aws-cdk-lib 2.187.0__py3-none-any.whl → 2.188.0__py3-none-any.whl

aws_cdk/aws_apigatewayv2/__init__.py

@@ -842,6 +842,7 @@ class CfnApi(
             disable_execute_api_endpoint=False,
             disable_schema_validation=False,
             fail_on_warnings=False,
+            ip_address_type="ipAddressType",
             name="name",
             protocol_type="protocolType",
             route_key="routeKey",
@@ -869,6 +870,7 @@ class CfnApi(
         disable_execute_api_endpoint: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
         disable_schema_validation: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
         fail_on_warnings: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
+        ip_address_type: typing.Optional[builtins.str] = None,
         name: typing.Optional[builtins.str] = None,
         protocol_type: typing.Optional[builtins.str] = None,
         route_key: typing.Optional[builtins.str] = None,
@@ -890,6 +892,7 @@ class CfnApi(
         :param disable_execute_api_endpoint: Specifies whether clients can invoke your API by using the default ``execute-api`` endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.
         :param disable_schema_validation: Avoid validating models when creating a deployment. Supported only for WebSocket APIs.
         :param fail_on_warnings: Specifies whether to rollback the API creation when a warning is encountered. By default, API creation continues if a warning is encountered.
+        :param ip_address_type: The IP address types that can invoke the API. Use ``ipv4`` to allow only IPv4 addresses to invoke your API, or use ``dualstack`` to allow both IPv4 and IPv6 addresses to invoke your API. Don’t use IP address type for an HTTP API based on an OpenAPI specification. Instead, specify the IP address type in the OpenAPI specification.
         :param name: The name of the API. Required unless you specify an OpenAPI definition for ``Body`` or ``S3BodyLocation`` .
         :param protocol_type: The API protocol. Valid values are ``WEBSOCKET`` or ``HTTP`` . Required unless you specify an OpenAPI definition for ``Body`` or ``S3BodyLocation`` .
         :param route_key: This property is part of quick create. If you don't specify a ``routeKey`` , a default route of ``$default`` is created. The ``$default`` route acts as a catch-all for any request made to your API, for a particular stage. The ``$default`` route key can't be modified. You can add routes after creating the API, and you can update the route keys of additional routes. Supported only for HTTP APIs.
@@ -913,6 +916,7 @@ class CfnApi(
             disable_execute_api_endpoint=disable_execute_api_endpoint,
             disable_schema_validation=disable_schema_validation,
             fail_on_warnings=fail_on_warnings,
+            ip_address_type=ip_address_type,
             name=name,
             protocol_type=protocol_type,
             route_key=route_key,
@@ -1143,6 +1147,19 @@ class CfnApi(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "failOnWarnings", value) # pyright: ignore[reportArgumentType]
 
