aws-cdk-lib 2.186.0__py3-none-any.whl → 2.188.0__py3-none-any.whl

aws_cdk/aws_route53/__init__.py

@@ -2254,7 +2254,7 @@ class CfnHostedZone(
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
         :param hosted_zone_config: A complex type that contains an optional comment. If you don't want to specify a comment, omit the ``HostedZoneConfig`` and ``Comment`` elements.
-        :param hosted_zone_tags: Adds, edits, or deletes tags for a health check or a hosted zone. For information about using tags for cost allocation, see `Using Cost Allocation Tags <https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html>`_ in the *AWS Billing and Cost Management User Guide* .
+        :param hosted_zone_tags: Adds, edits, or deletes tags for a health check or a hosted zone. For information about using tags for cost allocation, see `Using Cost Allocation Tags <https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html>`_ in the *Billing and Cost Management User Guide* .
         :param name: The name of the domain. Specify a fully qualified domain name, for example, *www.example.com* . The trailing dot is optional; Amazon Route 53 assumes that the domain name is fully qualified. This means that Route 53 treats *www.example.com* (without a trailing dot) and *www.example.com.* (with a trailing dot) as identical. If you're creating a public hosted zone, this is the name you have registered with your DNS registrar. If your domain name is registered with a registrar other than Route 53, change the name servers for your domain to the set of ``NameServers`` that are returned by the ``Fn::GetAtt`` intrinsic function.
         :param query_logging_config: Creates a configuration for DNS query logging. After you create a query logging configuration, Amazon Route 53 begins to publish log data to an Amazon CloudWatch Logs log group. DNS query logs contain information about the queries that Route 53 receives for a specified public hosted zone, such as the following: - Route 53 edge location that responded to the DNS query - Domain or subdomain that was requested - DNS record type, such as A or AAAA - DNS response code, such as ``NoError`` or ``ServFail`` - **Log Group and Resource Policy** - Before you create a query logging configuration, perform the following operations. .. epigraph:: If you create a query logging configuration using the Route 53 console, Route 53 performs these operations automatically. - Create a CloudWatch Logs log group, and make note of the ARN, which you specify when you create a query logging configuration. Note the following: - You must create the log group in the us-east-1 region. - You must use the same AWS account to create the log group and the hosted zone that you want to configure query logging for. - When you create log groups for query logging, we recommend that you use a consistent prefix, for example: ``/aws/route53/ *hosted zone name*`` In the next step, you'll create a resource policy, which controls access to one or more log groups and the associated AWS resources, such as Route 53 hosted zones. There's a limit on the number of resource policies that you can create, so we recommend that you use a consistent prefix so you can use the same resource policy for all the log groups that you create for query logging. - Create a CloudWatch Logs resource policy, and give it the permissions that Route 53 needs to create log streams and to send query logs to log streams. You must create the CloudWatch Logs resource policy in the us-east-1 region. For the value of ``Resource`` , specify the ARN for the log group that you created in the previous step. To use the same resource policy for all the CloudWatch Logs log groups that you created for query logging configurations, replace the hosted zone name with ``*`` , for example: ``arn:aws:logs:us-east-1:123412341234:log-group:/aws/route53/*`` To avoid the confused deputy problem, a security issue where an entity without a permission for an action can coerce a more-privileged entity to perform it, you can optionally limit the permissions that a service has to a resource in a resource-based policy by supplying the following values: - For ``aws:SourceArn`` , supply the hosted zone ARN used in creating the query logging configuration. For example, ``aws:SourceArn: arn:aws:route53:::hostedzone/hosted zone ID`` . - For ``aws:SourceAccount`` , supply the account ID for the account that creates the query logging configuration. For example, ``aws:SourceAccount:111111111111`` . For more information, see `The confused deputy problem <https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html>`_ in the *AWS IAM User Guide* . .. epigraph:: You can't use the CloudWatch console to create or edit a resource policy. You must use the CloudWatch API, one of the AWS SDKs, or the AWS CLI . - **Log Streams and Edge Locations** - When Route 53 finishes creating the configuration for DNS query logging, it does the following: - Creates a log stream for an edge location the first time that the edge location responds to DNS queries for the specified hosted zone. That log stream is used to log all queries that Route 53 responds to for that edge location. - Begins to send query logs to the applicable log stream. The name of each log stream is in the following format: ``*hosted zone ID* / *edge location code*`` The edge location code is a three-letter code and an arbitrarily assigned number, for example, DFW3. The three-letter code typically corresponds with the International Air Transport Association airport code for an airport near the edge location. (These abbreviations might change in the future.) For a list of edge locations, see "The Route 53 Global Network" on the `Route 53 Product Details <https://docs.aws.amazon.com/route53/details/>`_ page. - **Queries That Are Logged** - Query logs contain only the queries that DNS resolvers forward to Route 53. If a DNS resolver has already cached the response to a query (such as the IP address for a load balancer for example.com), the resolver will continue to return the cached response. It doesn't forward another query to Route 53 until the TTL for the corresponding resource record set expires. Depending on how many DNS queries are submitted for a resource record set, and depending on the TTL for that resource record set, query logs might contain information about only one query out of every several thousand queries that are submitted to DNS. For more information about how DNS works, see `Routing Internet Traffic to Your Website or Web Application <https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/welcome-dns-service.html>`_ in the *Amazon Route 53 Developer Guide* . - **Log File Format** - For a list of the values in each query log and the format of each value, see `Logging DNS Queries <https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html>`_ in the *Amazon Route 53 Developer Guide* . - **Pricing** - For information about charges for query logs, see `Amazon CloudWatch Pricing <https://docs.aws.amazon.com/cloudwatch/pricing/>`_ . - **How to Stop Logging** - If you want Route 53 to stop sending query logs to CloudWatch Logs, delete the query logging configuration. For more information, see `DeleteQueryLoggingConfig <https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteQueryLoggingConfig.html>`_ .
         :param vpcs: *Private hosted zones:* A complex type that contains information about the VPCs that are associated with the specified hosted zone. .. epigraph:: For public hosted zones, omit ``VPCs`` , ``VPCId`` , and ``VPCRegion`` .
@@ -2702,7 +2702,7 @@ class CfnHostedZoneProps:
         '''Properties for defining a ``CfnHostedZone``.
 
