:
@@ -656,7 +656,7 @@ class CfnConfigurationManager(
             last_updated_at: builtins.str,
             status_type: builtins.str,
             status: typing.Optional[builtins.str] = None,
-            status_details: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Mapping[builtins.str, builtins.str]]] = None,
+            status_details: typing.Optional[typing.Union[typing.Mapping[builtins.str, builtins.str], _IResolvable_da3f097b]] = None,
             status_message: typing.Optional[builtins.str] = None,
         ) -> None:
             '''A summarized description of the status.
@@ -738,13 +738,13 @@ class CfnConfigurationManager(
         @builtins.property
         def status_details(
             self,
-        ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Mapping[builtins.str, builtins.str]]]:
+        ) -> typing.Optional[typing.Union[typing.Mapping[builtins.str, builtins.str], _IResolvable_da3f097b]]:
             '''Details about the status.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssmquicksetup-configurationmanager-statussummary.html#cfn-ssmquicksetup-configurationmanager-statussummary-statusdetails
             '''
             result = self._values.get("status_details")
-            return typing.cast(typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Mapping[builtins.str, builtins.str]]], result)
+            return typing.cast(typing.Optional[typing.Union[typing.Mapping[builtins.str, builtins.str], _IResolvable_da3f097b]], result)
 
         @builtins.property
         def status_message(self) -> typing.Optional[builtins.str]:
@@ -950,7 +950,7 @@ def _typecheckingstub__e616ab12615353ce8adb7959fdd264518ca60136764500b5507fb35dd
 
 def _typecheckingstub__5de88cdf2c4ba7069e306fade91e021ab2a61a9f9d1bdde1ced8a9f3f54e2741(
     *,
-    parameters: typing.Union[_IResolvable_da3f097b, typing.Mapping[builtins.str, builtins.str]],
+    parameters: typing.Union[typing.Mapping[builtins.str, builtins.str], _IResolvable_da3f097b],
     type: builtins.str,
     id: typing.Optional[builtins.str] = None,
     local_deployment_administration_role_arn: typing.Optional[builtins.str] = None,
@@ -965,7 +965,7 @@ def _typecheckingstub__0a15d3717729affa2b751047a4b5b72469d29c10060f85ac60b65e8bc
     last_updated_at: builtins.str,
     status_type: builtins.str,
     status: typing.Optional[builtins.str] = None,
-    status_details: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Mapping[builtins.str, builtins.str]]] = None,
+    status_details: typing.Optional[typing.Union[typing.Mapping[builtins.str, builtins.str], _IResolvable_da3f097b]] = None,
     status_message: typing.Optional[builtins.str] = None,
 ) -> None:
     """Type checking stubs"""