aws-cdk-lib 2.179.0__tar.gz → 2.181.0__tar.gz

{aws_cdk_lib-2.179.0/src/aws_cdk_lib.egg-info → aws_cdk_lib-2.181.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: aws-cdk-lib
-Version: 2.179.0
+Version: 2.181.0
 Summary: Version 2 of the AWS Cloud Development Kit library
 Home-page: https://github.com/aws/aws-cdk
 Author: Amazon Web Services

{aws_cdk_lib-2.179.0 → aws_cdk_lib-2.181.0}/setup.py

@@ -5,7 +5,7 @@ kwargs = json.loads(
     """
 {
     "name": "aws-cdk-lib",
-    "version": "2.179.0",
+    "version": "2.181.0",
     "description": "Version 2 of the AWS Cloud Development Kit library",
     "license": "Apache-2.0",
     "url": "https://github.com/aws/aws-cdk",
@@ -315,7 +315,7 @@ kwargs = json.loads(
     ],
     "package_data": {
         "aws_cdk._jsii": [
-            "aws-cdk-lib@2.179.0.jsii.tgz"
+            "aws-cdk-lib@2.181.0.jsii.tgz"
         ],
         "aws_cdk": [
             "py.typed"

{aws_cdk_lib-2.179.0 → aws_cdk_lib-2.181.0}/src/aws_cdk/__init__.py

@@ -5267,8 +5267,8 @@ class CfnGuardHookProps:
         :param target_operations: Specifies the list of operations the Hook is run against. For more information, see `Hook targets <https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-concepts.html#hook-terms-hook-target>`_ in the *AWS CloudFormation Hooks User Guide* . Valid values: ``STACK`` | ``RESOURCE`` | ``CHANGE_SET`` | ``CLOUD_CONTROL``
         :param log_bucket: Specifies the name of an S3 bucket to store the Guard output report. This report contains the results of your Guard rule validations.
         :param options: Specifies the S3 location of your input parameters.
-        :param stack_filters: Specifies the stack level filters for the Hook.
-        :param target_filters: Specifies the target filters for the Hook.
+        :param stack_filters: Specifies the stack level filters for the Hook. Example stack level filter in JSON: ``"StackFilters": {"FilteringCriteria": "ALL", "StackNames": {"Exclude": [ "stack-1", "stack-2"]}}`` Example stack level filter in YAML: ``StackFilters: FilteringCriteria: ALL StackNames: Exclude: - stack-1 - stack-2``
+        :param target_filters: Specifies the target filters for the Hook. Example target filter in JSON: ``"TargetFilters": {"Actions": [ "Create", "Update", "Delete" ]}`` Example target filter in YAML: ``TargetFilters: Actions: - CREATE - UPDATE - DELETE``
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-guardhook.html
         :exampleMetadata: fixture=_generated
@@ -5454,6 +5454,14 @@ class CfnGuardHookProps:
     ) -> typing.Optional[typing.Union["IResolvable", "CfnGuardHook.StackFiltersProperty"]]:
         '''Specifies the stack level filters for the Hook.
 
+        Example stack level filter in JSON:
+
+        ``"StackFilters": {"FilteringCriteria": "ALL", "StackNames": {"Exclude": [ "stack-1", "stack-2"]}}``
+
+        Example stack level filter in YAML:
+
+        ``StackFilters: FilteringCriteria: ALL StackNames: Exclude: - stack-1 - stack-2``
+
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-guardhook.html#cfn-cloudformation-guardhook-stackfilters
         '''
         result = self._values.get("stack_filters")
@@ -5465,6 +5473,14 @@ class CfnGuardHookProps:
     ) -> typing.Optional[typing.Union["IResolvable", "CfnGuardHook.TargetFiltersProperty"]]:
         '''Specifies the target filters for the Hook.
 
+        Example target filter in JSON:
+
+        ``"TargetFilters": {"Actions": [ "Create", "Update", "Delete" ]}``
+
+        Example target filter in YAML:
+
+        ``TargetFilters: Actions: - CREATE - UPDATE - DELETE``
+
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-guardhook.html#cfn-cloudformation-guardhook-targetfilters
         '''
         result = self._values.get("target_filters")
@@ -6058,8 +6074,8 @@ class CfnLambdaHookProps:
         :param hook_status: Specifies if the Hook is ``ENABLED`` or ``DISABLED`` . Default: - "ENABLED"
         :param lambda_function: Specifies the Lambda function for the Hook. You can use:. - The full Amazon Resource Name (ARN) without a suffix. - A qualified ARN with a version or alias suffix.
         :param target_operations: Specifies the list of operations the Hook is run against. For more information, see `Hook targets <https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-concepts.html#hook-terms-hook-target>`_ in the *AWS CloudFormation Hooks User Guide* . Valid values: ``STACK`` | ``RESOURCE`` | ``CHANGE_SET`` | ``CLOUD_CONTROL``
-        :param stack_filters: Specifies the stack level filters for the Hook.
-        :param target_filters: Specifies the target filters for the Hook.
+        :param stack_filters: Specifies the stack level filters for the Hook. Example stack level filter in JSON: ``"StackFilters": {"FilteringCriteria": "ALL", "StackNames": {"Exclude": [ "stack-1", "stack-2"]}}`` Example stack level filter in YAML: ``StackFilters: FilteringCriteria: ALL StackNames: Exclude: - stack-1 - stack-2``
+        :param target_filters: Specifies the target filters for the Hook. Example target filter in JSON: ``"TargetFilters": {"Actions": [ "Create", "Update", "Delete" ]}`` Example target filter in YAML: ``TargetFilters: Actions: - CREATE - UPDATE - DELETE``
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-lambdahook.html
         :exampleMetadata: fixture=_generated
@@ -6202,6 +6218,14 @@ class CfnLambdaHookProps:
     ) -> typing.Optional[typing.Union["IResolvable", "CfnLambdaHook.StackFiltersProperty"]]:
         '''Specifies the stack level filters for the Hook.
 