         :param hosted_zone_config: A complex type that contains an optional comment. If you don't want to specify a comment, omit the ``HostedZoneConfig`` and ``Comment`` elements.
-        :param hosted_zone_tags: Adds, edits, or deletes tags for a health check or a hosted zone. For information about using tags for cost allocation, see `Using Cost Allocation Tags <https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html>`_ in the *AWS Billing and Cost Management User Guide* .
+        :param hosted_zone_tags: Adds, edits, or deletes tags for a health check or a hosted zone. For information about using tags for cost allocation, see `Using Cost Allocation Tags <https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html>`_ in the *Billing and Cost Management User Guide* .
         :param name: The name of the domain. Specify a fully qualified domain name, for example, *www.example.com* . The trailing dot is optional; Amazon Route 53 assumes that the domain name is fully qualified. This means that Route 53 treats *www.example.com* (without a trailing dot) and *www.example.com.* (with a trailing dot) as identical. If you're creating a public hosted zone, this is the name you have registered with your DNS registrar. If your domain name is registered with a registrar other than Route 53, change the name servers for your domain to the set of ``NameServers`` that are returned by the ``Fn::GetAtt`` intrinsic function.
         :param query_logging_config: Creates a configuration for DNS query logging. After you create a query logging configuration, Amazon Route 53 begins to publish log data to an Amazon CloudWatch Logs log group. DNS query logs contain information about the queries that Route 53 receives for a specified public hosted zone, such as the following: - Route 53 edge location that responded to the DNS query - Domain or subdomain that was requested - DNS record type, such as A or AAAA - DNS response code, such as ``NoError`` or ``ServFail`` - **Log Group and Resource Policy** - Before you create a query logging configuration, perform the following operations. .. epigraph:: If you create a query logging configuration using the Route 53 console, Route 53 performs these operations automatically. - Create a CloudWatch Logs log group, and make note of the ARN, which you specify when you create a query logging configuration. Note the following: - You must create the log group in the us-east-1 region. - You must use the same AWS account to create the log group and the hosted zone that you want to configure query logging for. - When you create log groups for query logging, we recommend that you use a consistent prefix, for example: ``/aws/route53/ *hosted zone name*`` In the next step, you'll create a resource policy, which controls access to one or more log groups and the associated AWS resources, such as Route 53 hosted zones. There's a limit on the number of resource policies that you can create, so we recommend that you use a consistent prefix so you can use the same resource policy for all the log groups that you create for query logging. - Create a CloudWatch Logs resource policy, and give it the permissions that Route 53 needs to create log streams and to send query logs to log streams. You must create the CloudWatch Logs resource policy in the us-east-1 region. For the value of ``Resource`` , specify the ARN for the log group that you created in the previous step. To use the same resource policy for all the CloudWatch Logs log groups that you created for query logging configurations, replace the hosted zone name with ``*`` , for example: ``arn:aws:logs:us-east-1:123412341234:log-group:/aws/route53/*`` To avoid the confused deputy problem, a security issue where an entity without a permission for an action can coerce a more-privileged entity to perform it, you can optionally limit the permissions that a service has to a resource in a resource-based policy by supplying the following values: - For ``aws:SourceArn`` , supply the hosted zone ARN used in creating the query logging configuration. For example, ``aws:SourceArn: arn:aws:route53:::hostedzone/hosted zone ID`` . - For ``aws:SourceAccount`` , supply the account ID for the account that creates the query logging configuration. For example, ``aws:SourceAccount:111111111111`` . For more information, see `The confused deputy problem <https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html>`_ in the *AWS IAM User Guide* . .. epigraph:: You can't use the CloudWatch console to create or edit a resource policy. You must use the CloudWatch API, one of the AWS SDKs, or the AWS CLI . - **Log Streams and Edge Locations** - When Route 53 finishes creating the configuration for DNS query logging, it does the following: - Creates a log stream for an edge location the first time that the edge location responds to DNS queries for the specified hosted zone. That log stream is used to log all queries that Route 53 responds to for that edge location. - Begins to send query logs to the applicable log stream. The name of each log stream is in the following format: ``*hosted zone ID* / *edge location code*`` The edge location code is a three-letter code and an arbitrarily assigned number, for example, DFW3. The three-letter code typically corresponds with the International Air Transport Association airport code for an airport near the edge location. (These abbreviations might change in the future.) For a list of edge locations, see "The Route 53 Global Network" on the `Route 53 Product Details <https://docs.aws.amazon.com/route53/details/>`_ page. - **Queries That Are Logged** - Query logs contain only the queries that DNS resolvers forward to Route 53. If a DNS resolver has already cached the response to a query (such as the IP address for a load balancer for example.com), the resolver will continue to return the cached response. It doesn't forward another query to Route 53 until the TTL for the corresponding resource record set expires. Depending on how many DNS queries are submitted for a resource record set, and depending on the TTL for that resource record set, query logs might contain information about only one query out of every several thousand queries that are submitted to DNS. For more information about how DNS works, see `Routing Internet Traffic to Your Website or Web Application <https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/welcome-dns-service.html>`_ in the *Amazon Route 53 Developer Guide* . - **Log File Format** - For a list of the values in each query log and the format of each value, see `Logging DNS Queries <https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html>`_ in the *Amazon Route 53 Developer Guide* . - **Pricing** - For information about charges for query logs, see `Amazon CloudWatch Pricing <https://docs.aws.amazon.com/cloudwatch/pricing/>`_ . - **How to Stop Logging** - If you want Route 53 to stop sending query logs to CloudWatch Logs, delete the query logging configuration. For more information, see `DeleteQueryLoggingConfig <https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteQueryLoggingConfig.html>`_ .
         :param vpcs: *Private hosted zones:* A complex type that contains information about the VPCs that are associated with the specified hosted zone. .. epigraph:: For public hosted zones, omit ``VPCs`` , ``VPCId`` , and ``VPCRegion`` .
@@ -2772,7 +2772,7 @@ class CfnHostedZoneProps:
     ) -> typing.Optional[typing.List[CfnHostedZone.HostedZoneTagProperty]]:
         '''Adds, edits, or deletes tags for a health check or a hosted zone.
 