+    @builtins.property
+    @jsii.member(jsii_name="ipAddressType")
+    def ip_address_type(self) -> typing.Optional[builtins.str]:
+        '''The IP address types that can invoke the API.'''
+        return typing.cast(typing.Optional[builtins.str], jsii.get(self, "ipAddressType"))
+
+    @ip_address_type.setter
+    def ip_address_type(self, value: typing.Optional[builtins.str]) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__2a1eb652a1c167ca6cb7d9b75ef226df1b04d95736668747822e7afa0766e2fd)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "ipAddressType", value) # pyright: ignore[reportArgumentType]
+
     @builtins.property
     @jsii.member(jsii_name="name")
     def name(self) -> typing.Optional[builtins.str]:
@@ -2732,6 +2749,7 @@ class CfnApiMappingProps:
         "disable_execute_api_endpoint": "disableExecuteApiEndpoint",
         "disable_schema_validation": "disableSchemaValidation",
         "fail_on_warnings": "failOnWarnings",
+        "ip_address_type": "ipAddressType",
         "name": "name",
         "protocol_type": "protocolType",
         "route_key": "routeKey",
@@ -2755,6 +2773,7 @@ class CfnApiProps:
         disable_execute_api_endpoint: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
         disable_schema_validation: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
         fail_on_warnings: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
+        ip_address_type: typing.Optional[builtins.str] = None,
         name: typing.Optional[builtins.str] = None,
         protocol_type: typing.Optional[builtins.str] = None,
         route_key: typing.Optional[builtins.str] = None,
@@ -2775,6 +2794,7 @@ class CfnApiProps:
         :param disable_execute_api_endpoint: Specifies whether clients can invoke your API by using the default ``execute-api`` endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.
         :param disable_schema_validation: Avoid validating models when creating a deployment. Supported only for WebSocket APIs.
         :param fail_on_warnings: Specifies whether to rollback the API creation when a warning is encountered. By default, API creation continues if a warning is encountered.
+        :param ip_address_type: The IP address types that can invoke the API. Use ``ipv4`` to allow only IPv4 addresses to invoke your API, or use ``dualstack`` to allow both IPv4 and IPv6 addresses to invoke your API. Don’t use IP address type for an HTTP API based on an OpenAPI specification. Instead, specify the IP address type in the OpenAPI specification.
         :param name: The name of the API. Required unless you specify an OpenAPI definition for ``Body`` or ``S3BodyLocation`` .
         :param protocol_type: The API protocol. Valid values are ``WEBSOCKET`` or ``HTTP`` . Required unless you specify an OpenAPI definition for ``Body`` or ``S3BodyLocation`` .
         :param route_key: This property is part of quick create. If you don't specify a ``routeKey`` , a default route of ``$default`` is created. The ``$default`` route acts as a catch-all for any request made to your API, for a particular stage. The ``$default`` route key can't be modified. You can add routes after creating the API, and you can update the route keys of additional routes. Supported only for HTTP APIs.
@@ -2817,6 +2837,7 @@ class CfnApiProps:
                 disable_execute_api_endpoint=False,
                 disable_schema_validation=False,
                 fail_on_warnings=False,
+                ip_address_type="ipAddressType",
                 name="name",
                 protocol_type="protocolType",
                 route_key="routeKey",
@@ -2840,6 +2861,7 @@ class CfnApiProps:
             check_type(argname="argument disable_execute_api_endpoint", value=disable_execute_api_endpoint, expected_type=type_hints["disable_execute_api_endpoint"])
             check_type(argname="argument disable_schema_validation", value=disable_schema_validation, expected_type=type_hints["disable_schema_validation"])
             check_type(argname="argument fail_on_warnings", value=fail_on_warnings, expected_type=type_hints["fail_on_warnings"])
+            check_type(argname="argument ip_address_type", value=ip_address_type, expected_type=type_hints["ip_address_type"])
             check_type(argname="argument name", value=name, expected_type=type_hints["name"])
             check_type(argname="argument protocol_type", value=protocol_type, expected_type=type_hints["protocol_type"])
             check_type(argname="argument route_key", value=route_key, expected_type=type_hints["route_key"])
@@ -2868,6 +2890,8 @@ class CfnApiProps:
             self._values["disable_schema_validation"] = disable_schema_validation
         if fail_on_warnings is not None:
             self._values["fail_on_warnings"] = fail_on_warnings
+        if ip_address_type is not None:
+            self._values["ip_address_type"] = ip_address_type
         if name is not None:
             self._values["name"] = name
         if protocol_type is not None:
@@ -3001,6 +3025,19 @@ class CfnApiProps:
         result = self._values.get("fail_on_warnings")
         return typing.cast(typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]], result)
 
+    @builtins.property
+    def ip_address_type(self) -> typing.Optional[builtins.str]:
+        '''The IP address types that can invoke the API.
+
+        Use ``ipv4`` to allow only IPv4 addresses to invoke your API, or use ``dualstack`` to allow both IPv4 and IPv6 addresses to invoke your API.
+
+        Don’t use IP address type for an HTTP API based on an OpenAPI specification. Instead, specify the IP address type in the OpenAPI specification.
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-api.html#cfn-apigatewayv2-api-ipaddresstype
+        '''
+        result = self._values.get("ip_address_type")
+        return typing.cast(typing.Optional[builtins.str], result)
+
     @builtins.property
     def name(self) -> typing.Optional[builtins.str]:
         '''The name of the API.
@@ -3970,6 +4007,7 @@ class CfnDomainName(
                 certificate_arn="certificateArn",
                 certificate_name="certificateName",
                 endpoint_type="endpointType",
+                ip_address_type="ipAddressType",
                 ownership_verification_certificate_arn="ownershipVerificationCertificateArn",
                 security_policy="securityPolicy"
             )],
@@ -4156,6 +4194,7 @@ class CfnDomainName(
             "certificate_arn": "certificateArn",
             "certificate_name": "certificateName",
             "endpoint_type": "endpointType",
+            "ip_address_type": "ipAddressType",
             "ownership_verification_certificate_arn": "ownershipVerificationCertificateArn",
             "security_policy": "securityPolicy",
         },
@@ -4167,6 +4206,7 @@ class CfnDomainName(
             certificate_arn: typing.Optional[builtins.str] = None,
             certificate_name: typing.Optional[builtins.str] = None,
             endpoint_type: typing.Optional[builtins.str] = None,
+            ip_address_type: typing.Optional[builtins.str] = None,
             ownership_verification_certificate_arn: typing.Optional[builtins.str] = None,
             security_policy: typing.Optional[builtins.str] = None,
         ) -> None:
@@ -4177,6 +4217,7 @@ class CfnDomainName(
             :param certificate_arn: An AWS -managed certificate that will be used by the edge-optimized endpoint for this domain name. AWS Certificate Manager is the only supported source.
             :param certificate_name: The user-friendly name of the certificate that will be used by the edge-optimized endpoint for this domain name.
             :param endpoint_type: The endpoint type.
+            :param ip_address_type: The IP address types that can invoke the domain name. Use ``ipv4`` to allow only IPv4 addresses to invoke your domain name, or use ``dualstack`` to allow both IPv4 and IPv6 addresses to invoke your domain name.
             :param ownership_verification_certificate_arn: The Amazon resource name (ARN) for the public certificate issued by AWS Certificate Manager . This ARN is used to validate custom domain ownership. It's required only if you configure mutual TLS and use either an ACM-imported or a private CA certificate ARN as the regionalCertificateArn.
             :param security_policy: The Transport Layer Security (TLS) version of the security policy for this domain name. The valid values are ``TLS_1_0`` and ``TLS_1_2`` .
 