+        Example stack level filter in JSON:
+
+        ``"StackFilters": {"FilteringCriteria": "ALL", "StackNames": {"Exclude": [ "stack-1", "stack-2"]}}``
+
+        Example stack level filter in YAML:
+
+        ``StackFilters: FilteringCriteria: ALL StackNames: Exclude: - stack-1 - stack-2``
+
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-lambdahook.html#cfn-cloudformation-lambdahook-stackfilters
         '''
         result = self._values.get("stack_filters")
@@ -6213,6 +6237,14 @@ class CfnLambdaHookProps:
     ) -> typing.Optional[typing.Union["IResolvable", "CfnLambdaHook.TargetFiltersProperty"]]:
         '''Specifies the target filters for the Hook.
 
+        Example target filter in JSON:
+
+        ``"TargetFilters": {"Actions": [ "Create", "Update", "Delete" ]}``
+
+        Example target filter in YAML:
+
+        ``TargetFilters: Actions: - CREATE - UPDATE - DELETE``
+
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-lambdahook.html#cfn-cloudformation-lambdahook-targetfilters
         '''
         result = self._values.get("target_filters")
@@ -7260,10 +7292,16 @@ class CfnParameterProps:
 
         Example::
 
-            CfnParameter(self, "MyParameter",
-                type="Number",
-                default=1337
-            )
+            param = CfnParameter(self, "ParameterName")
+            
+            # If the parameter is a String
+            param.value_as_string
+            
+            # If the parameter is a Number
+            param.value_as_number
+            
+            # If the parameter is a List
+            param.value_as_list
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__6d425fa390023c3d5a204065fa1d0abca878458a00e8f9bd0859be42e4cc9e66)
@@ -10658,26 +10696,25 @@ class CustomResourceProps:
     ) -> None:
         '''Properties to provide a Lambda-backed custom resource.
 
-        :param service_token: The ARN of the provider which implements this custom resource type. You can implement a provider by listening to raw AWS CloudFormation events and specify the ARN of an SNS topic (``topic.topicArn``) or the ARN of an AWS Lambda function (``lambda.functionArn``) or use the CDK's custom `resource provider framework <https://docs.aws.amazon.com/cdk/api/latest/docs/custom-resources-readme.html>`_ which makes it easier to implement robust providers. Provider framework:: // use the provider framework from aws-cdk/custom-resources: const provider = new customresources.Provider(this, 'ResourceProvider', { onEventHandler, isCompleteHandler, // optional }); new CustomResource(this, 'MyResource', { serviceToken: provider.serviceToken, }); AWS Lambda function (not recommended to use AWS Lambda Functions directly, see the module README):: // invoke an AWS Lambda function when a lifecycle event occurs: new CustomResource(this, 'MyResource', { serviceToken: myFunction.functionArn, }); SNS topic (not recommended to use AWS Lambda Functions directly, see the module README):: // publish lifecycle events to an SNS topic: new CustomResource(this, 'MyResource', { serviceToken: myTopic.topicArn, });
+        :param service_token: The ARN of the provider which implements this custom resource type. You can implement a provider by listening to raw AWS CloudFormation events and specify the ARN of an SNS topic (``topic.topicArn``) or the ARN of an AWS Lambda function (``lambda.functionArn``) or use the CDK's custom `resource provider framework <https://docs.aws.amazon.com/cdk/api/latest/docs/custom-resources-readme.html>`_ which makes it easier to implement robust providers. Provider framework:: // use the provider framework from aws-cdk/custom-resources: const provider = new customresources.Provider(this, 'ResourceProvider', { onEventHandler, isCompleteHandler, // optional }); new CustomResource(this, 'MyResource', { serviceToken: provider.serviceToken, }); AWS Lambda function (not recommended to use AWS Lambda Functions directly, see the module README):: // invoke an AWS Lambda function when a lifecycle event occurs: new CustomResource(this, 'MyResource', { serviceToken: myFunction.functionArn, }); SNS topic (not recommended to use AWS Lambda Functions directly, see the module README):: // publish lifecycle events to an SNS topic: new CustomResource(this, 'MyResource', { serviceToken: myTopic.topicArn, }); Maps to `ServiceToken <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-customresource.html#cfn-cloudformation-customresource-servicetoken>`_ property for the ``AWS::CloudFormation::CustomResource`` resource
         :param pascal_case_properties: Convert all property keys to pascal case. Default: false
-        :param properties: Properties to pass to the Lambda. Default: - No properties.
+        :param properties: Properties to pass to the Lambda. Values in this ``properties`` dictionary can possibly overwrite other values in ``CustomResourceProps`` E.g. ``ServiceToken`` and ``ServiceTimeout`` It is recommended to avoid using same keys that exist in ``CustomResourceProps`` Default: - No properties.
         :param removal_policy: The policy to apply when this resource is removed from the application. Default: cdk.RemovalPolicy.Destroy
         :param resource_type: For custom resources, you can specify AWS::CloudFormation::CustomResource (the default) as the resource type, or you can specify your own resource type name. For example, you can use "Custom::MyCustomResourceTypeName". Custom resource type names must begin with "Custom::" and can include alphanumeric characters and the following characters: _@-. You can specify a custom resource type name up to a maximum length of 60 characters. You cannot change the type during an update. Using your own resource type names helps you quickly differentiate the types of custom resources in your stack. For example, if you had two custom resources that conduct two different ping tests, you could name their type as Custom::PingTester to make them easily identifiable as ping testers (instead of using AWS::CloudFormation::CustomResource). Default: - AWS::CloudFormation::CustomResource
-        :param service_timeout: The maximum time that can elapse before a custom resource operation times out. The value must be between 1 second and 3600 seconds. Default: Duration.seconds(3600)
+        :param service_timeout: The maximum time that can elapse before a custom resource operation times out. The value must be between 1 second and 3600 seconds. Maps to `ServiceTimeout <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-customresource.html#cfn-cloudformation-customresource-servicetimeout>`_ property for the ``AWS::CloudFormation::CustomResource`` resource A token can be specified for this property, but it must be specified with ``Duration.seconds()``. Default: Duration.seconds(3600)
 
