aws-cdk-lib 2.187.0__py3-none-any.whl → 2.189.0__py3-none-any.whl

aws_cdk/aws_route53recoverycontrol/__init__.py

@@ -114,7 +114,7 @@ class CfnCluster(
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
         :param name: Name of the cluster. You can use any non-white space character in the name except the following: & > < ' (single quote) " (double quote) ; (semicolon).
-        :param network_type: Cluster supports IPv4 endpoints and Dual-stack IPv4 and IPv6 endpoints. NetworkType can be IPV4 or DUALSTACK.
+        :param network_type: The network-type can either be IPV4 or DUALSTACK.
         :param tags: The tags associated with the cluster.
         '''
         if __debug__:
@@ -213,7 +213,7 @@ class CfnCluster(
     @builtins.property
     @jsii.member(jsii_name="networkType")
     def network_type(self) -> typing.Optional[builtins.str]:
-        '''Cluster supports IPv4 endpoints and Dual-stack IPv4 and IPv6 endpoints.'''
+        '''The network-type can either be IPV4 or DUALSTACK.'''
         return typing.cast(typing.Optional[builtins.str], jsii.get(self, "networkType"))
 
     @network_type.setter
@@ -327,7 +327,7 @@ class CfnClusterProps:
         '''Properties for defining a ``CfnCluster``.
 
         :param name: Name of the cluster. You can use any non-white space character in the name except the following: & > < ' (single quote) " (double quote) ; (semicolon).
-        :param network_type: Cluster supports IPv4 endpoints and Dual-stack IPv4 and IPv6 endpoints. NetworkType can be IPV4 or DUALSTACK.
+        :param network_type: The network-type can either be IPV4 or DUALSTACK.
         :param tags: The tags associated with the cluster.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53recoverycontrol-cluster.html
@@ -377,9 +377,7 @@ class CfnClusterProps:
 
     @builtins.property
     def network_type(self) -> typing.Optional[builtins.str]:
-        '''Cluster supports IPv4 endpoints and Dual-stack IPv4 and IPv6 endpoints.
-
-        NetworkType can be IPV4 or DUALSTACK.
+        '''The network-type can either be IPV4 or DUALSTACK.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53recoverycontrol-cluster.html#cfn-route53recoverycontrol-cluster-networktype
         '''

aws_cdk/aws_rum/__init__.py

@@ -175,8 +175,8 @@ class CfnAppMonitor(
         :param custom_events: Specifies whether this app monitor allows the web client to define and send custom events. If you omit this parameter, custom events are ``DISABLED`` .
         :param cw_log_enabled: Data collected by CloudWatch RUM is kept by RUM for 30 days and then deleted. This parameter specifies whether CloudWatch RUM sends a copy of this telemetry data to Amazon CloudWatch Logs in your account. This enables you to keep the telemetry data for more than 30 days, but it does incur Amazon CloudWatch Logs charges. If you omit this parameter, the default is ``false`` .
         :param deobfuscation_configuration: A structure that contains the configuration for how an app monitor can deobfuscate stack traces.
-        :param domain: The top-level internet domain name for which your application has administrative authority. This parameter is required.
-        :param domain_list: The top-level internet domain names for which your application has administrative authority. The CreateAppMonitor requires either the domain or the domain list.
+        :param domain: The top-level internet domain name for which your application has administrative authority. This parameter or the ``DomainList`` parameter is required.
+        :param domain_list: List the domain names for which your application has administrative authority. This parameter or the ``Domain`` parameter is required. You can have a minimum of 1 and a maximum of 5 ``Domain`` under ``DomainList`` . Each ``Domain`` must be a minimum length of 1 and a maximum of 253 characters.
         :param resource_policy: Use this structure to assign a resource-based policy to a CloudWatch RUM app monitor to control access to it. Each app monitor can have one resource-based policy. The maximum size of the policy is 4 KB. To learn more about using resource policies with RUM, see `Using resource-based policies with CloudWatch RUM <https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-resource-policies.html>`_ .
         :param tags: Assigns one or more tags (key-value pairs) to the app monitor. Tags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values. Tags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters. You can associate as many as 50 tags with an app monitor. For more information, see `Tagging AWS resources <https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html>`_ .
         '''
@@ -349,7 +349,10 @@ class CfnAppMonitor(
     @builtins.property
     @jsii.member(jsii_name="domainList")
     def domain_list(self) -> typing.Optional[typing.List[builtins.str]]:
-        '''The top-level internet domain names for which your application has administrative authority.'''
+        '''List the domain names for which your application has administrative authority.
+
+        This parameter or the ``Domain`` parameter is required.
+        '''
         return typing.cast(typing.Optional[typing.List[builtins.str]], jsii.get(self, "domainList"))
 