@@ -4193,6 +4234,7 @@ class CfnDomainName(
                     certificate_arn="certificateArn",
                     certificate_name="certificateName",
                     endpoint_type="endpointType",
+                    ip_address_type="ipAddressType",
                     ownership_verification_certificate_arn="ownershipVerificationCertificateArn",
                     security_policy="securityPolicy"
                 )
@@ -4202,6 +4244,7 @@ class CfnDomainName(
                 check_type(argname="argument certificate_arn", value=certificate_arn, expected_type=type_hints["certificate_arn"])
                 check_type(argname="argument certificate_name", value=certificate_name, expected_type=type_hints["certificate_name"])
                 check_type(argname="argument endpoint_type", value=endpoint_type, expected_type=type_hints["endpoint_type"])
+                check_type(argname="argument ip_address_type", value=ip_address_type, expected_type=type_hints["ip_address_type"])
                 check_type(argname="argument ownership_verification_certificate_arn", value=ownership_verification_certificate_arn, expected_type=type_hints["ownership_verification_certificate_arn"])
                 check_type(argname="argument security_policy", value=security_policy, expected_type=type_hints["security_policy"])
             self._values: typing.Dict[builtins.str, typing.Any] = {}
@@ -4211,6 +4254,8 @@ class CfnDomainName(
                 self._values["certificate_name"] = certificate_name
             if endpoint_type is not None:
                 self._values["endpoint_type"] = endpoint_type
+            if ip_address_type is not None:
+                self._values["ip_address_type"] = ip_address_type
             if ownership_verification_certificate_arn is not None:
                 self._values["ownership_verification_certificate_arn"] = ownership_verification_certificate_arn
             if security_policy is not None:
@@ -4245,6 +4290,17 @@ class CfnDomainName(
             result = self._values.get("endpoint_type")
             return typing.cast(typing.Optional[builtins.str], result)
 
+        @builtins.property
+        def ip_address_type(self) -> typing.Optional[builtins.str]:
+            '''The IP address types that can invoke the domain name.
+
+            Use ``ipv4`` to allow only IPv4 addresses to invoke your domain name, or use ``dualstack`` to allow both IPv4 and IPv6 addresses to invoke your domain name.
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-domainname-domainnameconfiguration.html#cfn-apigatewayv2-domainname-domainnameconfiguration-ipaddresstype
+            '''
+            result = self._values.get("ip_address_type")
+            return typing.cast(typing.Optional[builtins.str], result)
+
         @builtins.property
         def ownership_verification_certificate_arn(
             self,
@@ -4403,6 +4459,7 @@ class CfnDomainNameProps:
                     certificate_arn="certificateArn",
                     certificate_name="certificateName",
                     endpoint_type="endpointType",
+                    ip_address_type="ipAddressType",
                     ownership_verification_certificate_arn="ownershipVerificationCertificateArn",
                     security_policy="securityPolicy"
                 )],
@@ -10970,6 +11027,17 @@ class IHttpApi(IApi, typing_extensions.Protocol):
         '''
         ...
 