-        For information about using tags for cost allocation, see `Using Cost Allocation Tags <https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html>`_ in the *AWS Billing and Cost Management User Guide* .
+        For information about using tags for cost allocation, see `Using Cost Allocation Tags <https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html>`_ in the *Billing and Cost Management User Guide* .
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-hostedzone.html#cfn-route53-hostedzone-hostedzonetags
         '''
@@ -3319,7 +3319,7 @@ class CfnRecordSet(
     @builtins.property
     @jsii.member(jsii_name="attrId")
     def attr_id(self) -> builtins.str:
-        '''Specifies a coordinate of the east–west position of a geographic point on the surface of the Earth.
+        '''This element contains an ID that you use when performing a ``GetChange`` action to get detailed information about the change.
 
         :cloudformationAttribute: Id
         '''
@@ -4286,7 +4286,7 @@ class CfnRecordSetGroup(
     @builtins.property
     @jsii.member(jsii_name="attrId")
     def attr_id(self) -> builtins.str:
-        '''Specifies a coordinate of the east–west position of a geographic point on the surface of the Earth.
+        '''This element contains an ID that you use when performing a ``GetChange`` action to get detailed information about the change.
 
         :cloudformationAttribute: Id
         '''

aws_cdk/aws_route53recoverycontrol/__init__.py

@@ -93,6 +93,7 @@ class CfnCluster(
             name="name",
         
             # the properties below are optional
+            network_type="networkType",
             tags=[CfnTag(
                 key="key",
                 value="value"
@@ -106,19 +107,21 @@ class CfnCluster(
         id: builtins.str,
         *,
         name: builtins.str,
+        network_type: typing.Optional[builtins.str] = None,
         tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
     ) -> None:
         '''
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
         :param name: Name of the cluster. You can use any non-white space character in the name except the following: & > < ' (single quote) " (double quote) ; (semicolon).
+        :param network_type: The network-type can either be IPV4 or DUALSTACK.
         :param tags: The tags associated with the cluster.
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__a22ce3cb989f0084b0215729b9e32485e8f3c7d8c5b66e19c5d569e7319889ca)
             check_type(argname="argument scope", value=scope, expected_type=type_hints["scope"])
             check_type(argname="argument id", value=id, expected_type=type_hints["id"])
-        props = CfnClusterProps(name=name, tags=tags)
+        props = CfnClusterProps(name=name, network_type=network_type, tags=tags)
 
         jsii.create(self.__class__, self, [scope, id, props])
 
@@ -207,6 +210,19 @@ class CfnCluster(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "name", value) # pyright: ignore[reportArgumentType]
 
+    @builtins.property
+    @jsii.member(jsii_name="networkType")
+    def network_type(self) -> typing.Optional[builtins.str]:
+        '''The network-type can either be IPV4 or DUALSTACK.'''
+        return typing.cast(typing.Optional[builtins.str], jsii.get(self, "networkType"))
+
+    @network_type.setter
+    def network_type(self, value: typing.Optional[builtins.str]) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__74c93f15d95285d08220407a27806cfcda4c141a344adc3ac15370b18b03a26c)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "networkType", value) # pyright: ignore[reportArgumentType]
+
     @builtins.property
     @jsii.member(jsii_name="tagsRaw")
     def tags_raw(self) -> typing.Optional[typing.List[_CfnTag_f6864754]]:
@@ -298,18 +314,20 @@ class CfnCluster(
 @jsii.data_type(
     jsii_type="aws-cdk-lib.aws_route53recoverycontrol.CfnClusterProps",
     jsii_struct_bases=[],
-    name_mapping={"name": "name", "tags": "tags"},
+    name_mapping={"name": "name", "network_type": "networkType", "tags": "tags"},
 )
 class CfnClusterProps:
     def __init__(
         self,
         *,
         name: builtins.str,
+        network_type: typing.Optional[builtins.str] = None,
         tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
     ) -> None:
         '''Properties for defining a ``CfnCluster``.
 
         :param name: Name of the cluster. You can use any non-white space character in the name except the following: & > < ' (single quote) " (double quote) ; (semicolon).
+        :param network_type: The network-type can either be IPV4 or DUALSTACK.
         :param tags: The tags associated with the cluster.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53recoverycontrol-cluster.html
@@ -325,6 +343,7 @@ class CfnClusterProps:
                 name="name",
             
                 # the properties below are optional
+                network_type="networkType",
                 tags=[CfnTag(
                     key="key",
                     value="value"
@@ -334,10 +353,13 @@ class CfnClusterProps:
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__24ce2dce26c7c141f1b9e0e5bcda1dc9d1ab67320e0af4676b77cea0c5569d52)
             check_type(argname="argument name", value=name, expected_type=type_hints["name"])
+            check_type(argname="argument network_type", value=network_type, expected_type=type_hints["network_type"])
             check_type(argname="argument tags", value=tags, expected_type=type_hints["tags"])
         self._values: typing.Dict[builtins.str, typing.Any] = {
             "name": name,
         }
+        if network_type is not None:
+            self._values["network_type"] = network_type
         if tags is not None:
             self._values["tags"] = tags
 
@@ -353,6 +375,15 @@ class CfnClusterProps:
         assert result is not None, "Required property 'name' is missing"
         return typing.cast(builtins.str, result)
 
+    @builtins.property
+    def network_type(self) -> typing.Optional[builtins.str]:
+        '''The network-type can either be IPV4 or DUALSTACK.
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53recoverycontrol-cluster.html#cfn-route53recoverycontrol-cluster-networktype
+        '''
+        result = self._values.get("network_type")
+        return typing.cast(typing.Optional[builtins.str], result)
+
     @builtins.property
     def tags(self) -> typing.Optional[typing.List[_CfnTag_f6864754]]:
         '''The tags associated with the cluster.
@@ -1597,6 +1628,7 @@ def _typecheckingstub__a22ce3cb989f0084b0215729b9e32485e8f3c7d8c5b66e19c5d569e73
     id: builtins.str,
     *,
     name: builtins.str,
+    network_type: typing.Optional[builtins.str] = None,
     tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
 ) -> None:
     """Type checking stubs"""
@@ -1620,6 +1652,12 @@ def _typecheckingstub__1c1256c59e47b758559a89c3e22392b86499c611a6b2d3207ea90be49
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__74c93f15d95285d08220407a27806cfcda4c141a344adc3ac15370b18b03a26c(
+    value: typing.Optional[builtins.str],
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__07baed78448e49810892cf249edb0e6836f52fd39d85bd39a03b4d9a5c018f83(
     value: typing.Optional[typing.List[_CfnTag_f6864754]],
 ) -> None:
@@ -1637,6 +1675,7 @@ def _typecheckingstub__417623fb2e8bf530a95eb326a2e5d219300a55ce5482328b4bf15990d
 def _typecheckingstub__24ce2dce26c7c141f1b9e0e5bcda1dc9d1ab67320e0af4676b77cea0c5569d52(
     *,
     name: builtins.str,
+    network_type: typing.Optional[builtins.str] = None,
     tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
 ) -> None:
     """Type checking stubs"""