     @domain_list.setter
@@ -762,7 +765,7 @@ class CfnAppMonitor(
         ) -> None:
             '''A structure that contains the configuration for how an app monitor can unminify JavaScript error stack traces using source maps.
 
-            :param status: Specifies whether JavaScript error stack traces should be unminified for this app monitor. The default is for JavaScript error stack trace unminification to be DISABLED
+            :param status: Specifies whether JavaScript error stack traces should be unminified for this app monitor. The default is for JavaScript error stack trace unminification to be ``DISABLED`` .
             :param s3_uri: The S3Uri of the bucket or folder that stores the source map files. It is required if status is ENABLED.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rum-appmonitor-javascriptsourcemaps.html
@@ -795,7 +798,7 @@ class CfnAppMonitor(
         def status(self) -> builtins.str:
             '''Specifies whether JavaScript error stack traces should be unminified for this app monitor.
 
-            The default is for JavaScript error stack trace unminification to be DISABLED
+            The default is for JavaScript error stack trace unminification to be ``DISABLED`` .
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rum-appmonitor-javascriptsourcemaps.html#cfn-rum-appmonitor-javascriptsourcemaps-status
             '''
@@ -1252,8 +1255,8 @@ class CfnAppMonitorProps:
         :param custom_events: Specifies whether this app monitor allows the web client to define and send custom events. If you omit this parameter, custom events are ``DISABLED`` .
         :param cw_log_enabled: Data collected by CloudWatch RUM is kept by RUM for 30 days and then deleted. This parameter specifies whether CloudWatch RUM sends a copy of this telemetry data to Amazon CloudWatch Logs in your account. This enables you to keep the telemetry data for more than 30 days, but it does incur Amazon CloudWatch Logs charges. If you omit this parameter, the default is ``false`` .
         :param deobfuscation_configuration: A structure that contains the configuration for how an app monitor can deobfuscate stack traces.
-        :param domain: The top-level internet domain name for which your application has administrative authority. This parameter is required.
-        :param domain_list: The top-level internet domain names for which your application has administrative authority. The CreateAppMonitor requires either the domain or the domain list.
+        :param domain: The top-level internet domain name for which your application has administrative authority. This parameter or the ``DomainList`` parameter is required.
+        :param domain_list: List the domain names for which your application has administrative authority. This parameter or the ``Domain`` parameter is required. You can have a minimum of 1 and a maximum of 5 ``Domain`` under ``DomainList`` . Each ``Domain`` must be a minimum length of 1 and a maximum of 253 characters.
         :param resource_policy: Use this structure to assign a resource-based policy to a CloudWatch RUM app monitor to control access to it. Each app monitor can have one resource-based policy. The maximum size of the policy is 4 KB. To learn more about using resource policies with RUM, see `Using resource-based policies with CloudWatch RUM <https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-resource-policies.html>`_ .
         :param tags: Assigns one or more tags (key-value pairs) to the app monitor. Tags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values. Tags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters. You can associate as many as 50 tags with an app monitor. For more information, see `Tagging AWS resources <https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html>`_ .
 
@@ -1427,7 +1430,7 @@ class CfnAppMonitorProps:
     def domain(self) -> typing.Optional[builtins.str]:
         '''The top-level internet domain name for which your application has administrative authority.
 
-        This parameter is required.
+        This parameter or the ``DomainList`` parameter is required.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rum-appmonitor.html#cfn-rum-appmonitor-domain
         '''
@@ -1436,9 +1439,9 @@ class CfnAppMonitorProps:
 
     @builtins.property
     def domain_list(self) -> typing.Optional[typing.List[builtins.str]]:
-        '''The top-level internet domain names for which your application has administrative authority.
+        '''List the domain names for which your application has administrative authority. This parameter or the ``Domain`` parameter is required.
 