+    @builtins.property
+    @jsii.member(jsii_name="defaultStage")
+    def default_stage(self) -> typing.Optional["IHttpStage"]:
+        '''The default stage of this API.
+
+        :default: - a stage will be created
+
+        :attribute: true
+        '''
+        ...
+
     @jsii.member(jsii_name="addVpcLink")
     def add_vpc_link(
         self,
@@ -11241,6 +11309,17 @@ class _IHttpApiProxy(
         '''
         return typing.cast(typing.Optional["IHttpRouteAuthorizer"], jsii.get(self, "defaultAuthorizer"))
 
+    @builtins.property
+    @jsii.member(jsii_name="defaultStage")
+    def default_stage(self) -> typing.Optional["IHttpStage"]:
+        '''The default stage of this API.
+
+        :default: - a stage will be created
+
+        :attribute: true
+        '''
+        return typing.cast(typing.Optional["IHttpStage"], jsii.get(self, "defaultStage"))
+
     @jsii.member(jsii_name="addVpcLink")
     def add_vpc_link(
         self,
@@ -18812,6 +18891,7 @@ def _typecheckingstub__1db7633eb849c7234f54cf8f50ef6e4c6273ca1ab60db537f47e511e2
     disable_execute_api_endpoint: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
     disable_schema_validation: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
     fail_on_warnings: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
+    ip_address_type: typing.Optional[builtins.str] = None,
     name: typing.Optional[builtins.str] = None,
     protocol_type: typing.Optional[builtins.str] = None,
     route_key: typing.Optional[builtins.str] = None,
@@ -18895,6 +18975,12 @@ def _typecheckingstub__2ce8eb7264be44ff3a6ae79c6be6a193c31eb617518209aeb51c346aa
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__2a1eb652a1c167ca6cb7d9b75ef226df1b04d95736668747822e7afa0766e2fd(
+    value: typing.Optional[builtins.str],
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__6de2f3d46e4a0275374cdfba39222daec1a50d7516f00756e898551462523fb6(
     value: typing.Optional[builtins.str],
 ) -> None:
@@ -19139,6 +19225,7 @@ def _typecheckingstub__de72efdeda792916a7e0a8d8953153208abe93b442ac8056802f749d4
     disable_execute_api_endpoint: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
     disable_schema_validation: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
     fail_on_warnings: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
+    ip_address_type: typing.Optional[builtins.str] = None,
     name: typing.Optional[builtins.str] = None,
     protocol_type: typing.Optional[builtins.str] = None,
     route_key: typing.Optional[builtins.str] = None,
@@ -19375,6 +19462,7 @@ def _typecheckingstub__faaf4905cea99e081f1f881fa68755b4ec1bc0ed8f4e145c30baf36d9
     certificate_arn: typing.Optional[builtins.str] = None,
     certificate_name: typing.Optional[builtins.str] = None,
     endpoint_type: typing.Optional[builtins.str] = None,
+    ip_address_type: typing.Optional[builtins.str] = None,
     ownership_verification_certificate_arn: typing.Optional[builtins.str] = None,
     security_policy: typing.Optional[builtins.str] = None,
 ) -> None:

aws_cdk/aws_appconfig/__init__.py

@@ -1415,7 +1415,7 @@ class CfnConfigurationProfile(
         :param application_id: The application ID.
         :param location_uri: A URI to locate the configuration. You can specify the following:. - For the AWS AppConfig hosted configuration store and for feature flags, specify ``hosted`` . - For an AWS Systems Manager Parameter Store parameter, specify either the parameter name in the format ``ssm-parameter://<parameter name>`` or the ARN. - For an AWS CodePipeline pipeline, specify the URI in the following format: ``codepipeline`` ://. - For an AWS Secrets Manager secret, specify the URI in the following format: ``secretsmanager`` ://. - For an Amazon S3 object, specify the URI in the following format: ``s3://<bucket>/<objectKey>`` . Here is an example: ``s3://amzn-s3-demo-bucket/my-app/us-east-1/my-config.json`` - For an SSM document, specify either the document name in the format ``ssm-document://<document name>`` or the Amazon Resource Name (ARN).
         :param name: A name for the configuration profile.
-        :param deletion_protection_check: On resource deletion this controls whether the Deletion Protection check should be applied, bypassed, or (the default) whether the behavior should be controlled by the account-level Deletion Protection setting. See https://docs.aws.amazon.com/appconfig/latest/userguide/deletion-protection.html
+        :param deletion_protection_check: A parameter to configure deletion protection. Deletion protection prevents a user from deleting a configuration profile if your application has called either `GetLatestConfiguration <https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_appconfigdata_GetLatestConfiguration.html>`_ or `GetConfiguration <https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetConfiguration.html>`_ for the configuration profile during the specified interval. This parameter supports the following values: - ``BYPASS`` : Instructs AWS AppConfig to bypass the deletion protection check and delete a configuration profile even if deletion protection would have otherwise prevented it. - ``APPLY`` : Instructs the deletion protection check to run, even if deletion protection is disabled at the account level. ``APPLY`` also forces the deletion protection check to run against resources created in the past hour, which are normally excluded from deletion protection checks. - ``ACCOUNT_DEFAULT`` : The default setting, which instructs AWS AppConfig to implement the deletion protection value specified in the ``UpdateAccountSettings`` API.
         :param description: A description of the configuration profile.
         :param kms_key_identifier: The AWS Key Management Service key identifier (key ID, key alias, or key ARN) provided when the resource was created or updated.
         :param retrieval_role_arn: The ARN of an IAM role with permission to access the configuration at the specified ``LocationUri`` . .. epigraph:: A retrieval role ARN is not required for configurations stored in AWS CodePipeline or the AWS AppConfig hosted configuration store. It is required for all other sources that store your configuration.
@@ -1548,7 +1548,7 @@ class CfnConfigurationProfile(
     @builtins.property
     @jsii.member(jsii_name="deletionProtectionCheck")
     def deletion_protection_check(self) -> typing.Optional[builtins.str]:
-        '''On resource deletion this controls whether the Deletion Protection check should be applied, bypassed, or (the default) whether the behavior should be controlled by the account-level Deletion Protection setting.'''
+        '''A parameter to configure deletion protection.'''
         return typing.cast(typing.Optional[builtins.str], jsii.get(self, "deletionProtectionCheck"))
 