aws_cdk/aws_rum/__init__.py

@@ -175,8 +175,8 @@ class CfnAppMonitor(
         :param custom_events: Specifies whether this app monitor allows the web client to define and send custom events. If you omit this parameter, custom events are ``DISABLED`` .
         :param cw_log_enabled: Data collected by CloudWatch RUM is kept by RUM for 30 days and then deleted. This parameter specifies whether CloudWatch RUM sends a copy of this telemetry data to Amazon CloudWatch Logs in your account. This enables you to keep the telemetry data for more than 30 days, but it does incur Amazon CloudWatch Logs charges. If you omit this parameter, the default is ``false`` .
         :param deobfuscation_configuration: A structure that contains the configuration for how an app monitor can deobfuscate stack traces.
-        :param domain: The top-level internet domain name for which your application has administrative authority. This parameter is required.
-        :param domain_list: The top-level internet domain names for which your application has administrative authority. The CreateAppMonitor requires either the domain or the domain list.
+        :param domain: The top-level internet domain name for which your application has administrative authority. This parameter or the ``DomainList`` parameter is required.
+        :param domain_list: List the domain names for which your application has administrative authority. This parameter or the ``Domain`` parameter is required. You can have a minimum of 1 and a maximum of 5 ``Domain`` under ``DomainList`` . Each ``Domain`` must be a minimum length of 1 and a maximum of 253 characters.
         :param resource_policy: Use this structure to assign a resource-based policy to a CloudWatch RUM app monitor to control access to it. Each app monitor can have one resource-based policy. The maximum size of the policy is 4 KB. To learn more about using resource policies with RUM, see `Using resource-based policies with CloudWatch RUM <https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-resource-policies.html>`_ .
         :param tags: Assigns one or more tags (key-value pairs) to the app monitor. Tags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values. Tags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters. You can associate as many as 50 tags with an app monitor. For more information, see `Tagging AWS resources <https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html>`_ .
         '''
@@ -349,7 +349,10 @@ class CfnAppMonitor(
     @builtins.property
     @jsii.member(jsii_name="domainList")
     def domain_list(self) -> typing.Optional[typing.List[builtins.str]]:
-        '''The top-level internet domain names for which your application has administrative authority.'''
+        '''List the domain names for which your application has administrative authority.
+
+        This parameter or the ``Domain`` parameter is required.
+        '''
         return typing.cast(typing.Optional[typing.List[builtins.str]], jsii.get(self, "domainList"))
 
     @domain_list.setter
@@ -762,7 +765,7 @@ class CfnAppMonitor(
         ) -> None:
             '''A structure that contains the configuration for how an app monitor can unminify JavaScript error stack traces using source maps.
 
-            :param status: Specifies whether JavaScript error stack traces should be unminified for this app monitor. The default is for JavaScript error stack trace unminification to be DISABLED
+            :param status: Specifies whether JavaScript error stack traces should be unminified for this app monitor. The default is for JavaScript error stack trace unminification to be ``DISABLED`` .
             :param s3_uri: The S3Uri of the bucket or folder that stores the source map files. It is required if status is ENABLED.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rum-appmonitor-javascriptsourcemaps.html
@@ -795,7 +798,7 @@ class CfnAppMonitor(
         def status(self) -> builtins.str:
             '''Specifies whether JavaScript error stack traces should be unminified for this app monitor.
 
-            The default is for JavaScript error stack trace unminification to be DISABLED
+            The default is for JavaScript error stack trace unminification to be ``DISABLED`` .
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rum-appmonitor-javascriptsourcemaps.html#cfn-rum-appmonitor-javascriptsourcemaps-status
             '''
@@ -1252,8 +1255,8 @@ class CfnAppMonitorProps:
         :param custom_events: Specifies whether this app monitor allows the web client to define and send custom events. If you omit this parameter, custom events are ``DISABLED`` .
         :param cw_log_enabled: Data collected by CloudWatch RUM is kept by RUM for 30 days and then deleted. This parameter specifies whether CloudWatch RUM sends a copy of this telemetry data to Amazon CloudWatch Logs in your account. This enables you to keep the telemetry data for more than 30 days, but it does incur Amazon CloudWatch Logs charges. If you omit this parameter, the default is ``false`` .
         :param deobfuscation_configuration: A structure that contains the configuration for how an app monitor can deobfuscate stack traces.
-        :param domain: The top-level internet domain name for which your application has administrative authority. This parameter is required.
-        :param domain_list: The top-level internet domain names for which your application has administrative authority. The CreateAppMonitor requires either the domain or the domain list.
+        :param domain: The top-level internet domain name for which your application has administrative authority. This parameter or the ``DomainList`` parameter is required.
+        :param domain_list: List the domain names for which your application has administrative authority. This parameter or the ``Domain`` parameter is required. You can have a minimum of 1 and a maximum of 5 ``Domain`` under ``DomainList`` . Each ``Domain`` must be a minimum length of 1 and a maximum of 253 characters.
         :param resource_policy: Use this structure to assign a resource-based policy to a CloudWatch RUM app monitor to control access to it. Each app monitor can have one resource-based policy. The maximum size of the policy is 4 KB. To learn more about using resource policies with RUM, see `Using resource-based policies with CloudWatch RUM <https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-resource-policies.html>`_ .
         :param tags: Assigns one or more tags (key-value pairs) to the app monitor. Tags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values. Tags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters. You can associate as many as 50 tags with an app monitor. For more information, see `Tagging AWS resources <https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html>`_ .
 