-        The CreateAppMonitor requires either the domain or the domain list.
+        You can have a minimum of 1 and a maximum of 5 ``Domain`` under ``DomainList`` . Each ``Domain`` must be a minimum length of 1 and a maximum of 253 characters.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rum-appmonitor.html#cfn-rum-appmonitor-domainlist
         '''

aws_cdk/aws_s3/__init__.py

@@ -2087,7 +2087,7 @@ class BucketProps:
         :param bucket_key_enabled: Whether Amazon S3 should use its own intermediary key to generate data keys. Only relevant when using KMS for encryption. - If not enabled, every object GET and PUT will cause an API call to KMS (with the attendant cost implications of that). - If enabled, S3 will use its own time-limited key instead. Only relevant, when Encryption is not set to ``BucketEncryption.UNENCRYPTED``. Default: - false
         :param bucket_name: Physical name of this bucket. Default: - Assigned by CloudFormation (recommended).
         :param cors: The CORS configuration of this bucket. Default: - No CORS configuration.
-        :param encryption: The kind of server-side encryption to apply to this bucket. If you choose KMS, you can specify a KMS key via ``encryptionKey``. If encryption key is not specified, a key will automatically be created. Default: - ``KMS`` if ``encryptionKey`` is specified, or ``UNENCRYPTED`` otherwise. But if ``UNENCRYPTED`` is specified, the bucket will be encrypted as ``S3_MANAGED`` automatically.
+        :param encryption: The kind of server-side encryption to apply to this bucket. If you choose KMS, you can specify a KMS key via ``encryptionKey``. If encryption key is not specified, a key will automatically be created. Default: - ``KMS`` if ``encryptionKey`` is specified, or ``S3_MANAGED`` otherwise.
         :param encryption_key: External KMS key to use for bucket encryption. The ``encryption`` property must be either not specified or set to ``KMS`` or ``DSSE``. An error will be emitted if ``encryption`` is set to ``UNENCRYPTED`` or ``S3_MANAGED``. Default: - If ``encryption`` is set to ``KMS`` and this property is undefined, a new KMS key will be created and associated with this bucket.
         :param enforce_ssl: Enforces SSL for requests. S3.5 of the AWS Foundational Security Best Practices Regarding S3. Default: false
         :param event_bridge_enabled: Whether this bucket should send notifications to Amazon EventBridge or not. Default: false
@@ -2325,10 +2325,7 @@ class BucketProps:
         If you choose KMS, you can specify a KMS key via ``encryptionKey``. If
         encryption key is not specified, a key will automatically be created.
 
-        :default:
-
-        - ``KMS`` if ``encryptionKey`` is specified, or ``UNENCRYPTED`` otherwise.
-        But if ``UNENCRYPTED`` is specified, the bucket will be encrypted as ``S3_MANAGED`` automatically.
+        :default: - ``KMS`` if ``encryptionKey`` is specified, or ``S3_MANAGED`` otherwise.
         '''
         result = self._values.get("encryption")
         return typing.cast(typing.Optional[BucketEncryption], result)
@@ -20670,7 +20667,7 @@ class Bucket(
         :param bucket_key_enabled: Whether Amazon S3 should use its own intermediary key to generate data keys. Only relevant when using KMS for encryption. - If not enabled, every object GET and PUT will cause an API call to KMS (with the attendant cost implications of that). - If enabled, S3 will use its own time-limited key instead. Only relevant, when Encryption is not set to ``BucketEncryption.UNENCRYPTED``. Default: - false
         :param bucket_name: Physical name of this bucket. Default: - Assigned by CloudFormation (recommended).
         :param cors: The CORS configuration of this bucket. Default: - No CORS configuration.
-        :param encryption: The kind of server-side encryption to apply to this bucket. If you choose KMS, you can specify a KMS key via ``encryptionKey``. If encryption key is not specified, a key will automatically be created. Default: - ``KMS`` if ``encryptionKey`` is specified, or ``UNENCRYPTED`` otherwise. But if ``UNENCRYPTED`` is specified, the bucket will be encrypted as ``S3_MANAGED`` automatically.
+        :param encryption: The kind of server-side encryption to apply to this bucket. If you choose KMS, you can specify a KMS key via ``encryptionKey``. If encryption key is not specified, a key will automatically be created. Default: - ``KMS`` if ``encryptionKey`` is specified, or ``S3_MANAGED`` otherwise.
         :param encryption_key: External KMS key to use for bucket encryption. The ``encryption`` property must be either not specified or set to ``KMS`` or ``DSSE``. An error will be emitted if ``encryption`` is set to ``UNENCRYPTED`` or ``S3_MANAGED``. Default: - If ``encryption`` is set to ``KMS`` and this property is undefined, a new KMS key will be created and associated with this bucket.
         :param enforce_ssl: Enforces SSL for requests. S3.5 of the AWS Foundational Security Best Practices Regarding S3. Default: false
         :param event_bridge_enabled: Whether this bucket should send notifications to Amazon EventBridge or not. Default: false

