aws-cdk-lib 2.182.0__py3-none-any.whl → 2.184.0__py3-none-any.whl

aws_cdk/aws_iam/__init__.py

@@ -4373,10 +4373,15 @@ class CfnSAMLProvider(
         from aws_cdk import aws_iam as iam
         
         cfn_sAMLProvider = iam.CfnSAMLProvider(self, "MyCfnSAMLProvider",
-            saml_metadata_document="samlMetadataDocument",
-        
-            # the properties below are optional
+            add_private_key="addPrivateKey",
+            assertion_encryption_mode="assertionEncryptionMode",
             name="name",
+            private_key_list=[iam.CfnSAMLProvider.SAMLPrivateKeyProperty(
+                key_id="keyId",
+                timestamp="timestamp"
+            )],
+            remove_private_key="removePrivateKey",
+            saml_metadata_document="samlMetadataDocument",
             tags=[CfnTag(
                 key="key",
                 value="value"
@@ -4389,15 +4394,23 @@ class CfnSAMLProvider(
         scope: _constructs_77d1e7e8.Construct,
         id: builtins.str,
         *,
-        saml_metadata_document: builtins.str,
+        add_private_key: typing.Optional[builtins.str] = None,
+        assertion_encryption_mode: typing.Optional[builtins.str] = None,
         name: typing.Optional[builtins.str] = None,
+        private_key_list: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union["CfnSAMLProvider.SAMLPrivateKeyProperty", typing.Dict[builtins.str, typing.Any]]]]]] = None,
+        remove_private_key: typing.Optional[builtins.str] = None,
+        saml_metadata_document: typing.Optional[builtins.str] = None,
         tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
     ) -> None:
         '''
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
-        :param saml_metadata_document: An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP. For more information, see `About SAML 2.0-based federation <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html>`_ in the *IAM User Guide*
+        :param add_private_key: The private key from your external identity provider.
+        :param assertion_encryption_mode: The encryption setting for the SAML provider.
         :param name: The name of the provider to create. This parameter allows (through its `regex pattern <https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex>`_ ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-
+        :param private_key_list: 
+        :param remove_private_key: The Key ID of the private key to remove.
+        :param saml_metadata_document: An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP. For more information, see `About SAML 2.0-based federation <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html>`_ in the *IAM User Guide*
         :param tags: A list of tags that you want to attach to the new IAM SAML provider. Each tag consists of a key name and an associated value. For more information about tagging, see `Tagging IAM resources <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html>`_ in the *IAM User Guide* . .. epigraph:: If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.
         '''
         if __debug__:
@@ -4405,7 +4418,13 @@ class CfnSAMLProvider(
             check_type(argname="argument scope", value=scope, expected_type=type_hints["scope"])
             check_type(argname="argument id", value=id, expected_type=type_hints["id"])
         props = CfnSAMLProviderProps(
-            saml_metadata_document=saml_metadata_document, name=name, tags=tags
+            add_private_key=add_private_key,
+            assertion_encryption_mode=assertion_encryption_mode,
+            name=name,
+            private_key_list=private_key_list,
+            remove_private_key=remove_private_key,
+            saml_metadata_document=saml_metadata_document,
+            tags=tags,
         )
 
         jsii.create(self.__class__, self, [scope, id, props])
@@ -4449,6 +4468,15 @@ class CfnSAMLProvider(
         '''
         return typing.cast(builtins.str, jsii.get(self, "attrArn"))
 
+    @builtins.property
+    @jsii.member(jsii_name="attrSamlProviderUuid")
+    def attr_saml_provider_uuid(self) -> builtins.str:
+        '''The unique identifier assigned to the SAML provider.
+
+        :cloudformationAttribute: SamlProviderUUID
+        '''
+        return typing.cast(builtins.str, jsii.get(self, "attrSamlProviderUuid"))
+
     @builtins.property
     @jsii.member(jsii_name="cfnProperties")
     def _cfn_properties(self) -> typing.Mapping[builtins.str, typing.Any]:
@@ -4461,17 +4489,30 @@ class CfnSAMLProvider(
         return typing.cast(_TagManager_0a598cb3, jsii.get(self, "tags"))
 