     @deletion_protection_check.setter
@@ -1750,7 +1750,7 @@ class CfnConfigurationProfileProps:
         :param application_id: The application ID.
         :param location_uri: A URI to locate the configuration. You can specify the following:. - For the AWS AppConfig hosted configuration store and for feature flags, specify ``hosted`` . - For an AWS Systems Manager Parameter Store parameter, specify either the parameter name in the format ``ssm-parameter://<parameter name>`` or the ARN. - For an AWS CodePipeline pipeline, specify the URI in the following format: ``codepipeline`` ://. - For an AWS Secrets Manager secret, specify the URI in the following format: ``secretsmanager`` ://. - For an Amazon S3 object, specify the URI in the following format: ``s3://<bucket>/<objectKey>`` . Here is an example: ``s3://amzn-s3-demo-bucket/my-app/us-east-1/my-config.json`` - For an SSM document, specify either the document name in the format ``ssm-document://<document name>`` or the Amazon Resource Name (ARN).
         :param name: A name for the configuration profile.
-        :param deletion_protection_check: On resource deletion this controls whether the Deletion Protection check should be applied, bypassed, or (the default) whether the behavior should be controlled by the account-level Deletion Protection setting. See https://docs.aws.amazon.com/appconfig/latest/userguide/deletion-protection.html
+        :param deletion_protection_check: A parameter to configure deletion protection. Deletion protection prevents a user from deleting a configuration profile if your application has called either `GetLatestConfiguration <https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_appconfigdata_GetLatestConfiguration.html>`_ or `GetConfiguration <https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetConfiguration.html>`_ for the configuration profile during the specified interval. This parameter supports the following values: - ``BYPASS`` : Instructs AWS AppConfig to bypass the deletion protection check and delete a configuration profile even if deletion protection would have otherwise prevented it. - ``APPLY`` : Instructs the deletion protection check to run, even if deletion protection is disabled at the account level. ``APPLY`` also forces the deletion protection check to run against resources created in the past hour, which are normally excluded from deletion protection checks. - ``ACCOUNT_DEFAULT`` : The default setting, which instructs AWS AppConfig to implement the deletion protection value specified in the ``UpdateAccountSettings`` API.
         :param description: A description of the configuration profile.
         :param kms_key_identifier: The AWS Key Management Service key identifier (key ID, key alias, or key ARN) provided when the resource was created or updated.
         :param retrieval_role_arn: The ARN of an IAM role with permission to access the configuration at the specified ``LocationUri`` . .. epigraph:: A retrieval role ARN is not required for configurations stored in AWS CodePipeline or the AWS AppConfig hosted configuration store. It is required for all other sources that store your configuration.
@@ -1859,9 +1859,15 @@ class CfnConfigurationProfileProps:
 
     @builtins.property
     def deletion_protection_check(self) -> typing.Optional[builtins.str]:
-        '''On resource deletion this controls whether the Deletion Protection check should be applied, bypassed, or (the default) whether the behavior should be controlled by the account-level Deletion Protection setting.
+        '''A parameter to configure deletion protection.
 