aws_cdk/aws_sagemaker/__init__.py

@@ -42051,6 +42051,7 @@ class CfnPartnerApp(
             ),
             client_token="clientToken",
             enable_iam_session_based_identity=False,
+            kms_key_id="kmsKeyId",
             maintenance_config=sagemaker.CfnPartnerApp.PartnerAppMaintenanceConfigProperty(
                 maintenance_window_start="maintenanceWindowStart"
             ),
@@ -42074,6 +42075,7 @@ class CfnPartnerApp(
         application_config: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Union["CfnPartnerApp.PartnerAppConfigProperty", typing.Dict[builtins.str, typing.Any]]]] = None,
         client_token: typing.Optional[builtins.str] = None,
         enable_iam_session_based_identity: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
+        kms_key_id: typing.Optional[builtins.str] = None,
         maintenance_config: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Union["CfnPartnerApp.PartnerAppMaintenanceConfigProperty", typing.Dict[builtins.str, typing.Any]]]] = None,
         tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
     ) -> None:
@@ -42088,6 +42090,7 @@ class CfnPartnerApp(
         :param application_config: A collection of configuration settings for the PartnerApp.
         :param client_token: (deprecated) The client token for the PartnerApp.
         :param enable_iam_session_based_identity: Enables IAM Session based Identity for PartnerApp.
+        :param kms_key_id: The AWS KMS customer managed key used to encrypt the data associated with the PartnerApp.
         :param maintenance_config: A collection of settings that specify the maintenance schedule for the PartnerApp.
         :param tags: A list of tags to apply to the PartnerApp.
         '''
@@ -42104,6 +42107,7 @@ class CfnPartnerApp(
             application_config=application_config,
             client_token=client_token,
             enable_iam_session_based_identity=enable_iam_session_based_identity,
+            kms_key_id=kms_key_id,
             maintenance_config=maintenance_config,
             tags=tags,
         )
@@ -42288,6 +42292,19 @@ class CfnPartnerApp(
             check_type(argname="argument value", value=value, expected_type=type_hints["value"])
         jsii.set(self, "enableIamSessionBasedIdentity", value) # pyright: ignore[reportArgumentType]
 