     @builtins.property
-    @jsii.member(jsii_name="samlMetadataDocument")
-    def saml_metadata_document(self) -> builtins.str:
-        '''An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP.'''
-        return typing.cast(builtins.str, jsii.get(self, "samlMetadataDocument"))
+    @jsii.member(jsii_name="addPrivateKey")
+    def add_private_key(self) -> typing.Optional[builtins.str]:
+        '''The private key from your external identity provider.'''
+        return typing.cast(typing.Optional[builtins.str], jsii.get(self, "addPrivateKey"))
 
-    @saml_metadata_document.setter
-    def saml_metadata_document(self, value: builtins.str) -> None:
+    @add_private_key.setter
+    def add_private_key(self, value: typing.Optional[builtins.str]) -> None:
         if __debug__:
-            type_hints = typing.get_type_hints(_typecheckingstub__6c9b70ef0e0ed94f53ecf2221518796deaf4c5a9353a14b0183e26bbe0e0d57c)
+            type_hints = typing.get_type_hints(_typecheckingstub__8eda0b212280ae29b138f852bf55874f8617cd18d7ed484f68edc38bffe20894)
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
-        jsii.set(self, "samlMetadataDocument", value) # pyright: ignore[reportArgumentType]
+        jsii.set(self, "addPrivateKey", value) # pyright: ignore[reportArgumentType]
+
+    @builtins.property
+    @jsii.member(jsii_name="assertionEncryptionMode")
+    def assertion_encryption_mode(self) -> typing.Optional[builtins.str]:
+        '''The encryption setting for the SAML provider.'''
+        return typing.cast(typing.Optional[builtins.str], jsii.get(self, "assertionEncryptionMode"))
+
+    @assertion_encryption_mode.setter
+    def assertion_encryption_mode(self, value: typing.Optional[builtins.str]) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__b22ac38ad8a3fd6af168b0c9077c481244d37477d750cb3920773c2aa0381628)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "assertionEncryptionMode", value) # pyright: ignore[reportArgumentType]
 
     @builtins.property
     @jsii.member(jsii_name="name")
@@ -4486,6 +4527,49 @@ class CfnSAMLProvider(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "name", value) # pyright: ignore[reportArgumentType]
 
+    @builtins.property
+    @jsii.member(jsii_name="privateKeyList")
+    def private_key_list(
+        self,
+    ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnSAMLProvider.SAMLPrivateKeyProperty"]]]]:
+        return typing.cast(typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnSAMLProvider.SAMLPrivateKeyProperty"]]]], jsii.get(self, "privateKeyList"))
+
+    @private_key_list.setter
+    def private_key_list(
+        self,
+        value: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnSAMLProvider.SAMLPrivateKeyProperty"]]]],
+    ) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__4b658e1199288ad46a20aa58d7a48bed2a7a2ce85d292b87c990c63d1cbea592)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "privateKeyList", value) # pyright: ignore[reportArgumentType]
+
+    @builtins.property
+    @jsii.member(jsii_name="removePrivateKey")
+    def remove_private_key(self) -> typing.Optional[builtins.str]:
+        '''The Key ID of the private key to remove.'''
+        return typing.cast(typing.Optional[builtins.str], jsii.get(self, "removePrivateKey"))
+
+    @remove_private_key.setter
+    def remove_private_key(self, value: typing.Optional[builtins.str]) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__9ee9b5a78619fab076894e18105c29d8554950dedb6d0b06ebdb5bdcf17266e1)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "removePrivateKey", value) # pyright: ignore[reportArgumentType]
+
+    @builtins.property
+    @jsii.member(jsii_name="samlMetadataDocument")
+    def saml_metadata_document(self) -> typing.Optional[builtins.str]:
+        '''An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP.'''
+        return typing.cast(typing.Optional[builtins.str], jsii.get(self, "samlMetadataDocument"))
+
+    @saml_metadata_document.setter
+    def saml_metadata_document(self, value: typing.Optional[builtins.str]) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__6c9b70ef0e0ed94f53ecf2221518796deaf4c5a9353a14b0183e26bbe0e0d57c)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "samlMetadataDocument", value) # pyright: ignore[reportArgumentType]
+
     @builtins.property
     @jsii.member(jsii_name="tagsRaw")
     def tags_raw(self) -> typing.Optional[typing.List[_CfnTag_f6864754]]:
@@ -4499,13 +4583,83 @@ class CfnSAMLProvider(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "tagsRaw", value) # pyright: ignore[reportArgumentType]
 