         :exampleMetadata: infused
 
         Example::
 
-            service_token = CustomResourceProvider.get_or_create(self, "Custom::MyCustomResourceType",
-                code_directory=f"{__dirname}/my-handler",
-                runtime=CustomResourceProviderRuntime.NODEJS_18_X,
-                description="Lambda function created by the custom resource provider"
+            stack = Stack()
+            dur_token = CfnParameter(stack, "MyParameter",
+                type="Number",
+                default=60
             )
-            
-            CustomResource(self, "MyResource",
-                resource_type="Custom::MyCustomResourceType",
-                service_token=service_token
+            CustomResource(stack, "MyCustomResource",
+                service_token="MyServiceToken",
+                service_timeout=Duration.seconds(dur_token.value_as_number)
             )
         '''
         if __debug__:
@@ -10738,6 +10775,8 @@ class CustomResourceProps:
            CustomResource(self, "MyResource",
                service_token=my_topic.topic_arn
            )
+
+        Maps to `ServiceToken <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-customresource.html#cfn-cloudformation-customresource-servicetoken>`_ property for the ``AWS::CloudFormation::CustomResource`` resource
         '''
         result = self._values.get("service_token")
         assert result is not None, "Required property 'service_token' is missing"
@@ -10756,6 +10795,10 @@ class CustomResourceProps:
     def properties(self) -> typing.Optional[typing.Mapping[builtins.str, typing.Any]]:
         '''Properties to pass to the Lambda.
 
+        Values in this ``properties`` dictionary can possibly overwrite other values in ``CustomResourceProps``
+        E.g. ``ServiceToken`` and ``ServiceTimeout``
+        It is recommended to avoid using same keys that exist in ``CustomResourceProps``
+
         :default: - No properties.
         '''
         result = self._values.get("properties")
@@ -10800,7 +10843,23 @@ class CustomResourceProps:
 
         The value must be between 1 second and 3600 seconds.
 
+        Maps to `ServiceTimeout <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-customresource.html#cfn-cloudformation-customresource-servicetimeout>`_ property for the ``AWS::CloudFormation::CustomResource`` resource
+
+        A token can be specified for this property, but it must be specified with ``Duration.seconds()``.
+
         :default: Duration.seconds(3600)
+
+        Example::
+
+            stack = Stack()
+            dur_token = CfnParameter(stack, "MyParameter",
+                type="Number",
+                default=60
+            )
+            CustomResource(stack, "MyCustomResource",
+                service_token="MyServiceToken",
+                service_timeout=Duration.seconds(dur_token.value_as_number)
+            )
         '''
         result = self._values.get("service_timeout")
         return typing.cast(typing.Optional["Duration"], result)
@@ -28345,8 +28404,8 @@ class CfnGuardHook(
         :param target_operations: Specifies the list of operations the Hook is run against. For more information, see `Hook targets <https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-concepts.html#hook-terms-hook-target>`_ in the *AWS CloudFormation Hooks User Guide* . Valid values: ``STACK`` | ``RESOURCE`` | ``CHANGE_SET`` | ``CLOUD_CONTROL``
         :param log_bucket: Specifies the name of an S3 bucket to store the Guard output report. This report contains the results of your Guard rule validations.
         :param options: Specifies the S3 location of your input parameters.
-        :param stack_filters: Specifies the stack level filters for the Hook.
-        :param target_filters: Specifies the target filters for the Hook.
+        :param stack_filters: Specifies the stack level filters for the Hook. Example stack level filter in JSON: ``"StackFilters": {"FilteringCriteria": "ALL", "StackNames": {"Exclude": [ "stack-1", "stack-2"]}}`` Example stack level filter in YAML: ``StackFilters: FilteringCriteria: ALL StackNames: Exclude: - stack-1 - stack-2``
+        :param target_filters: Specifies the target filters for the Hook. Example target filter in JSON: ``"TargetFilters": {"Actions": [ "Create", "Update", "Delete" ]}`` Example target filter in YAML: ``TargetFilters: Actions: - CREATE - UPDATE - DELETE``
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__af8d2663a8bac5046ca50537b031b46f870c6edd4948ed8528ca4e3ff9367b17)
@@ -29809,8 +29868,8 @@ class CfnLambdaHook(
         :param hook_status: Specifies if the Hook is ``ENABLED`` or ``DISABLED`` . Default: - "ENABLED"
         :param lambda_function: Specifies the Lambda function for the Hook. You can use:. - The full Amazon Resource Name (ARN) without a suffix. - A qualified ARN with a version or alias suffix.
         :param target_operations: Specifies the list of operations the Hook is run against. For more information, see `Hook targets <https://docs.aws.amazon.com/cloudformation-cli/latest/hooks-userguide/hooks-concepts.html#hook-terms-hook-target>`_ in the *AWS CloudFormation Hooks User Guide* . Valid values: ``STACK`` | ``RESOURCE`` | ``CHANGE_SET`` | ``CLOUD_CONTROL``
-        :param stack_filters: Specifies the stack level filters for the Hook.
-        :param target_filters: Specifies the target filters for the Hook.
+        :param stack_filters: Specifies the stack level filters for the Hook. Example stack level filter in JSON: ``"StackFilters": {"FilteringCriteria": "ALL", "StackNames": {"Exclude": [ "stack-1", "stack-2"]}}`` Example stack level filter in YAML: ``StackFilters: FilteringCriteria: ALL StackNames: Exclude: - stack-1 - stack-2``
+        :param target_filters: Specifies the target filters for the Hook. Example target filter in JSON: ``"TargetFilters": {"Actions": [ "Create", "Update", "Delete" ]}`` Example target filter in YAML: ``TargetFilters: Actions: - CREATE - UPDATE - DELETE``
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__407b4a631e3a832f02376728222302ded8f1ba90d2538b0469e5b99641f17447)
@@ -33789,15 +33848,14 @@ class CustomResource(
 