+    @builtins.property
+    @jsii.member(jsii_name="kmsKeyId")
+    def kms_key_id(self) -> typing.Optional[builtins.str]:
+        '''The AWS KMS customer managed key used to encrypt the data associated with the PartnerApp.'''
+        return typing.cast(typing.Optional[builtins.str], jsii.get(self, "kmsKeyId"))
+
+    @kms_key_id.setter
+    def kms_key_id(self, value: typing.Optional[builtins.str]) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__58c272923722b0c517d340605d53203fe379f478e3d080374edf1307990220fe)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "kmsKeyId", value) # pyright: ignore[reportArgumentType]
+
     @builtins.property
     @jsii.member(jsii_name="maintenanceConfig")
     def maintenance_config(
@@ -42462,6 +42479,7 @@ class CfnPartnerApp(
         "application_config": "applicationConfig",
         "client_token": "clientToken",
         "enable_iam_session_based_identity": "enableIamSessionBasedIdentity",
+        "kms_key_id": "kmsKeyId",
         "maintenance_config": "maintenanceConfig",
         "tags": "tags",
     },
@@ -42478,6 +42496,7 @@ class CfnPartnerAppProps:
         application_config: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Union[CfnPartnerApp.PartnerAppConfigProperty, typing.Dict[builtins.str, typing.Any]]]] = None,
         client_token: typing.Optional[builtins.str] = None,
         enable_iam_session_based_identity: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
+        kms_key_id: typing.Optional[builtins.str] = None,
         maintenance_config: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Union[CfnPartnerApp.PartnerAppMaintenanceConfigProperty, typing.Dict[builtins.str, typing.Any]]]] = None,
         tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
     ) -> None:
@@ -42491,6 +42510,7 @@ class CfnPartnerAppProps:
         :param application_config: A collection of configuration settings for the PartnerApp.
         :param client_token: (deprecated) The client token for the PartnerApp.
         :param enable_iam_session_based_identity: Enables IAM Session based Identity for PartnerApp.
+        :param kms_key_id: The AWS KMS customer managed key used to encrypt the data associated with the PartnerApp.
         :param maintenance_config: A collection of settings that specify the maintenance schedule for the PartnerApp.
         :param tags: A list of tags to apply to the PartnerApp.
 
@@ -42519,6 +42539,7 @@ class CfnPartnerAppProps:
                 ),
                 client_token="clientToken",
                 enable_iam_session_based_identity=False,
+                kms_key_id="kmsKeyId",
                 maintenance_config=sagemaker.CfnPartnerApp.PartnerAppMaintenanceConfigProperty(
                     maintenance_window_start="maintenanceWindowStart"
                 ),
@@ -42538,6 +42559,7 @@ class CfnPartnerAppProps:
             check_type(argname="argument application_config", value=application_config, expected_type=type_hints["application_config"])
             check_type(argname="argument client_token", value=client_token, expected_type=type_hints["client_token"])
             check_type(argname="argument enable_iam_session_based_identity", value=enable_iam_session_based_identity, expected_type=type_hints["enable_iam_session_based_identity"])
+            check_type(argname="argument kms_key_id", value=kms_key_id, expected_type=type_hints["kms_key_id"])
             check_type(argname="argument maintenance_config", value=maintenance_config, expected_type=type_hints["maintenance_config"])
             check_type(argname="argument tags", value=tags, expected_type=type_hints["tags"])
         self._values: typing.Dict[builtins.str, typing.Any] = {
@@ -42553,6 +42575,8 @@ class CfnPartnerAppProps:
             self._values["client_token"] = client_token
         if enable_iam_session_based_identity is not None:
             self._values["enable_iam_session_based_identity"] = enable_iam_session_based_identity
+        if kms_key_id is not None:
+            self._values["kms_key_id"] = kms_key_id
         if maintenance_config is not None:
             self._values["maintenance_config"] = maintenance_config
         if tags is not None:
@@ -42644,6 +42668,15 @@ class CfnPartnerAppProps:
         result = self._values.get("enable_iam_session_based_identity")
         return typing.cast(typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]], result)
 