+    @jsii.data_type(
+        jsii_type="aws-cdk-lib.aws_iam.CfnSAMLProvider.SAMLPrivateKeyProperty",
+        jsii_struct_bases=[],
+        name_mapping={"key_id": "keyId", "timestamp": "timestamp"},
+    )
+    class SAMLPrivateKeyProperty:
+        def __init__(self, *, key_id: builtins.str, timestamp: builtins.str) -> None:
+            '''The private key metadata for the SAML provider.
+
+            :param key_id: The unique identifier for the SAML private key.
+            :param timestamp: The date and time, in <a href="http://www.iso.org/iso/iso8601">ISO 8601 date-time format, when the private key was uploaded.
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-samlprovider-samlprivatekey.html
+            :exampleMetadata: fixture=_generated
+
+            Example::
+
+                # The code below shows an example of how to instantiate this type.
+                # The values are placeholders you should change.
+                from aws_cdk import aws_iam as iam
+                
+                s_aMLPrivate_key_property = iam.CfnSAMLProvider.SAMLPrivateKeyProperty(
+                    key_id="keyId",
+                    timestamp="timestamp"
+                )
+            '''
+            if __debug__:
+                type_hints = typing.get_type_hints(_typecheckingstub__e7b8165114a2decbdfd66da703311b43a9b1c50edd7d65c71d2b8484a52e4f02)
+                check_type(argname="argument key_id", value=key_id, expected_type=type_hints["key_id"])
+                check_type(argname="argument timestamp", value=timestamp, expected_type=type_hints["timestamp"])
+            self._values: typing.Dict[builtins.str, typing.Any] = {
+                "key_id": key_id,
+                "timestamp": timestamp,
+            }
+
+        @builtins.property
+        def key_id(self) -> builtins.str:
+            '''The unique identifier for the SAML private key.
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-samlprovider-samlprivatekey.html#cfn-iam-samlprovider-samlprivatekey-keyid
+            '''
+            result = self._values.get("key_id")
+            assert result is not None, "Required property 'key_id' is missing"
+            return typing.cast(builtins.str, result)
+
+        @builtins.property
+        def timestamp(self) -> builtins.str:
+            '''The date and time, in <a href="http://www.iso.org/iso/iso8601">ISO 8601 date-time  format, when the private key was uploaded.
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-samlprovider-samlprivatekey.html#cfn-iam-samlprovider-samlprivatekey-timestamp
+            '''
+            result = self._values.get("timestamp")
+            assert result is not None, "Required property 'timestamp' is missing"
+            return typing.cast(builtins.str, result)
+
+        def __eq__(self, rhs: typing.Any) -> builtins.bool:
+            return isinstance(rhs, self.__class__) and rhs._values == self._values
+
+        def __ne__(self, rhs: typing.Any) -> builtins.bool:
+            return not (rhs == self)
+
+        def __repr__(self) -> str:
+            return "SAMLPrivateKeyProperty(%s)" % ", ".join(
+                k + "=" + repr(v) for k, v in self._values.items()
+            )
+
 
 @jsii.data_type(
     jsii_type="aws-cdk-lib.aws_iam.CfnSAMLProviderProps",
     jsii_struct_bases=[],
     name_mapping={
-        "saml_metadata_document": "samlMetadataDocument",
+        "add_private_key": "addPrivateKey",
+        "assertion_encryption_mode": "assertionEncryptionMode",
         "name": "name",
+        "private_key_list": "privateKeyList",
+        "remove_private_key": "removePrivateKey",
+        "saml_metadata_document": "samlMetadataDocument",
         "tags": "tags",
     },
 )
@@ -4513,14 +4667,22 @@ class CfnSAMLProviderProps:
     def __init__(
         self,
         *,
-        saml_metadata_document: builtins.str,
+        add_private_key: typing.Optional[builtins.str] = None,
+        assertion_encryption_mode: typing.Optional[builtins.str] = None,
         name: typing.Optional[builtins.str] = None,
+        private_key_list: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[CfnSAMLProvider.SAMLPrivateKeyProperty, typing.Dict[builtins.str, typing.Any]]]]]] = None,
+        remove_private_key: typing.Optional[builtins.str] = None,
+        saml_metadata_document: typing.Optional[builtins.str] = None,
         tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
     ) -> None:
         '''Properties for defining a ``CfnSAMLProvider``.
 