@@ -1427,7 +1430,7 @@ class CfnAppMonitorProps:
     def domain(self) -> typing.Optional[builtins.str]:
         '''The top-level internet domain name for which your application has administrative authority.
 
-        This parameter is required.
+        This parameter or the ``DomainList`` parameter is required.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rum-appmonitor.html#cfn-rum-appmonitor-domain
         '''
@@ -1436,9 +1439,9 @@ class CfnAppMonitorProps:
 
     @builtins.property
     def domain_list(self) -> typing.Optional[typing.List[builtins.str]]:
-        '''The top-level internet domain names for which your application has administrative authority.
+        '''List the domain names for which your application has administrative authority. This parameter or the ``Domain`` parameter is required.
 
-        The CreateAppMonitor requires either the domain or the domain list.
+        You can have a minimum of 1 and a maximum of 5 ``Domain`` under ``DomainList`` . Each ``Domain`` must be a minimum length of 1 and a maximum of 253 characters.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rum-appmonitor.html#cfn-rum-appmonitor-domainlist
         '''

aws_cdk/aws_s3/__init__.py

@@ -2087,7 +2087,7 @@ class BucketProps:
         :param bucket_key_enabled: Whether Amazon S3 should use its own intermediary key to generate data keys. Only relevant when using KMS for encryption. - If not enabled, every object GET and PUT will cause an API call to KMS (with the attendant cost implications of that). - If enabled, S3 will use its own time-limited key instead. Only relevant, when Encryption is not set to ``BucketEncryption.UNENCRYPTED``. Default: - false
         :param bucket_name: Physical name of this bucket. Default: - Assigned by CloudFormation (recommended).
         :param cors: The CORS configuration of this bucket. Default: - No CORS configuration.
-        :param encryption: The kind of server-side encryption to apply to this bucket. If you choose KMS, you can specify a KMS key via ``encryptionKey``. If encryption key is not specified, a key will automatically be created. Default: - ``KMS`` if ``encryptionKey`` is specified, or ``UNENCRYPTED`` otherwise. But if ``UNENCRYPTED`` is specified, the bucket will be encrypted as ``S3_MANAGED`` automatically.
+        :param encryption: The kind of server-side encryption to apply to this bucket. If you choose KMS, you can specify a KMS key via ``encryptionKey``. If encryption key is not specified, a key will automatically be created. Default: - ``KMS`` if ``encryptionKey`` is specified, or ``S3_MANAGED`` otherwise.
         :param encryption_key: External KMS key to use for bucket encryption. The ``encryption`` property must be either not specified or set to ``KMS`` or ``DSSE``. An error will be emitted if ``encryption`` is set to ``UNENCRYPTED`` or ``S3_MANAGED``. Default: - If ``encryption`` is set to ``KMS`` and this property is undefined, a new KMS key will be created and associated with this bucket.
         :param enforce_ssl: Enforces SSL for requests. S3.5 of the AWS Foundational Security Best Practices Regarding S3. Default: false
         :param event_bridge_enabled: Whether this bucket should send notifications to Amazon EventBridge or not. Default: false
@@ -2325,10 +2325,7 @@ class BucketProps:
         If you choose KMS, you can specify a KMS key via ``encryptionKey``. If
         encryption key is not specified, a key will automatically be created.
 
-        :default:
-
-        - ``KMS`` if ``encryptionKey`` is specified, or ``UNENCRYPTED`` otherwise.
-        But if ``UNENCRYPTED`` is specified, the bucket will be encrypted as ``S3_MANAGED`` automatically.
+        :default: - ``KMS`` if ``encryptionKey`` is specified, or ``S3_MANAGED`` otherwise.
         '''
         result = self._values.get("encryption")
         return typing.cast(typing.Optional[BucketEncryption], result)
@@ -20670,7 +20667,7 @@ class Bucket(
         :param bucket_key_enabled: Whether Amazon S3 should use its own intermediary key to generate data keys. Only relevant when using KMS for encryption. - If not enabled, every object GET and PUT will cause an API call to KMS (with the attendant cost implications of that). - If enabled, S3 will use its own time-limited key instead. Only relevant, when Encryption is not set to ``BucketEncryption.UNENCRYPTED``. Default: - false
         :param bucket_name: Physical name of this bucket. Default: - Assigned by CloudFormation (recommended).
         :param cors: The CORS configuration of this bucket. Default: - No CORS configuration.
-        :param encryption: The kind of server-side encryption to apply to this bucket. If you choose KMS, you can specify a KMS key via ``encryptionKey``. If encryption key is not specified, a key will automatically be created. Default: - ``KMS`` if ``encryptionKey`` is specified, or ``UNENCRYPTED`` otherwise. But if ``UNENCRYPTED`` is specified, the bucket will be encrypted as ``S3_MANAGED`` automatically.
+        :param encryption: The kind of server-side encryption to apply to this bucket. If you choose KMS, you can specify a KMS key via ``encryptionKey``. If encryption key is not specified, a key will automatically be created. Default: - ``KMS`` if ``encryptionKey`` is specified, or ``S3_MANAGED`` otherwise.
         :param encryption_key: External KMS key to use for bucket encryption. The ``encryption`` property must be either not specified or set to ``KMS`` or ``DSSE``. An error will be emitted if ``encryption`` is set to ``UNENCRYPTED`` or ``S3_MANAGED``. Default: - If ``encryption`` is set to ``KMS`` and this property is undefined, a new KMS key will be created and associated with this bucket.
         :param enforce_ssl: Enforces SSL for requests. S3.5 of the AWS Foundational Security Best Practices Regarding S3. Default: false
         :param event_bridge_enabled: Whether this bucket should send notifications to Amazon EventBridge or not. Default: false

aws_cdk/aws_s3_assets/__init__.py

@@ -24,7 +24,10 @@ to an S3 bucket during deployment.
 
 ```python
 asset = assets.Asset(self, "SampleAsset",
-    path=path.join(__dirname, "file-asset.txt")
+    path=path.join(__dirname, "file-asset.txt"),
+
+    # Optional: describe the purpose of the asset with a human-readable string
+    display_name="My file"
 )
 ```
 