-        See https://docs.aws.amazon.com/appconfig/latest/userguide/deletion-protection.html
+        Deletion protection prevents a user from deleting a configuration profile if your application has called either `GetLatestConfiguration <https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_appconfigdata_GetLatestConfiguration.html>`_ or `GetConfiguration <https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetConfiguration.html>`_ for the configuration profile during the specified interval.
+
+        This parameter supports the following values:
+
+        - ``BYPASS`` : Instructs AWS AppConfig to bypass the deletion protection check and delete a configuration profile even if deletion protection would have otherwise prevented it.
+        - ``APPLY`` : Instructs the deletion protection check to run, even if deletion protection is disabled at the account level. ``APPLY`` also forces the deletion protection check to run against resources created in the past hour, which are normally excluded from deletion protection checks.
+        - ``ACCOUNT_DEFAULT`` : The default setting, which instructs AWS AppConfig to implement the deletion protection value specified in the ``UpdateAccountSettings`` API.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-appconfig-configurationprofile.html#cfn-appconfig-configurationprofile-deletionprotectioncheck
         '''
@@ -3017,7 +3023,7 @@ class CfnEnvironment(
         :param id: Construct identifier for this resource (unique in its scope).
         :param application_id: The application ID.
         :param name: A name for the environment.
-        :param deletion_protection_check: On resource deletion this controls whether the Deletion Protection check should be applied, bypassed, or (the default) whether the behavior should be controlled by the account-level Deletion Protection setting. See https://docs.aws.amazon.com/appconfig/latest/userguide/deletion-protection.html
+        :param deletion_protection_check: A parameter to configure deletion protection. Deletion protection prevents a user from deleting an environment if your application called either `GetLatestConfiguration <https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_appconfigdata_GetLatestConfiguration.html>`_ or `GetConfiguration <https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetConfiguration.html>`_ in the environment during the specified interval. This parameter supports the following values: - ``BYPASS`` : Instructs AWS AppConfig to bypass the deletion protection check and delete a configuration profile even if deletion protection would have otherwise prevented it. - ``APPLY`` : Instructs the deletion protection check to run, even if deletion protection is disabled at the account level. ``APPLY`` also forces the deletion protection check to run against resources created in the past hour, which are normally excluded from deletion protection checks. - ``ACCOUNT_DEFAULT`` : The default setting, which instructs AWS AppConfig to implement the deletion protection value specified in the ``UpdateAccountSettings`` API.
         :param description: A description of the environment.
         :param monitors: Amazon CloudWatch alarms to monitor during the deployment process.
         :param tags: Metadata to assign to the environment. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define.
@@ -3116,7 +3122,7 @@ class CfnEnvironment(
     @builtins.property
     @jsii.member(jsii_name="deletionProtectionCheck")
     def deletion_protection_check(self) -> typing.Optional[builtins.str]:
-        '''On resource deletion this controls whether the Deletion Protection check should be applied, bypassed, or (the default) whether the behavior should be controlled by the account-level Deletion Protection setting.'''
+        '''A parameter to configure deletion protection.'''
         return typing.cast(typing.Optional[builtins.str], jsii.get(self, "deletionProtectionCheck"))
 
     @deletion_protection_check.setter
@@ -3338,7 +3344,7 @@ class CfnEnvironmentProps:
 
         :param application_id: The application ID.
         :param name: A name for the environment.
-        :param deletion_protection_check: On resource deletion this controls whether the Deletion Protection check should be applied, bypassed, or (the default) whether the behavior should be controlled by the account-level Deletion Protection setting. See https://docs.aws.amazon.com/appconfig/latest/userguide/deletion-protection.html
+        :param deletion_protection_check: A parameter to configure deletion protection. Deletion protection prevents a user from deleting an environment if your application called either `GetLatestConfiguration <https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_appconfigdata_GetLatestConfiguration.html>`_ or `GetConfiguration <https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetConfiguration.html>`_ in the environment during the specified interval. This parameter supports the following values: - ``BYPASS`` : Instructs AWS AppConfig to bypass the deletion protection check and delete a configuration profile even if deletion protection would have otherwise prevented it. - ``APPLY`` : Instructs the deletion protection check to run, even if deletion protection is disabled at the account level. ``APPLY`` also forces the deletion protection check to run against resources created in the past hour, which are normally excluded from deletion protection checks. - ``ACCOUNT_DEFAULT`` : The default setting, which instructs AWS AppConfig to implement the deletion protection value specified in the ``UpdateAccountSettings`` API.
         :param description: A description of the environment.
         :param monitors: Amazon CloudWatch alarms to monitor during the deployment process.
         :param tags: Metadata to assign to the environment. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define.
@@ -3412,9 +3418,15 @@ class CfnEnvironmentProps:
 