+    @builtins.property
+    def kms_key_id(self) -> typing.Optional[builtins.str]:
+        '''The AWS KMS customer managed key used to encrypt the data associated with the PartnerApp.
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-partnerapp.html#cfn-sagemaker-partnerapp-kmskeyid
+        '''
+        result = self._values.get("kms_key_id")
+        return typing.cast(typing.Optional[builtins.str], result)
+
     @builtins.property
     def maintenance_config(
         self,
@@ -54541,6 +54574,7 @@ def _typecheckingstub__149fe137328534a718f6ce551ee72371d9e2f7ac901d129321d3ff327
     application_config: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Union[CfnPartnerApp.PartnerAppConfigProperty, typing.Dict[builtins.str, typing.Any]]]] = None,
     client_token: typing.Optional[builtins.str] = None,
     enable_iam_session_based_identity: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
+    kms_key_id: typing.Optional[builtins.str] = None,
     maintenance_config: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Union[CfnPartnerApp.PartnerAppMaintenanceConfigProperty, typing.Dict[builtins.str, typing.Any]]]] = None,
     tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
 ) -> None:
@@ -54607,6 +54641,12 @@ def _typecheckingstub__ebd74e6776143e94da10e5c2bab1e42ca40468d81bb1db74aa0c18459
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__58c272923722b0c517d340605d53203fe379f478e3d080374edf1307990220fe(
+    value: typing.Optional[builtins.str],
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__01904965c7f75553d54adf4ed7dd98da8f98703ddbdf03abdbbfb7056e2bceab(
     value: typing.Optional[typing.Union[_IResolvable_da3f097b, CfnPartnerApp.PartnerAppMaintenanceConfigProperty]],
 ) -> None:
@@ -54644,6 +54684,7 @@ def _typecheckingstub__23a26f35e63e4c1c82a8885f138a3f6006822c6ecbf7284a7c2ccafae
     application_config: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Union[CfnPartnerApp.PartnerAppConfigProperty, typing.Dict[builtins.str, typing.Any]]]] = None,
     client_token: typing.Optional[builtins.str] = None,
     enable_iam_session_based_identity: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
+    kms_key_id: typing.Optional[builtins.str] = None,
     maintenance_config: typing.Optional[typing.Union[_IResolvable_da3f097b, typing.Union[CfnPartnerApp.PartnerAppMaintenanceConfigProperty, typing.Dict[builtins.str, typing.Any]]]] = None,
     tags: typing.Optional[typing.Sequence[typing.Union[_CfnTag_f6864754, typing.Dict[builtins.str, typing.Any]]]] = None,
 ) -> None:

aws_cdk/aws_ssmincidents/__init__.py

@@ -564,7 +564,7 @@ class CfnResponsePlan(
         :param incident_template: Details used to create an incident when using this response plan.
         :param name: The name of the response plan.
         :param actions: The actions that the response plan starts at the beginning of an incident.
-        :param chat_channel: The AWS Chatbot chat channel used for collaboration during an incident.
+        :param chat_channel: The chat channel used for collaboration during an incident.
         :param display_name: The human readable name of the response plan.
         :param engagements: The Amazon Resource Name (ARN) for the contacts and escalation plans that the response plan engages during an incident.
         :param integrations: Information about third-party services integrated into the response plan.
@@ -691,7 +691,7 @@ class CfnResponsePlan(
     def chat_channel(
         self,
     ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnResponsePlan.ChatChannelProperty"]]:
-        '''The AWS Chatbot chat channel used for collaboration during an incident.'''
+        '''The  chat channel used for collaboration during an incident.'''
         return typing.cast(typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnResponsePlan.ChatChannelProperty"]], jsii.get(self, "chatChannel"))
 
     @chat_channel.setter
@@ -846,9 +846,9 @@ class CfnResponsePlan(
             *,
             chatbot_sns: typing.Optional[typing.Sequence[builtins.str]] = None,
         ) -> None:
-            '''The AWS Chatbot chat channel used for collaboration during an incident.
+            '''The  chat channel used for collaboration during an incident.
 
-            :param chatbot_sns: The Amazon SNS targets that AWS Chatbot uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel by using the Amazon SNS topics
+            :param chatbot_sns: The Amazon SNS targets that uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel by using the Amazon SNS topics
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssmincidents-responseplan-chatchannel.html
             :exampleMetadata: fixture=_generated
@@ -872,7 +872,7 @@ class CfnResponsePlan(
 
         @builtins.property
         def chatbot_sns(self) -> typing.Optional[typing.List[builtins.str]]:
-            '''The Amazon SNS targets that AWS Chatbot uses to notify the chat channel of updates to an incident.
+            '''The Amazon SNS targets that  uses to notify the chat channel of updates to an incident.
 