@@ -294,6 +297,7 @@ class Asset(
         *,
         path: builtins.str,
         deploy_time: typing.Optional[builtins.bool] = None,
+        display_name: typing.Optional[builtins.str] = None,
         readers: typing.Optional[typing.Sequence[_IGrantable_71c4f5de]] = None,
         source_kms_key: typing.Optional[_IKey_5f11635f] = None,
         asset_hash: typing.Optional[builtins.str] = None,
@@ -308,6 +312,7 @@ class Asset(
         :param id: -
         :param path: The disk location of the asset. The path should refer to one of the following: - A regular file or a .zip file, in which case the file will be uploaded as-is to S3. - A directory, in which case it will be archived into a .zip file and uploaded to S3.
         :param deploy_time: Whether or not the asset needs to exist beyond deployment time; i.e. are copied over to a different location and not needed afterwards. Setting this property to true has an impact on the lifecycle of the asset, because we will assume that it is safe to delete after the CloudFormation deployment succeeds. For example, Lambda Function assets are copied over to Lambda during deployment. Therefore, it is not necessary to store the asset in S3, so we consider those deployTime assets. Default: false
+        :param display_name: A display name for this asset. If supplied, the display name will be used in locations where the asset identifier is printed, like in the CLI progress information. If the same asset is added multiple times, the display name of the first occurrence is used. The default is the construct path of the Asset construct, with respect to the enclosing stack. If the asset is produced by a construct helper function (such as ``lambda.Code.fromAsset()``), this will look like ``MyFunction/Code``. We use the stack-relative construct path so that in the common case where you have multiple stacks with the same asset, we won't show something like ``/MyBetaStack/MyFunction/Code`` when you are actually deploying to production. Default: - Stack-relative construct path
         :param readers: A list of principals that should be able to read this asset from S3. You can use ``asset.grantRead(principal)`` to grant read permissions later. Default: - No principals that can read file asset.
         :param source_kms_key: The ARN of the KMS key used to encrypt the handler code. Default: - the default server-side encryption with Amazon S3 managed keys(SSE-S3) key will be used.
         :param asset_hash: Specify a custom hash for this asset. If ``assetHashType`` is set it must be set to ``AssetHashType.CUSTOM``. For consistency, this custom hash will be SHA256 hashed and encoded as hex. The resulting hash will be the asset hash. NOTE: the hash is used in order to identify a specific revision of the asset, and used for optimizing and caching deployment activities related to this asset such as packaging, uploading to Amazon S3, etc. If you chose to customize the hash, you will need to make sure it is updated every time the asset changes, or otherwise it is possible that some deployments will not be invalidated. Default: - based on ``assetHashType``
@@ -324,6 +329,7 @@ class Asset(
         props = AssetProps(
             path=path,
             deploy_time=deploy_time,
+            display_name=display_name,
             readers=readers,
             source_kms_key=source_kms_key,
             asset_hash=asset_hash,
@@ -462,6 +468,7 @@ class Asset(
         "follow_symlinks": "followSymlinks",
         "ignore_mode": "ignoreMode",
         "deploy_time": "deployTime",
+        "display_name": "displayName",
         "readers": "readers",
         "source_kms_key": "sourceKMSKey",
     },
@@ -477,6 +484,7 @@ class AssetOptions(_AssetOptions_9cd3031e, _FileCopyOptions_e03e2a30):
         follow_symlinks: typing.Optional[_SymlinkFollowMode_047ec1f6] = None,
         ignore_mode: typing.Optional[_IgnoreMode_655a98e8] = None,
         deploy_time: typing.Optional[builtins.bool] = None,
+        display_name: typing.Optional[builtins.str] = None,
         readers: typing.Optional[typing.Sequence[_IGrantable_71c4f5de]] = None,
         source_kms_key: typing.Optional[_IKey_5f11635f] = None,
     ) -> None:
@@ -488,6 +496,7 @@ class AssetOptions(_AssetOptions_9cd3031e, _FileCopyOptions_e03e2a30):
         :param follow_symlinks: A strategy for how to handle symlinks. Default: SymlinkFollowMode.NEVER
         :param ignore_mode: The ignore behavior to use for ``exclude`` patterns. Default: IgnoreMode.GLOB
         :param deploy_time: Whether or not the asset needs to exist beyond deployment time; i.e. are copied over to a different location and not needed afterwards. Setting this property to true has an impact on the lifecycle of the asset, because we will assume that it is safe to delete after the CloudFormation deployment succeeds. For example, Lambda Function assets are copied over to Lambda during deployment. Therefore, it is not necessary to store the asset in S3, so we consider those deployTime assets. Default: false
+        :param display_name: A display name for this asset. If supplied, the display name will be used in locations where the asset identifier is printed, like in the CLI progress information. If the same asset is added multiple times, the display name of the first occurrence is used. The default is the construct path of the Asset construct, with respect to the enclosing stack. If the asset is produced by a construct helper function (such as ``lambda.Code.fromAsset()``), this will look like ``MyFunction/Code``. We use the stack-relative construct path so that in the common case where you have multiple stacks with the same asset, we won't show something like ``/MyBetaStack/MyFunction/Code`` when you are actually deploying to production. Default: - Stack-relative construct path
         :param readers: A list of principals that should be able to read this asset from S3. You can use ``asset.grantRead(principal)`` to grant read permissions later. Default: - No principals that can read file asset.
         :param source_kms_key: The ARN of the KMS key used to encrypt the handler code. Default: - the default server-side encryption with Amazon S3 managed keys(SSE-S3) key will be used.
 