-        :param saml_metadata_document: An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP. For more information, see `About SAML 2.0-based federation <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html>`_ in the *IAM User Guide*
+        :param add_private_key: The private key from your external identity provider.
+        :param assertion_encryption_mode: The encryption setting for the SAML provider.
         :param name: The name of the provider to create. This parameter allows (through its `regex pattern <https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex>`_ ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-
+        :param private_key_list: 
+        :param remove_private_key: The Key ID of the private key to remove.
+        :param saml_metadata_document: An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP. For more information, see `About SAML 2.0-based federation <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html>`_ in the *IAM User Guide*
         :param tags: A list of tags that you want to attach to the new IAM SAML provider. Each tag consists of a key name and an associated value. For more information about tagging, see `Tagging IAM resources <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html>`_ in the *IAM User Guide* . .. epigraph:: If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-samlprovider.html
@@ -4533,10 +4695,15 @@ class CfnSAMLProviderProps:
             from aws_cdk import aws_iam as iam
             
             cfn_sAMLProvider_props = iam.CfnSAMLProviderProps(
-                saml_metadata_document="samlMetadataDocument",
-            
-                # the properties below are optional
+                add_private_key="addPrivateKey",
+                assertion_encryption_mode="assertionEncryptionMode",
                 name="name",
+                private_key_list=[iam.CfnSAMLProvider.SAMLPrivateKeyProperty(
+                    key_id="keyId",
+                    timestamp="timestamp"
+                )],
+                remove_private_key="removePrivateKey",
+                saml_metadata_document="samlMetadataDocument",
                 tags=[CfnTag(
                     key="key",
                     value="value"
@@ -4545,28 +4712,46 @@ class CfnSAMLProviderProps:
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__753bbb479e0c0a542a8456d357a3312bedbcc25e8753ca69dabd0ebf09aa6de7)
-            check_type(argname="argument saml_metadata_document", value=saml_metadata_document, expected_type=type_hints["saml_metadata_document"])
+            check_type(argname="argument add_private_key", value=add_private_key, expected_type=type_hints["add_private_key"])
+            check_type(argname="argument assertion_encryption_mode", value=assertion_encryption_mode, expected_type=type_hints["assertion_encryption_mode"])
             check_type(argname="argument name", value=name, expected_type=type_hints["name"])
+            check_type(argname="argument private_key_list", value=private_key_list, expected_type=type_hints["private_key_list"])
+            check_type(argname="argument remove_private_key", value=remove_private_key, expected_type=type_hints["remove_private_key"])
+            check_type(argname="argument saml_metadata_document", value=saml_metadata_document, expected_type=type_hints["saml_metadata_document"])
             check_type(argname="argument tags", value=tags, expected_type=type_hints["tags"])
-        self._values: typing.Dict[builtins.str, typing.Any] = {
-            "saml_metadata_document": saml_metadata_document,
-        }
+        self._values: typing.Dict[builtins.str, typing.Any] = {}
+        if add_private_key is not None:
+            self._values["add_private_key"] = add_private_key
+        if assertion_encryption_mode is not None:
+            self._values["assertion_encryption_mode"] = assertion_encryption_mode
         if name is not None:
             self._values["name"] = name
+        if private_key_list is not None:
+            self._values["private_key_list"] = private_key_list
+        if remove_private_key is not None:
+            self._values["remove_private_key"] = remove_private_key
+        if saml_metadata_document is not None:
+            self._values["saml_metadata_document"] = saml_metadata_document
         if tags is not None:
             self._values["tags"] = tags
 
     @builtins.property
-    def saml_metadata_document(self) -> builtins.str:
-        '''An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP.
+    def add_private_key(self) -> typing.Optional[builtins.str]:
+        '''The private key from your external identity provider.
 