     Example::
 
-        service_token = CustomResourceProvider.get_or_create(self, "Custom::MyCustomResourceType",
-            code_directory=f"{__dirname}/my-handler",
-            runtime=CustomResourceProviderRuntime.NODEJS_18_X,
-            description="Lambda function created by the custom resource provider"
+        stack = Stack()
+        dur_token = CfnParameter(stack, "MyParameter",
+            type="Number",
+            default=60
         )
-        
-        CustomResource(self, "MyResource",
-            resource_type="Custom::MyCustomResourceType",
-            service_token=service_token
+        CustomResource(stack, "MyCustomResource",
+            service_token="MyServiceToken",
+            service_timeout=Duration.seconds(dur_token.value_as_number)
         )
     '''
 
@@ -33816,12 +33874,12 @@ class CustomResource(
         '''
         :param scope: -
         :param id: -
-        :param service_token: The ARN of the provider which implements this custom resource type. You can implement a provider by listening to raw AWS CloudFormation events and specify the ARN of an SNS topic (``topic.topicArn``) or the ARN of an AWS Lambda function (``lambda.functionArn``) or use the CDK's custom `resource provider framework <https://docs.aws.amazon.com/cdk/api/latest/docs/custom-resources-readme.html>`_ which makes it easier to implement robust providers. Provider framework:: // use the provider framework from aws-cdk/custom-resources: const provider = new customresources.Provider(this, 'ResourceProvider', { onEventHandler, isCompleteHandler, // optional }); new CustomResource(this, 'MyResource', { serviceToken: provider.serviceToken, }); AWS Lambda function (not recommended to use AWS Lambda Functions directly, see the module README):: // invoke an AWS Lambda function when a lifecycle event occurs: new CustomResource(this, 'MyResource', { serviceToken: myFunction.functionArn, }); SNS topic (not recommended to use AWS Lambda Functions directly, see the module README):: // publish lifecycle events to an SNS topic: new CustomResource(this, 'MyResource', { serviceToken: myTopic.topicArn, });
+        :param service_token: The ARN of the provider which implements this custom resource type. You can implement a provider by listening to raw AWS CloudFormation events and specify the ARN of an SNS topic (``topic.topicArn``) or the ARN of an AWS Lambda function (``lambda.functionArn``) or use the CDK's custom `resource provider framework <https://docs.aws.amazon.com/cdk/api/latest/docs/custom-resources-readme.html>`_ which makes it easier to implement robust providers. Provider framework:: // use the provider framework from aws-cdk/custom-resources: const provider = new customresources.Provider(this, 'ResourceProvider', { onEventHandler, isCompleteHandler, // optional }); new CustomResource(this, 'MyResource', { serviceToken: provider.serviceToken, }); AWS Lambda function (not recommended to use AWS Lambda Functions directly, see the module README):: // invoke an AWS Lambda function when a lifecycle event occurs: new CustomResource(this, 'MyResource', { serviceToken: myFunction.functionArn, }); SNS topic (not recommended to use AWS Lambda Functions directly, see the module README):: // publish lifecycle events to an SNS topic: new CustomResource(this, 'MyResource', { serviceToken: myTopic.topicArn, }); Maps to `ServiceToken <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-customresource.html#cfn-cloudformation-customresource-servicetoken>`_ property for the ``AWS::CloudFormation::CustomResource`` resource
         :param pascal_case_properties: Convert all property keys to pascal case. Default: false
-        :param properties: Properties to pass to the Lambda. Default: - No properties.
+        :param properties: Properties to pass to the Lambda. Values in this ``properties`` dictionary can possibly overwrite other values in ``CustomResourceProps`` E.g. ``ServiceToken`` and ``ServiceTimeout`` It is recommended to avoid using same keys that exist in ``CustomResourceProps`` Default: - No properties.
         :param removal_policy: The policy to apply when this resource is removed from the application. Default: cdk.RemovalPolicy.Destroy
         :param resource_type: For custom resources, you can specify AWS::CloudFormation::CustomResource (the default) as the resource type, or you can specify your own resource type name. For example, you can use "Custom::MyCustomResourceTypeName". Custom resource type names must begin with "Custom::" and can include alphanumeric characters and the following characters: _@-. You can specify a custom resource type name up to a maximum length of 60 characters. You cannot change the type during an update. Using your own resource type names helps you quickly differentiate the types of custom resources in your stack. For example, if you had two custom resources that conduct two different ping tests, you could name their type as Custom::PingTester to make them easily identifiable as ping testers (instead of using AWS::CloudFormation::CustomResource). Default: - AWS::CloudFormation::CustomResource
-        :param service_timeout: The maximum time that can elapse before a custom resource operation times out. The value must be between 1 second and 3600 seconds. Default: Duration.seconds(3600)
+        :param service_timeout: The maximum time that can elapse before a custom resource operation times out. The value must be between 1 second and 3600 seconds. Maps to `ServiceTimeout <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudformation-customresource.html#cfn-cloudformation-customresource-servicetimeout>`_ property for the ``AWS::CloudFormation::CustomResource`` resource A token can be specified for this property, but it must be specified with ``Duration.seconds()``. Default: Duration.seconds(3600)
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__5c89cdcdef1901fae8effe187c732f9fbf4ec5793ae2938cebb924671df2c26f)

{aws_cdk_lib-2.179.0 → aws_cdk_lib-2.181.0}/src/aws_cdk/_jsii/__init__.py

@@ -34,7 +34,7 @@ import aws_cdk.cloud_assembly_schema._jsii
 import constructs._jsii
 