@@ -518,6 +527,7 @@ class AssetOptions(_AssetOptions_9cd3031e, _FileCopyOptions_e03e2a30):
             check_type(argname="argument follow_symlinks", value=follow_symlinks, expected_type=type_hints["follow_symlinks"])
             check_type(argname="argument ignore_mode", value=ignore_mode, expected_type=type_hints["ignore_mode"])
             check_type(argname="argument deploy_time", value=deploy_time, expected_type=type_hints["deploy_time"])
+            check_type(argname="argument display_name", value=display_name, expected_type=type_hints["display_name"])
             check_type(argname="argument readers", value=readers, expected_type=type_hints["readers"])
             check_type(argname="argument source_kms_key", value=source_kms_key, expected_type=type_hints["source_kms_key"])
         self._values: typing.Dict[builtins.str, typing.Any] = {}
@@ -535,6 +545,8 @@ class AssetOptions(_AssetOptions_9cd3031e, _FileCopyOptions_e03e2a30):
             self._values["ignore_mode"] = ignore_mode
         if deploy_time is not None:
             self._values["deploy_time"] = deploy_time
+        if display_name is not None:
+            self._values["display_name"] = display_name
         if readers is not None:
             self._values["readers"] = readers
         if source_kms_key is not None:
@@ -641,6 +653,30 @@ class AssetOptions(_AssetOptions_9cd3031e, _FileCopyOptions_e03e2a30):
         result = self._values.get("deploy_time")
         return typing.cast(typing.Optional[builtins.bool], result)
 
+    @builtins.property
+    def display_name(self) -> typing.Optional[builtins.str]:
+        '''A display name for this asset.
+
+        If supplied, the display name will be used in locations where the asset
+        identifier is printed, like in the CLI progress information. If the same
+        asset is added multiple times, the display name of the first occurrence is
+        used.
+
+        The default is the construct path of the Asset construct, with respect to
+        the enclosing stack. If the asset is produced by a construct helper
+        function (such as ``lambda.Code.fromAsset()``), this will look like
+        ``MyFunction/Code``.
+
+        We use the stack-relative construct path so that in the common case where
+        you have multiple stacks with the same asset, we won't show something like
+        ``/MyBetaStack/MyFunction/Code`` when you are actually deploying to
+        production.
+
+        :default: - Stack-relative construct path
+        '''
+        result = self._values.get("display_name")
+        return typing.cast(typing.Optional[builtins.str], result)
+
     @builtins.property
     def readers(self) -> typing.Optional[typing.List[_IGrantable_71c4f5de]]:
         '''A list of principals that should be able to read this asset from S3.
@@ -684,6 +720,7 @@ class AssetOptions(_AssetOptions_9cd3031e, _FileCopyOptions_e03e2a30):
         "follow_symlinks": "followSymlinks",
         "ignore_mode": "ignoreMode",
         "deploy_time": "deployTime",
+        "display_name": "displayName",
         "readers": "readers",
         "source_kms_key": "sourceKMSKey",
         "path": "path",
@@ -700,6 +737,7 @@ class AssetProps(AssetOptions):
         follow_symlinks: typing.Optional[_SymlinkFollowMode_047ec1f6] = None,
         ignore_mode: typing.Optional[_IgnoreMode_655a98e8] = None,
         deploy_time: typing.Optional[builtins.bool] = None,
+        display_name: typing.Optional[builtins.str] = None,
         readers: typing.Optional[typing.Sequence[_IGrantable_71c4f5de]] = None,
         source_kms_key: typing.Optional[_IKey_5f11635f] = None,
         path: builtins.str,
@@ -712,6 +750,7 @@ class AssetProps(AssetOptions):
         :param follow_symlinks: A strategy for how to handle symlinks. Default: SymlinkFollowMode.NEVER
         :param ignore_mode: The ignore behavior to use for ``exclude`` patterns. Default: IgnoreMode.GLOB
         :param deploy_time: Whether or not the asset needs to exist beyond deployment time; i.e. are copied over to a different location and not needed afterwards. Setting this property to true has an impact on the lifecycle of the asset, because we will assume that it is safe to delete after the CloudFormation deployment succeeds. For example, Lambda Function assets are copied over to Lambda during deployment. Therefore, it is not necessary to store the asset in S3, so we consider those deployTime assets. Default: false
+        :param display_name: A display name for this asset. If supplied, the display name will be used in locations where the asset identifier is printed, like in the CLI progress information. If the same asset is added multiple times, the display name of the first occurrence is used. The default is the construct path of the Asset construct, with respect to the enclosing stack. If the asset is produced by a construct helper function (such as ``lambda.Code.fromAsset()``), this will look like ``MyFunction/Code``. We use the stack-relative construct path so that in the common case where you have multiple stacks with the same asset, we won't show something like ``/MyBetaStack/MyFunction/Code`` when you are actually deploying to production. Default: - Stack-relative construct path
         :param readers: A list of principals that should be able to read this asset from S3. You can use ``asset.grantRead(principal)`` to grant read permissions later. Default: - No principals that can read file asset.
         :param source_kms_key: The ARN of the KMS key used to encrypt the handler code. Default: - the default server-side encryption with Amazon S3 managed keys(SSE-S3) key will be used.
         :param path: The disk location of the asset. The path should refer to one of the following: - A regular file or a .zip file, in which case the file will be uploaded as-is to S3. - A directory, in which case it will be archived into a .zip file and uploaded to S3.
@@ -743,6 +782,7 @@ class AssetProps(AssetOptions):
             check_type(argname="argument follow_symlinks", value=follow_symlinks, expected_type=type_hints["follow_symlinks"])
             check_type(argname="argument ignore_mode", value=ignore_mode, expected_type=type_hints["ignore_mode"])
             check_type(argname="argument deploy_time", value=deploy_time, expected_type=type_hints["deploy_time"])
+            check_type(argname="argument display_name", value=display_name, expected_type=type_hints["display_name"])
             check_type(argname="argument readers", value=readers, expected_type=type_hints["readers"])
             check_type(argname="argument source_kms_key", value=source_kms_key, expected_type=type_hints["source_kms_key"])
             check_type(argname="argument path", value=path, expected_type=type_hints["path"])
@@ -763,6 +803,8 @@ class AssetProps(AssetOptions):
             self._values["ignore_mode"] = ignore_mode
         if deploy_time is not None:
             self._values["deploy_time"] = deploy_time
+        if display_name is not None:
+            self._values["display_name"] = display_name
         if readers is not None:
             self._values["readers"] = readers
         if source_kms_key is not None:
@@ -869,6 +911,30 @@ class AssetProps(AssetOptions):
         result = self._values.get("deploy_time")
         return typing.cast(typing.Optional[builtins.bool], result)
 