     @builtins.property
     def deletion_protection_check(self) -> typing.Optional[builtins.str]:
-        '''On resource deletion this controls whether the Deletion Protection check should be applied, bypassed, or (the default) whether the behavior should be controlled by the account-level Deletion Protection setting.
+        '''A parameter to configure deletion protection.
+
+        Deletion protection prevents a user from deleting an environment if your application called either `GetLatestConfiguration <https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_appconfigdata_GetLatestConfiguration.html>`_ or `GetConfiguration <https://docs.aws.amazon.com/appconfig/2019-10-09/APIReference/API_GetConfiguration.html>`_ in the environment during the specified interval.
+
+        This parameter supports the following values:
 
-        See https://docs.aws.amazon.com/appconfig/latest/userguide/deletion-protection.html
+        - ``BYPASS`` : Instructs AWS AppConfig to bypass the deletion protection check and delete a configuration profile even if deletion protection would have otherwise prevented it.
+        - ``APPLY`` : Instructs the deletion protection check to run, even if deletion protection is disabled at the account level. ``APPLY`` also forces the deletion protection check to run against resources created in the past hour, which are normally excluded from deletion protection checks.
+        - ``ACCOUNT_DEFAULT`` : The default setting, which instructs AWS AppConfig to implement the deletion protection value specified in the ``UpdateAccountSettings`` API.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-appconfig-environment.html#cfn-appconfig-environment-deletionprotectioncheck
         '''
@@ -3726,7 +3738,7 @@ class CfnExtension(
         ) -> None:
             '''The actions defined in the extension.
 
-            :param name: The action name.
+            :param name: The extension name.
             :param uri: The extension URI associated to the action point in the extension definition. The URI can be an Amazon Resource Name (ARN) for one of the following: an AWS Lambda function, an Amazon Simple Queue Service queue, an Amazon Simple Notification Service topic, or the Amazon EventBridge default event bus.
             :param description: Information about actions defined in the extension.
             :param role_arn: An Amazon Resource Name (ARN) for an AWS Identity and Access Management assume role.
@@ -3766,7 +3778,7 @@ class CfnExtension(
 
         @builtins.property
         def name(self) -> builtins.str:
-            '''The action name.
+            '''The extension name.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appconfig-extension-action.html#cfn-appconfig-extension-action-name
             '''
@@ -4488,7 +4500,7 @@ class CfnHostedConfigurationVersion(
         :param configuration_profile_id: The configuration profile ID.
         :param content: The configuration data, as bytes. .. epigraph:: AWS AppConfig accepts any type of data, including text formats like JSON or TOML, or binary formats like protocol buffers or compressed data.
         :param content_type: A standard MIME type describing the format of the configuration content. For more information, see `Content-Type <https://docs.aws.amazon.com/https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17>`_ .
-        :param description: A description of the configuration.
+        :param description: A description of the configuration. .. epigraph:: Due to HTTP limitations, this field only supports ASCII characters.
         :param latest_version_number: An optional locking token used to prevent race conditions from overwriting configuration updates when creating a new version. To ensure your data is not overwritten when creating multiple hosted configuration versions in rapid succession, specify the version number of the latest hosted configuration version.
         :param version_label: A user-defined label for an AWS AppConfig hosted configuration version.
         '''
@@ -4675,7 +4687,7 @@ class CfnHostedConfigurationVersionProps:
         :param configuration_profile_id: The configuration profile ID.
         :param content: The configuration data, as bytes. .. epigraph:: AWS AppConfig accepts any type of data, including text formats like JSON or TOML, or binary formats like protocol buffers or compressed data.
         :param content_type: A standard MIME type describing the format of the configuration content. For more information, see `Content-Type <https://docs.aws.amazon.com/https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17>`_ .
-        :param description: A description of the configuration.
+        :param description: A description of the configuration. .. epigraph:: Due to HTTP limitations, this field only supports ASCII characters.
         :param latest_version_number: An optional locking token used to prevent race conditions from overwriting configuration updates when creating a new version. To ensure your data is not overwritten when creating multiple hosted configuration versions in rapid succession, specify the version number of the latest hosted configuration version.
         :param version_label: A user-defined label for an AWS AppConfig hosted configuration version.
 
@@ -4772,6 +4784,10 @@ class CfnHostedConfigurationVersionProps:
     def description(self) -> typing.Optional[builtins.str]:
         '''A description of the configuration.
 