 __jsii_assembly__ = jsii.JSIIAssembly.load(
-    "aws-cdk-lib", "2.179.0", __name__[0:-6], "aws-cdk-lib@2.179.0.jsii.tgz"
+    "aws-cdk-lib", "2.181.0", __name__[0:-6], "aws-cdk-lib@2.181.0.jsii.tgz"
 )
 
 __all__ = [

{aws_cdk_lib-2.179.0 → aws_cdk_lib-2.181.0}/src/aws_cdk/aws_acmpca/__init__.py

@@ -118,7 +118,7 @@ class CertificateAuthority(
         
         cluster = msk.Cluster(self, "Cluster",
             cluster_name="myCluster",
-            kafka_version=msk.KafkaVersion.V2_8_1,
+            kafka_version=msk.KafkaVersion.V3_8_X,
             vpc=vpc,
             encryption_in_transit=msk.EncryptionInTransitConfig(
                 client_broker=msk.ClientBrokerEncryption.TLS
@@ -2728,7 +2728,9 @@ class CfnCertificateAuthority(
         name_mapping={
             "enabled": "enabled",
             "crl_distribution_point_extension_configuration": "crlDistributionPointExtensionConfiguration",
+            "crl_type": "crlType",
             "custom_cname": "customCname",
+            "custom_path": "customPath",
             "expiration_in_days": "expirationInDays",
             "s3_bucket_name": "s3BucketName",
             "s3_object_acl": "s3ObjectAcl",
@@ -2740,7 +2742,9 @@ class CfnCertificateAuthority(
             *,
             enabled: typing.Union[builtins.bool, _IResolvable_da3f097b],
             crl_distribution_point_extension_configuration: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Union["CfnCertificateAuthority.CrlDistributionPointExtensionConfigurationProperty", typing.Dict[builtins.str, typing.Any]]]] = None,
+            crl_type: typing.Optional[builtins.str] = None,
             custom_cname: typing.Optional[builtins.str] = None,
+            custom_path: typing.Optional[builtins.str] = None,
             expiration_in_days: typing.Optional[jsii.Number] = None,
             s3_bucket_name: typing.Optional[builtins.str] = None,
             s3_object_acl: typing.Optional[builtins.str] = None,
@@ -2781,7 +2785,9 @@ class CfnCertificateAuthority(
 
             :param enabled: Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. You can use this value to enable certificate revocation for a new CA when you call the ``CreateCertificateAuthority`` operation or for an existing CA when you call the ``UpdateCertificateAuthority`` operation.
             :param crl_distribution_point_extension_configuration: Configures the default behavior of the CRL Distribution Point extension for certificates issued by your CA. If this field is not provided, then the CRL Distribution Point extension will be present and contain the default CRL URL.
+            :param crl_type: Specifies the type of CRL. This setting determines the maximum number of certificates that the certificate authority can issue and revoke. For more information, see `AWS Private CA quotas <https://docs.aws.amazon.com/general/latest/gr/pca.html#limits_pca>`_ . - ``COMPLETE`` - The default setting. AWS Private CA maintains a single CRL file for all unexpired certificates issued by a CA that have been revoked for any reason. Each certificate that AWS Private CA issues is bound to a specific CRL through the CRL distribution point (CDP) defined in `RFC 5280 <https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280>`_ . - ``PARTITIONED`` - Compared to complete CRLs, partitioned CRLs dramatically increase the number of certificates your private CA can issue. .. epigraph:: When using partitioned CRLs, you must validate that the CRL's associated issuing distribution point (IDP) URI matches the certificate's CDP URI to ensure the right CRL has been fetched. AWS Private CA marks the IDP extension as critical, which your client must be able to process.
             :param custom_cname: Name inserted into the certificate *CRL Distribution Points* extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public. .. epigraph:: The content of a Canonical Name (CNAME) record must conform to `RFC2396 <https://docs.aws.amazon.com/https://www.ietf.org/rfc/rfc2396.txt>`_ restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as "http://" or "https://".
+            :param custom_path: Designates a custom file path in S3 for CRL(s). For example, ``http://<CustomName>/<CustomPath>/<CrlPartition_GUID>.crl`` .
             :param expiration_in_days: Validity period of the CRL in days.
             :param s3_bucket_name: Name of the S3 bucket that contains the CRL. If you do not provide a value for the *CustomCname* argument, the name of your S3 bucket is placed into the *CRL Distribution Points* extension of the issued certificate. You can change the name of your bucket by calling the `UpdateCertificateAuthority <https://docs.aws.amazon.com/privateca/latest/APIReference/API_UpdateCertificateAuthority.html>`_ operation. You must specify a `bucket policy <https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#s3-policies>`_ that allows AWS Private CA to write the CRL to your bucket. .. epigraph:: The ``S3BucketName`` parameter must conform to the `S3 bucket naming rules <https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html>`_ .
             :param s3_object_acl: Determines whether the CRL will be publicly readable or privately held in the CRL Amazon S3 bucket. If you choose PUBLIC_READ, the CRL will be accessible over the public internet. If you choose BUCKET_OWNER_FULL_CONTROL, only the owner of the CRL S3 bucket can access the CRL, and your PKI clients may need an alternative method of access. If no value is specified, the default is PUBLIC_READ. *Note:* This default can cause CA creation to fail in some circumstances. If you have have enabled the Block Public Access (BPA) feature in your S3 account, then you must specify the value of this parameter as ``BUCKET_OWNER_FULL_CONTROL`` , and not doing so results in an error. If you have disabled BPA in S3, then you can specify either ``BUCKET_OWNER_FULL_CONTROL`` or ``PUBLIC_READ`` as the value. For more information, see `Blocking public access to the S3 bucket <https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#s3-bpa>`_ .
@@ -2802,7 +2808,9 @@ class CfnCertificateAuthority(
                     crl_distribution_point_extension_configuration=acmpca.CfnCertificateAuthority.CrlDistributionPointExtensionConfigurationProperty(
                         omit_extension=False
                     ),
+                    crl_type="crlType",
                     custom_cname="customCname",
+                    custom_path="customPath",
                     expiration_in_days=123,
                     s3_bucket_name="s3BucketName",
                     s3_object_acl="s3ObjectAcl"
@@ -2812,7 +2820,9 @@ class CfnCertificateAuthority(
                 type_hints = typing.get_type_hints(_typecheckingstub__de72782a3b3117c1f101c2c6c2fad457863e581a5bdcd67a1280a825dc55ea17)
                 check_type(argname="argument enabled", value=enabled, expected_type=type_hints["enabled"])
                 check_type(argname="argument crl_distribution_point_extension_configuration", value=crl_distribution_point_extension_configuration, expected_type=type_hints["crl_distribution_point_extension_configuration"])
+                check_type(argname="argument crl_type", value=crl_type, expected_type=type_hints["crl_type"])
                 check_type(argname="argument custom_cname", value=custom_cname, expected_type=type_hints["custom_cname"])
+                check_type(argname="argument custom_path", value=custom_path, expected_type=type_hints["custom_path"])
                 check_type(argname="argument expiration_in_days", value=expiration_in_days, expected_type=type_hints["expiration_in_days"])
                 check_type(argname="argument s3_bucket_name", value=s3_bucket_name, expected_type=type_hints["s3_bucket_name"])
                 check_type(argname="argument s3_object_acl", value=s3_object_acl, expected_type=type_hints["s3_object_acl"])
@@ -2821,8 +2831,12 @@ class CfnCertificateAuthority(
             }
             if crl_distribution_point_extension_configuration is not None:
                 self._values["crl_distribution_point_extension_configuration"] = crl_distribution_point_extension_configuration
+            if crl_type is not None:
+                self._values["crl_type"] = crl_type
             if custom_cname is not None:
                 self._values["custom_cname"] = custom_cname
+            if custom_path is not None:
+                self._values["custom_path"] = custom_path
             if expiration_in_days is not None:
                 self._values["expiration_in_days"] = expiration_in_days
             if s3_bucket_name is not None:
@@ -2855,6 +2869,24 @@ class CfnCertificateAuthority(
             result = self._values.get("crl_distribution_point_extension_configuration")
             return typing.cast(typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnCertificateAuthority.CrlDistributionPointExtensionConfigurationProperty"]], result)
 