             You can also make updates to the incident through the chat channel by using the Amazon SNS topics
 
@@ -1065,7 +1065,7 @@ class CfnResponsePlan(
             :param title: The title of the incident is a brief and easily recognizable.
             :param dedupe_string: Used to create only one incident record for an incident.
             :param incident_tags: Tags to assign to the template. When the ``StartIncident`` API action is called, Incident Manager assigns the tags specified in the template to the incident.
-            :param notification_targets: The Amazon Simple Notification Service ( Amazon SNS ) targets that AWS Chatbot uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel using the Amazon SNS topics.
+            :param notification_targets: The Amazon Simple Notification Service ( Amazon SNS ) targets that uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel using the Amazon SNS topics.
             :param summary: The summary describes what has happened during the incident.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssmincidents-responseplan-incidenttemplate.html
@@ -1167,7 +1167,7 @@ class CfnResponsePlan(
         def notification_targets(
             self,
         ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnResponsePlan.NotificationTargetItemProperty"]]]]:
-            '''The Amazon Simple Notification Service ( Amazon SNS ) targets that AWS Chatbot uses to notify the chat channel of updates to an incident.
+            '''The Amazon Simple Notification Service ( Amazon SNS ) targets that  uses to notify the chat channel of updates to an incident.
 
             You can also make updates to the incident through the chat channel using the Amazon SNS topics.
 
@@ -1271,7 +1271,7 @@ class CfnResponsePlan(
             *,
             sns_topic_arn: typing.Optional[builtins.str] = None,
         ) -> None:
-            '''The Amazon SNS topic that's used by AWS Chatbot to notify the incidents chat channel.
+            '''The Amazon SNS topic that's used by  to notify the incidents chat channel.
 
             :param sns_topic_arn: The Amazon Resource Name (ARN) of the Amazon SNS topic.
 
@@ -1719,7 +1719,7 @@ class CfnResponsePlanProps:
         :param incident_template: Details used to create an incident when using this response plan.
         :param name: The name of the response plan.
         :param actions: The actions that the response plan starts at the beginning of an incident.
-        :param chat_channel: The AWS Chatbot chat channel used for collaboration during an incident.
+        :param chat_channel: The chat channel used for collaboration during an incident.
         :param display_name: The human readable name of the response plan.
         :param engagements: The Amazon Resource Name (ARN) for the contacts and escalation plans that the response plan engages during an incident.
         :param integrations: Information about third-party services integrated into the response plan.
@@ -1857,7 +1857,7 @@ class CfnResponsePlanProps:
     def chat_channel(
         self,
     ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, CfnResponsePlan.ChatChannelProperty]]:
-        '''The AWS Chatbot chat channel used for collaboration during an incident.
+        '''The  chat channel used for collaboration during an incident.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssmincidents-responseplan.html#cfn-ssmincidents-responseplan-chatchannel
         '''

aws_cdk/aws_systemsmanagersap/__init__.py

@@ -353,10 +353,11 @@ class CfnApplication(
             ec2_instance_id: typing.Optional[builtins.str] = None,
             sid: typing.Optional[builtins.str] = None,
         ) -> None:
-            '''
-            :param component_type: 
-            :param ec2_instance_id: 
-            :param sid: 
+            '''This is information about the component of your SAP application, such as Web Dispatcher.
+
+            :param component_type: This string is the type of the component. Accepted value is ``WD`` .
+            :param ec2_instance_id: This is the Amazon EC2 instance on which your SAP component is running. Accepted values are alphanumeric.
+            :param sid: This string is the SAP System ID of the component. Accepted values are alphanumeric.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-systemsmanagersap-application-componentinfo.html
             :exampleMetadata: fixture=_generated
@@ -388,7 +389,10 @@ class CfnApplication(
 
         @builtins.property
         def component_type(self) -> typing.Optional[builtins.str]:
-            '''
+            '''This string is the type of the component.
+
+            Accepted value is ``WD`` .
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-systemsmanagersap-application-componentinfo.html#cfn-systemsmanagersap-application-componentinfo-componenttype
             '''
             result = self._values.get("component_type")
@@ -396,7 +400,10 @@ class CfnApplication(
 
         @builtins.property
         def ec2_instance_id(self) -> typing.Optional[builtins.str]:
-            '''
+            '''This is the Amazon EC2 instance on which your SAP component is running.
+
+            Accepted values are alphanumeric.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-systemsmanagersap-application-componentinfo.html#cfn-systemsmanagersap-application-componentinfo-ec2instanceid
             '''
             result = self._values.get("ec2_instance_id")
@@ -404,7 +411,10 @@ class CfnApplication(
 