+        .. epigraph::
+
+           Due to HTTP limitations, this field only supports ASCII characters.
+
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-appconfig-hostedconfigurationversion.html#cfn-appconfig-hostedconfigurationversion-description
         '''
         result = self._values.get("description")

aws_cdk/aws_arczonalshift/__init__.py

@@ -294,7 +294,7 @@ class CfnZonalAutoshiftConfiguration(
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
         :param resource_identifier: The identifier for the resource that AWS shifts traffic for. The identifier is the Amazon Resource Name (ARN) for the resource. At this time, supported resources are Network Load Balancers and Application Load Balancers with cross-zone load balancing turned off.
-        :param practice_run_configuration: A practice run configuration for a resource includes the Amazon CloudWatch alarms that you've specified for a practice run, as well as any blocked dates or blocked windows for the practice run. When a resource has a practice run configuration, Route 53 ARC shifts traffic for the resource weekly for practice runs. Practice runs are required for zonal autoshift. The zonal shifts that Route 53 ARC starts for practice runs help you to ensure that shifting away traffic from an Availability Zone during an autoshift is safe for your application. You can update or delete a practice run configuration. Before you delete a practice run configuration, you must disable zonal autoshift for the resource. A practice run configuration is required when zonal autoshift is enabled.
+        :param practice_run_configuration: A practice run configuration for a resource includes the Amazon CloudWatch alarms that you've specified for a practice run, as well as any blocked dates or blocked windows for the practice run. When a resource has a practice run configuration, ARC shifts traffic for the resource weekly for practice runs. Practice runs are required for zonal autoshift. The zonal shifts that ARC starts for practice runs help you to ensure that shifting away traffic from an Availability Zone during an autoshift is safe for your application. You can update or delete a practice run configuration. Before you delete a practice run configuration, you must disable zonal autoshift for the resource. A practice run configuration is required when zonal autoshift is enabled.
         :param zonal_autoshift_status: When zonal autoshift is ``ENABLED`` , you authorize AWS to shift away resource traffic for an application from an Availability Zone during events, on your behalf, to help reduce time to recovery. Traffic is also shifted away for the required weekly practice runs.
         '''
         if __debug__:
@@ -622,7 +622,7 @@ class CfnZonalAutoshiftConfigurationProps:
         '''Properties for defining a ``CfnZonalAutoshiftConfiguration``.
 
         :param resource_identifier: The identifier for the resource that AWS shifts traffic for. The identifier is the Amazon Resource Name (ARN) for the resource. At this time, supported resources are Network Load Balancers and Application Load Balancers with cross-zone load balancing turned off.
-        :param practice_run_configuration: A practice run configuration for a resource includes the Amazon CloudWatch alarms that you've specified for a practice run, as well as any blocked dates or blocked windows for the practice run. When a resource has a practice run configuration, Route 53 ARC shifts traffic for the resource weekly for practice runs. Practice runs are required for zonal autoshift. The zonal shifts that Route 53 ARC starts for practice runs help you to ensure that shifting away traffic from an Availability Zone during an autoshift is safe for your application. You can update or delete a practice run configuration. Before you delete a practice run configuration, you must disable zonal autoshift for the resource. A practice run configuration is required when zonal autoshift is enabled.
+        :param practice_run_configuration: A practice run configuration for a resource includes the Amazon CloudWatch alarms that you've specified for a practice run, as well as any blocked dates or blocked windows for the practice run. When a resource has a practice run configuration, ARC shifts traffic for the resource weekly for practice runs. Practice runs are required for zonal autoshift. The zonal shifts that ARC starts for practice runs help you to ensure that shifting away traffic from an Availability Zone during an autoshift is safe for your application. You can update or delete a practice run configuration. Before you delete a practice run configuration, you must disable zonal autoshift for the resource. A practice run configuration is required when zonal autoshift is enabled.
         :param zonal_autoshift_status: When zonal autoshift is ``ENABLED`` , you authorize AWS to shift away resource traffic for an application from an Availability Zone during events, on your behalf, to help reduce time to recovery. Traffic is also shifted away for the required weekly practice runs.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-arczonalshift-zonalautoshiftconfiguration.html
@@ -688,9 +688,9 @@ class CfnZonalAutoshiftConfigurationProps:
     ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, CfnZonalAutoshiftConfiguration.PracticeRunConfigurationProperty]]:
         '''A practice run configuration for a resource includes the Amazon CloudWatch alarms that you've specified for a practice run, as well as any blocked dates or blocked windows for the practice run.
 
-        When a resource has a practice run configuration, Route 53 ARC shifts traffic for the resource weekly for practice runs.
+        When a resource has a practice run configuration, ARC shifts traffic for the resource weekly for practice runs.
 
-        Practice runs are required for zonal autoshift. The zonal shifts that Route 53 ARC starts for practice runs help you to ensure that shifting away traffic from an Availability Zone during an autoshift is safe for your application.
+        Practice runs are required for zonal autoshift. The zonal shifts that ARC starts for practice runs help you to ensure that shifting away traffic from an Availability Zone during an autoshift is safe for your application.
 
         You can update or delete a practice run configuration. Before you delete a practice run configuration, you must disable zonal autoshift for the resource. A practice run configuration is required when zonal autoshift is enabled.