-        For more information, see `About SAML 2.0-based federation <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html>`_ in the *IAM User Guide*
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-samlprovider.html#cfn-iam-samlprovider-addprivatekey
+        '''
+        result = self._values.get("add_private_key")
+        return typing.cast(typing.Optional[builtins.str], result)
 
-        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-samlprovider.html#cfn-iam-samlprovider-samlmetadatadocument
+    @builtins.property
+    def assertion_encryption_mode(self) -> typing.Optional[builtins.str]:
+        '''The encryption setting for the SAML provider.
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-samlprovider.html#cfn-iam-samlprovider-assertionencryptionmode
         '''
-        result = self._values.get("saml_metadata_document")
-        assert result is not None, "Required property 'saml_metadata_document' is missing"
-        return typing.cast(builtins.str, result)
+        result = self._values.get("assertion_encryption_mode")
+        return typing.cast(typing.Optional[builtins.str], result)
 
     @builtins.property
     def name(self) -> typing.Optional[builtins.str]:
@@ -4579,6 +4764,36 @@ class CfnSAMLProviderProps:
         result = self._values.get("name")
         return typing.cast(typing.Optional[builtins.str], result)
 
+    @builtins.property
+    def private_key_list(
+        self,
+    ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, CfnSAMLProvider.SAMLPrivateKeyProperty]]]]:
+        '''
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-samlprovider.html#cfn-iam-samlprovider-privatekeylist
+        '''
+        result = self._values.get("private_key_list")
+        return typing.cast(typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, CfnSAMLProvider.SAMLPrivateKeyProperty]]]], result)
+
+    @builtins.property
+    def remove_private_key(self) -> typing.Optional[builtins.str]:
+        '''The Key ID of the private key to remove.
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-samlprovider.html#cfn-iam-samlprovider-removeprivatekey
+        '''
+        result = self._values.get("remove_private_key")
+        return typing.cast(typing.Optional[builtins.str], result)
+
+    @builtins.property
+    def saml_metadata_document(self) -> typing.Optional[builtins.str]:
+        '''An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP.
+
+        For more information, see `About SAML 2.0-based federation <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html>`_ in the *IAM User Guide*
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-samlprovider.html#cfn-iam-samlprovider-samlmetadatadocument
+        '''
+        result = self._values.get("saml_metadata_document")
+        return typing.cast(typing.Optional[builtins.str], result)
+
     @builtins.property
     def tags(self) -> typing.Optional[typing.List[_CfnTag_f6864754]]:
         '''A list of tags that you want to attach to the new IAM SAML provider.
@@ -15531,8 +15746,12 @@ def _typecheckingstub__f64934981377388842130b01da042285d0dfa38ef82a7537c7ff86f5d
     scope: _constructs_77d1e7e8.Construct,
     id: builtins.str,
     *,
-    saml_metadata_document: builtins.str,
+    add_private_key: typing.Optional[builtins.str] = None,
+    assertion_encryption_mode: typing.Optional[builtins.str] = None,
     name: typing.Optional[builtins.str] = None,
+    private_key_list: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[CfnSAMLProvider.SAMLPrivateKeyProperty, typing.Dict[builtins.str, typing.Any]]]]]] = None,
+    remove_private_key: typing.Optional[builtins.str] = None,
+    saml_metadata_document: typing.Optional[builtins.str] = None,
     tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
 ) -> None:
     """Type checking stubs"""
@@ -15550,8 +15769,14 @@ def _typecheckingstub__aa493901e136133decf51345379fd4b5dd35432e35f354e5dd453eb7d
     """Type checking stubs"""
     pass
 