+        @builtins.property
+        def crl_type(self) -> typing.Optional[builtins.str]:
+            '''Specifies the type of CRL.
+
+            This setting determines the maximum number of certificates that the certificate authority can issue and revoke. For more information, see `AWS Private CA quotas <https://docs.aws.amazon.com/general/latest/gr/pca.html#limits_pca>`_ .
+
+            - ``COMPLETE`` - The default setting. AWS Private CA maintains a single CRL file for all unexpired certificates issued by a CA that have been revoked for any reason. Each certificate that AWS Private CA issues is bound to a specific CRL through the CRL distribution point (CDP) defined in `RFC 5280 <https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280>`_ .
+            - ``PARTITIONED`` - Compared to complete CRLs, partitioned CRLs dramatically increase the number of certificates your private CA can issue.
+
+            .. epigraph::
+
+               When using partitioned CRLs, you must validate that the CRL's associated issuing distribution point (IDP) URI matches the certificate's CDP URI to ensure the right CRL has been fetched. AWS Private CA marks the IDP extension as critical, which your client must be able to process.
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-crlconfiguration.html#cfn-acmpca-certificateauthority-crlconfiguration-crltype
+            '''
+            result = self._values.get("crl_type")
+            return typing.cast(typing.Optional[builtins.str], result)
+
         @builtins.property
         def custom_cname(self) -> typing.Optional[builtins.str]:
             '''Name inserted into the certificate *CRL Distribution Points* extension that enables the use of an alias for the CRL distribution point.
@@ -2869,6 +2901,17 @@ class CfnCertificateAuthority(
             result = self._values.get("custom_cname")
             return typing.cast(typing.Optional[builtins.str], result)
 
+        @builtins.property
+        def custom_path(self) -> typing.Optional[builtins.str]:
+            '''Designates a custom file path in S3 for CRL(s).
+
+            For example, ``http://<CustomName>/<CustomPath>/<CrlPartition_GUID>.crl`` .
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-crlconfiguration.html#cfn-acmpca-certificateauthority-crlconfiguration-custompath
+            '''
+            result = self._values.get("custom_path")
+            return typing.cast(typing.Optional[builtins.str], result)
+
         @builtins.property
         def expiration_in_days(self) -> typing.Optional[jsii.Number]:
             '''Validity period of the CRL in days.
@@ -3876,7 +3919,9 @@ class CfnCertificateAuthority(
                         crl_distribution_point_extension_configuration=acmpca.CfnCertificateAuthority.CrlDistributionPointExtensionConfigurationProperty(
                             omit_extension=False
                         ),
+                        crl_type="crlType",
                         custom_cname="customCname",
+                        custom_path="customPath",
                         expiration_in_days=123,
                         s3_bucket_name="s3BucketName",
                         s3_object_acl="s3ObjectAcl"
@@ -5624,7 +5669,9 @@ def _typecheckingstub__de72782a3b3117c1f101c2c6c2fad457863e581a5bdcd67a1280a825d
     *,
     enabled: typing.Union[builtins.bool, _IResolvable_da3f097b],
     crl_distribution_point_extension_configuration: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Union[CfnCertificateAuthority.CrlDistributionPointExtensionConfigurationProperty, typing.Dict[builtins.str, typing.Any]]]] = None,
+    crl_type: typing.Optional[builtins.str] = None,
     custom_cname: typing.Optional[builtins.str] = None,
+    custom_path: typing.Optional[builtins.str] = None,
     expiration_in_days: typing.Optional[jsii.Number] = None,
     s3_bucket_name: typing.Optional[builtins.str] = None,
     s3_object_acl: typing.Optional[builtins.str] = None,