+    @builtins.property
+    def display_name(self) -> typing.Optional[builtins.str]:
+        '''A display name for this asset.
+
+        If supplied, the display name will be used in locations where the asset
+        identifier is printed, like in the CLI progress information. If the same
+        asset is added multiple times, the display name of the first occurrence is
+        used.
+
+        The default is the construct path of the Asset construct, with respect to
+        the enclosing stack. If the asset is produced by a construct helper
+        function (such as ``lambda.Code.fromAsset()``), this will look like
+        ``MyFunction/Code``.
+
+        We use the stack-relative construct path so that in the common case where
+        you have multiple stacks with the same asset, we won't show something like
+        ``/MyBetaStack/MyFunction/Code`` when you are actually deploying to
+        production.
+
+        :default: - Stack-relative construct path
+        '''
+        result = self._values.get("display_name")
+        return typing.cast(typing.Optional[builtins.str], result)
+
     @builtins.property
     def readers(self) -> typing.Optional[typing.List[_IGrantable_71c4f5de]]:
         '''A list of principals that should be able to read this asset from S3.
@@ -928,6 +994,7 @@ def _typecheckingstub__00df81fd3b746cf2ee52c0e7a23b6fdc1b45db97673ca7e25a9651e7e
     *,
     path: builtins.str,
     deploy_time: typing.Optional[builtins.bool] = None,
+    display_name: typing.Optional[builtins.str] = None,
     readers: typing.Optional[typing.Sequence[_IGrantable_71c4f5de]] = None,
     source_kms_key: typing.Optional[_IKey_5f11635f] = None,
     asset_hash: typing.Optional[builtins.str] = None,
@@ -962,6 +1029,7 @@ def _typecheckingstub__11950fe0327642dd25ddfeb2c620bb33847718475fe489bf003d096a0
     follow_symlinks: typing.Optional[_SymlinkFollowMode_047ec1f6] = None,
     ignore_mode: typing.Optional[_IgnoreMode_655a98e8] = None,
     deploy_time: typing.Optional[builtins.bool] = None,
+    display_name: typing.Optional[builtins.str] = None,
     readers: typing.Optional[typing.Sequence[_IGrantable_71c4f5de]] = None,
     source_kms_key: typing.Optional[_IKey_5f11635f] = None,
 ) -> None:
@@ -977,6 +1045,7 @@ def _typecheckingstub__f879318d3885bc2e9c71c124fac7ad5a955812e438be7c03244c3aad7
     follow_symlinks: typing.Optional[_SymlinkFollowMode_047ec1f6] = None,
     ignore_mode: typing.Optional[_IgnoreMode_655a98e8] = None,
     deploy_time: typing.Optional[builtins.bool] = None,
+    display_name: typing.Optional[builtins.str] = None,
     readers: typing.Optional[typing.Sequence[_IGrantable_71c4f5de]] = None,
     source_kms_key: typing.Optional[_IKey_5f11635f] = None,
     path: builtins.str,

aws_cdk/aws_s3_deployment/__init__.py

@@ -1952,6 +1952,7 @@ class Source(metaclass=jsii.JSIIMeta, jsii_type="aws-cdk-lib.aws_s3_deployment.S
         path: builtins.str,
         *,
         deploy_time: typing.Optional[builtins.bool] = None,
+        display_name: typing.Optional[builtins.str] = None,
         readers: typing.Optional[typing.Sequence[_IGrantable_71c4f5de]] = None,
         source_kms_key: typing.Optional[_IKey_5f11635f] = None,
         asset_hash: typing.Optional[builtins.str] = None,
@@ -1968,6 +1969,7 @@ class Source(metaclass=jsii.JSIIMeta, jsii_type="aws-cdk-lib.aws_s3_deployment.S
 
         :param path: The path to a local .zip file or a directory.
         :param deploy_time: Whether or not the asset needs to exist beyond deployment time; i.e. are copied over to a different location and not needed afterwards. Setting this property to true has an impact on the lifecycle of the asset, because we will assume that it is safe to delete after the CloudFormation deployment succeeds. For example, Lambda Function assets are copied over to Lambda during deployment. Therefore, it is not necessary to store the asset in S3, so we consider those deployTime assets. Default: false
+        :param display_name: A display name for this asset. If supplied, the display name will be used in locations where the asset identifier is printed, like in the CLI progress information. If the same asset is added multiple times, the display name of the first occurrence is used. The default is the construct path of the Asset construct, with respect to the enclosing stack. If the asset is produced by a construct helper function (such as ``lambda.Code.fromAsset()``), this will look like ``MyFunction/Code``. We use the stack-relative construct path so that in the common case where you have multiple stacks with the same asset, we won't show something like ``/MyBetaStack/MyFunction/Code`` when you are actually deploying to production. Default: - Stack-relative construct path
         :param readers: A list of principals that should be able to read this asset from S3. You can use ``asset.grantRead(principal)`` to grant read permissions later. Default: - No principals that can read file asset.
         :param source_kms_key: The ARN of the KMS key used to encrypt the handler code. Default: - the default server-side encryption with Amazon S3 managed keys(SSE-S3) key will be used.
         :param asset_hash: Specify a custom hash for this asset. If ``assetHashType`` is set it must be set to ``AssetHashType.CUSTOM``. For consistency, this custom hash will be SHA256 hashed and encoded as hex. The resulting hash will be the asset hash. NOTE: the hash is used in order to identify a specific revision of the asset, and used for optimizing and caching deployment activities related to this asset such as packaging, uploading to Amazon S3, etc. If you chose to customize the hash, you will need to make sure it is updated every time the asset changes, or otherwise it is possible that some deployments will not be invalidated. Default: - based on ``assetHashType``
@@ -1982,6 +1984,7 @@ class Source(metaclass=jsii.JSIIMeta, jsii_type="aws-cdk-lib.aws_s3_deployment.S
             check_type(argname="argument path", value=path, expected_type=type_hints["path"])
         options = _AssetOptions_2aa69621(
             deploy_time=deploy_time,
+            display_name=display_name,
             readers=readers,
             source_kms_key=source_kms_key,
             asset_hash=asset_hash,
@@ -2443,6 +2446,7 @@ def _typecheckingstub__fc877c69568cee7364ec77003356fc6818118602dda64adf3dbf38ff7
     path: builtins.str,
     *,
     deploy_time: typing.Optional[builtins.bool] = None,
+    display_name: typing.Optional[builtins.str] = None,
     readers: typing.Optional[typing.Sequence[_IGrantable_71c4f5de]] = None,
     source_kms_key: typing.Optional[_IKey_5f11635f] = None,
     asset_hash: typing.Optional[builtins.str] = None,