-def _typecheckingstub__6c9b70ef0e0ed94f53ecf2221518796deaf4c5a9353a14b0183e26bbe0e0d57c(
-    value: builtins.str,
+def _typecheckingstub__8eda0b212280ae29b138f852bf55874f8617cd18d7ed484f68edc38bffe20894(
+    value: typing.Optional[builtins.str],
+) -> None:
+    """Type checking stubs"""
+    pass
+
+def _typecheckingstub__b22ac38ad8a3fd6af168b0c9077c481244d37477d750cb3920773c2aa0381628(
+    value: typing.Optional[builtins.str],
 ) -> None:
     """Type checking stubs"""
     pass
@@ -15562,16 +15787,46 @@ def _typecheckingstub__bf699aa7d755e072f3b60499335fb6469de4ed3bdb0605652b9c32698
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__4b658e1199288ad46a20aa58d7a48bed2a7a2ce85d292b87c990c63d1cbea592(
+    value: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, CfnSAMLProvider.SAMLPrivateKeyProperty]]]],
+) -> None:
+    """Type checking stubs"""
+    pass
+
+def _typecheckingstub__9ee9b5a78619fab076894e18105c29d8554950dedb6d0b06ebdb5bdcf17266e1(
+    value: typing.Optional[builtins.str],
+) -> None:
+    """Type checking stubs"""
+    pass
+
+def _typecheckingstub__6c9b70ef0e0ed94f53ecf2221518796deaf4c5a9353a14b0183e26bbe0e0d57c(
+    value: typing.Optional[builtins.str],
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__b139c04642da2a9b428a58eb37077beb7f9b79971517b5fd95e8c7dbfa322e67(
     value: typing.Optional[typing.List[_CfnTag_f6864754]],
 ) -> None:
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__e7b8165114a2decbdfd66da703311b43a9b1c50edd7d65c71d2b8484a52e4f02(
+    *,
+    key_id: builtins.str,
+    timestamp: builtins.str,
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__753bbb479e0c0a542a8456d357a3312bedbcc25e8753ca69dabd0ebf09aa6de7(
     *,
-    saml_metadata_document: builtins.str,
+    add_private_key: typing.Optional[builtins.str] = None,
+    assertion_encryption_mode: typing.Optional[builtins.str] = None,
     name: typing.Optional[builtins.str] = None,
+    private_key_list: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Sequence[typing.Union[_IResolvable_da3f097b, typing.Union[CfnSAMLProvider.SAMLPrivateKeyProperty, typing.Dict[builtins.str, typing.Any]]]]]] = None,
+    remove_private_key: typing.Optional[builtins.str] = None,
+    saml_metadata_document: typing.Optional[builtins.str] = None,
     tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
 ) -> None:
     """Type checking stubs"""

aws_cdk/aws_inspector/__init__.py

@@ -80,19 +80,20 @@ class AssessmentTemplate(
     TODO: This class should implement IAssessmentTemplate and "construct-ctor-props-type:aws-cdk-lib.aws_inspector.AssessmentTemplate" should be
     removed from ``awslint.json`` when implementing the L2 construct
 
-    :exampleMetadata: fixture=_generated
+    :exampleMetadata: infused
 
     Example::
 
-        # The code below shows an example of how to instantiate this type.
-        # The values are placeholders you should change.
-        from aws_cdk import aws_inspector as inspector
+        import aws_cdk.aws_inspector as inspector
+        
+        # cfn_assessment_template: inspector.CfnAssessmentTemplate
         
-        assessment_template = inspector.AssessmentTemplate(self, "MyAssessmentTemplate",
-            account="account",
-            environment_from_arn="environmentFromArn",
-            physical_name="physicalName",
-            region="region"
+        
+        assessment_template = inspector.AssessmentTemplate.from_cfn_assessment_template(self, "MyAssessmentTemplate", cfn_assessment_template)
+        
+        Schedule(self, "Schedule",
+            schedule=ScheduleExpression.rate(Duration.minutes(60)),
+            target=targets.InspectorStartAssessmentRun(assessment_template)
         )
     '''
 
@@ -400,8 +401,10 @@ class CfnAssessmentTemplate(
 
         import aws_cdk.aws_inspector as inspector
         
-        # assessment_template: inspector.CfnAssessmentTemplate
+        # cfn_assessment_template: inspector.CfnAssessmentTemplate
+        
         
+        assessment_template = inspector.AssessmentTemplate.from_cfn_assessment_template(self, "MyAssessmentTemplate", cfn_assessment_template)
         
         Schedule(self, "Schedule",
             schedule=ScheduleExpression.rate(Duration.minutes(60)),