{aws_cdk_lib-2.179.0 → aws_cdk_lib-2.181.0}/src/aws_cdk/aws_apigateway/__init__.py

@@ -14847,7 +14847,7 @@ class CorsOptions:
         status_code: typing.Optional[jsii.Number] = None,
     ) -> None:
         '''
-        :param allow_origins: Specifies the list of origins that are allowed to make requests to this resource. If you wish to allow all origins, specify ``Cors.ALL_ORIGINS`` or ``[ * ]``. Responses will include the ``Access-Control-Allow-Origin`` response header. If ``Cors.ALL_ORIGINS`` is specified, the ``Vary: Origin`` response header will also be included.
+        :param allow_origins: Specifies the list of origins that are allowed to make requests to this resource. If you wish to allow all origins, specify ``Cors.ALL_ORIGINS`` or ``[ * ]``. Responses will include the ``Access-Control-Allow-Origin`` response header. If specific origins are specified (not ``Cors.ALL_ORIGINS``), the ``Vary: Origin`` response header will also be included.
         :param allow_credentials: The Access-Control-Allow-Credentials response header tells browsers whether to expose the response to frontend JavaScript code when the request's credentials mode (Request.credentials) is "include". When a request's credentials mode (Request.credentials) is "include", browsers will only expose the response to frontend JavaScript code if the Access-Control-Allow-Credentials value is true. Credentials are cookies, authorization headers or TLS client certificates. Default: false
         :param allow_headers: The Access-Control-Allow-Headers response header is used in response to a preflight request which includes the Access-Control-Request-Headers to indicate which HTTP headers can be used during the actual request. Default: Cors.DEFAULT_HEADERS
         :param allow_methods: The Access-Control-Allow-Methods response header specifies the method or methods allowed when accessing the resource in response to a preflight request. If ``ANY`` is specified, it will be expanded to ``Cors.ALL_METHODS``. Default: Cors.ALL_METHODS
@@ -14903,8 +14903,8 @@ class CorsOptions:
         ``[ * ]``.
 
         Responses will include the ``Access-Control-Allow-Origin`` response header.
-        If ``Cors.ALL_ORIGINS`` is specified, the ``Vary: Origin`` response header will
-        also be included.
+        If specific origins are specified (not ``Cors.ALL_ORIGINS``), the ``Vary: Origin``
+        response header will also be included.
 
         :see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
         '''
@@ -16461,7 +16461,7 @@ class IResource(_IResource_c80c4260, typing_extensions.Protocol):
         resource that has a different origin (domain, protocol, or port) from its
         own.
 
-        :param allow_origins: Specifies the list of origins that are allowed to make requests to this resource. If you wish to allow all origins, specify ``Cors.ALL_ORIGINS`` or ``[ * ]``. Responses will include the ``Access-Control-Allow-Origin`` response header. If ``Cors.ALL_ORIGINS`` is specified, the ``Vary: Origin`` response header will also be included.
+        :param allow_origins: Specifies the list of origins that are allowed to make requests to this resource. If you wish to allow all origins, specify ``Cors.ALL_ORIGINS`` or ``[ * ]``. Responses will include the ``Access-Control-Allow-Origin`` response header. If specific origins are specified (not ``Cors.ALL_ORIGINS``), the ``Vary: Origin`` response header will also be included.
         :param allow_credentials: The Access-Control-Allow-Credentials response header tells browsers whether to expose the response to frontend JavaScript code when the request's credentials mode (Request.credentials) is "include". When a request's credentials mode (Request.credentials) is "include", browsers will only expose the response to frontend JavaScript code if the Access-Control-Allow-Credentials value is true. Credentials are cookies, authorization headers or TLS client certificates. Default: false
         :param allow_headers: The Access-Control-Allow-Headers response header is used in response to a preflight request which includes the Access-Control-Request-Headers to indicate which HTTP headers can be used during the actual request. Default: Cors.DEFAULT_HEADERS
         :param allow_methods: The Access-Control-Allow-Methods response header specifies the method or methods allowed when accessing the resource in response to a preflight request. If ``ANY`` is specified, it will be expanded to ``Cors.ALL_METHODS``. Default: Cors.ALL_METHODS
@@ -16652,7 +16652,7 @@ class _IResourceProxy(
         resource that has a different origin (domain, protocol, or port) from its
         own.
 
-        :param allow_origins: Specifies the list of origins that are allowed to make requests to this resource. If you wish to allow all origins, specify ``Cors.ALL_ORIGINS`` or ``[ * ]``. Responses will include the ``Access-Control-Allow-Origin`` response header. If ``Cors.ALL_ORIGINS`` is specified, the ``Vary: Origin`` response header will also be included.
+        :param allow_origins: Specifies the list of origins that are allowed to make requests to this resource. If you wish to allow all origins, specify ``Cors.ALL_ORIGINS`` or ``[ * ]``. Responses will include the ``Access-Control-Allow-Origin`` response header. If specific origins are specified (not ``Cors.ALL_ORIGINS``), the ``Vary: Origin`` response header will also be included.
         :param allow_credentials: The Access-Control-Allow-Credentials response header tells browsers whether to expose the response to frontend JavaScript code when the request's credentials mode (Request.credentials) is "include". When a request's credentials mode (Request.credentials) is "include", browsers will only expose the response to frontend JavaScript code if the Access-Control-Allow-Credentials value is true. Credentials are cookies, authorization headers or TLS client certificates. Default: false
         :param allow_headers: The Access-Control-Allow-Headers response header is used in response to a preflight request which includes the Access-Control-Request-Headers to indicate which HTTP headers can be used during the actual request. Default: Cors.DEFAULT_HEADERS
         :param allow_methods: The Access-Control-Allow-Methods response header specifies the method or methods allowed when accessing the resource in response to a preflight request. If ``ANY`` is specified, it will be expanded to ``Cors.ALL_METHODS``. Default: Cors.ALL_METHODS
@@ -22676,7 +22676,7 @@ class ResourceBase(
         resource that has a different origin (domain, protocol, or port) from its
         own.
 
-        :param allow_origins: Specifies the list of origins that are allowed to make requests to this resource. If you wish to allow all origins, specify ``Cors.ALL_ORIGINS`` or ``[ * ]``. Responses will include the ``Access-Control-Allow-Origin`` response header. If ``Cors.ALL_ORIGINS`` is specified, the ``Vary: Origin`` response header will also be included.
+        :param allow_origins: Specifies the list of origins that are allowed to make requests to this resource. If you wish to allow all origins, specify ``Cors.ALL_ORIGINS`` or ``[ * ]``. Responses will include the ``Access-Control-Allow-Origin`` response header. If specific origins are specified (not ``Cors.ALL_ORIGINS``), the ``Vary: Origin`` response header will also be included.
         :param allow_credentials: The Access-Control-Allow-Credentials response header tells browsers whether to expose the response to frontend JavaScript code when the request's credentials mode (Request.credentials) is "include". When a request's credentials mode (Request.credentials) is "include", browsers will only expose the response to frontend JavaScript code if the Access-Control-Allow-Credentials value is true. Credentials are cookies, authorization headers or TLS client certificates. Default: false
         :param allow_headers: The Access-Control-Allow-Headers response header is used in response to a preflight request which includes the Access-Control-Request-Headers to indicate which HTTP headers can be used during the actual request. Default: Cors.DEFAULT_HEADERS
         :param allow_methods: The Access-Control-Allow-Methods response header specifies the method or methods allowed when accessing the resource in response to a preflight request. If ``ANY`` is specified, it will be expanded to ``Cors.ALL_METHODS``. Default: Cors.ALL_METHODS

{aws_cdk_lib-2.179.0 → aws_cdk_lib-2.181.0}/src/aws_cdk/aws_appsync/__init__.py

@@ -4862,7 +4862,7 @@ class CfnApiCache(
         '''
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
-        :param api_caching_behavior: Caching behavior. - *FULL_REQUEST_CACHING* : All requests are fully cached. - *PER_RESOLVER_CACHING* : Individual resolvers that you specify are cached.
+        :param api_caching_behavior: Caching behavior. - *FULL_REQUEST_CACHING* : All requests from the same user are cached. Individual resolvers are automatically cached. All API calls will try to return responses from the cache. - *PER_RESOLVER_CACHING* : Individual resolvers that you specify are cached. - *OPERATION_LEVEL_CACHING* : Full requests are cached together and returned without executing resolvers.
         :param api_id: The GraphQL API ID.
         :param ttl: TTL in seconds for cache entries. Valid values are 1–3,600 seconds.
         :param type: The cache instance type. Valid values are. - ``SMALL`` - ``MEDIUM`` - ``LARGE`` - ``XLARGE`` - ``LARGE_2X`` - ``LARGE_4X`` - ``LARGE_8X`` (not available in all regions) - ``LARGE_12X`` Historically, instance types were identified by an EC2-style value. As of July 2020, this is deprecated, and the generic identifiers above should be used. The following legacy instance types are available, but their use is discouraged: - *T2_SMALL* : A t2.small instance type. - *T2_MEDIUM* : A t2.medium instance type. - *R4_LARGE* : A r4.large instance type. - *R4_XLARGE* : A r4.xlarge instance type. - *R4_2XLARGE* : A r4.2xlarge instance type. - *R4_4XLARGE* : A r4.4xlarge instance type. - *R4_8XLARGE* : A r4.8xlarge instance type.
@@ -5064,7 +5064,7 @@ class CfnApiCacheProps:
     ) -> None:
         '''Properties for defining a ``CfnApiCache``.
 
-        :param api_caching_behavior: Caching behavior. - *FULL_REQUEST_CACHING* : All requests are fully cached. - *PER_RESOLVER_CACHING* : Individual resolvers that you specify are cached.
+        :param api_caching_behavior: Caching behavior. - *FULL_REQUEST_CACHING* : All requests from the same user are cached. Individual resolvers are automatically cached. All API calls will try to return responses from the cache. - *PER_RESOLVER_CACHING* : Individual resolvers that you specify are cached. - *OPERATION_LEVEL_CACHING* : Full requests are cached together and returned without executing resolvers.
         :param api_id: The GraphQL API ID.
         :param ttl: TTL in seconds for cache entries. Valid values are 1–3,600 seconds.
         :param type: The cache instance type. Valid values are. - ``SMALL`` - ``MEDIUM`` - ``LARGE`` - ``XLARGE`` - ``LARGE_2X`` - ``LARGE_4X`` - ``LARGE_8X`` (not available in all regions) - ``LARGE_12X`` Historically, instance types were identified by an EC2-style value. As of July 2020, this is deprecated, and the generic identifiers above should be used. The following legacy instance types are available, but their use is discouraged: - *T2_SMALL* : A t2.small instance type. - *T2_MEDIUM* : A t2.medium instance type. - *R4_LARGE* : A r4.large instance type. - *R4_XLARGE* : A r4.xlarge instance type. - *R4_2XLARGE* : A r4.2xlarge instance type. - *R4_4XLARGE* : A r4.4xlarge instance type. - *R4_8XLARGE* : A r4.8xlarge instance type.
@@ -5119,8 +5119,9 @@ class CfnApiCacheProps:
     def api_caching_behavior(self) -> builtins.str:
         '''Caching behavior.
 
-        - *FULL_REQUEST_CACHING* : All requests are fully cached.
+        - *FULL_REQUEST_CACHING* : All requests from the same user are cached. Individual resolvers are automatically cached. All API calls will try to return responses from the cache.
         - *PER_RESOLVER_CACHING* : Individual resolvers that you specify are cached.
+        - *OPERATION_LEVEL_CACHING* : Full requests are cached together and returned without executing resolvers.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-appsync-apicache.html#cfn-appsync-apicache-apicachingbehavior
         '''