         @builtins.property
         def sid(self) -> typing.Optional[builtins.str]:
-            '''
+            '''This string is the SAP System ID of the component.
+
+            Accepted values are alphanumeric.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-systemsmanagersap-application-componentinfo.html#cfn-systemsmanagersap-application-componentinfo-sid
             '''
             result = self._values.get("sid")

aws_cdk/aws_transfer/__init__.py

@@ -771,6 +771,11 @@ class CfnCertificate(
 ):
     '''Imports the signing and encryption certificates that you need to create local (AS2) profiles and partner profiles.
 
+    You can import both the certificate and its chain in the ``Certificate`` parameter.
+    .. epigraph::
+
+       If you use the ``Certificate`` parameter to upload both the certificate and its chain, don't use the ``CertificateChain`` parameter.
+
     :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-transfer-certificate.html
     :cloudformationResource: AWS::Transfer::Certificate
     :exampleMetadata: fixture=_generated
@@ -817,10 +822,10 @@ class CfnCertificate(
         :param id: Construct identifier for this resource (unique in its scope).
         :param certificate: The file name for the certificate.
         :param usage: Specifies how this certificate is used. It can be used in the following ways:. - ``SIGNING`` : For signing AS2 messages - ``ENCRYPTION`` : For encrypting AS2 messages - ``TLS`` : For securing AS2 communications sent over HTTPS
-        :param active_date: An optional date that specifies when the certificate becomes active.
+        :param active_date: An optional date that specifies when the certificate becomes active. If you do not specify a value, ``ActiveDate`` takes the same value as ``NotBeforeDate`` , which is specified by the CA.
         :param certificate_chain: The list of certificates that make up the chain for the certificate.
         :param description: The name or description that's used to identity the certificate.
-        :param inactive_date: An optional date that specifies when the certificate becomes inactive.
+        :param inactive_date: An optional date that specifies when the certificate becomes inactive. If you do not specify a value, ``InactiveDate`` takes the same value as ``NotAfterDate`` , which is specified by the CA.
         :param private_key: The file that contains the private key for the certificate that's being imported.
         :param tags: Key-value pairs that can be used to group and search for certificates.
         '''
@@ -1090,10 +1095,10 @@ class CfnCertificateProps:
 
         :param certificate: The file name for the certificate.
         :param usage: Specifies how this certificate is used. It can be used in the following ways:. - ``SIGNING`` : For signing AS2 messages - ``ENCRYPTION`` : For encrypting AS2 messages - ``TLS`` : For securing AS2 communications sent over HTTPS
-        :param active_date: An optional date that specifies when the certificate becomes active.
+        :param active_date: An optional date that specifies when the certificate becomes active. If you do not specify a value, ``ActiveDate`` takes the same value as ``NotBeforeDate`` , which is specified by the CA.
         :param certificate_chain: The list of certificates that make up the chain for the certificate.
         :param description: The name or description that's used to identity the certificate.
-        :param inactive_date: An optional date that specifies when the certificate becomes inactive.
+        :param inactive_date: An optional date that specifies when the certificate becomes inactive. If you do not specify a value, ``InactiveDate`` takes the same value as ``NotAfterDate`` , which is specified by the CA.
         :param private_key: The file that contains the private key for the certificate that's being imported.
         :param tags: Key-value pairs that can be used to group and search for certificates.
 
@@ -1177,6 +1182,8 @@ class CfnCertificateProps:
     def active_date(self) -> typing.Optional[builtins.str]:
         '''An optional date that specifies when the certificate becomes active.
 
+        If you do not specify a value, ``ActiveDate`` takes the same value as ``NotBeforeDate`` , which is specified by the CA.
+
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-transfer-certificate.html#cfn-transfer-certificate-activedate
         '''
         result = self._values.get("active_date")
@@ -1204,6 +1211,8 @@ class CfnCertificateProps:
     def inactive_date(self) -> typing.Optional[builtins.str]:
         '''An optional date that specifies when the certificate becomes inactive.
 
+        If you do not specify a value, ``InactiveDate`` takes the same value as ``NotAfterDate`` , which is specified by the CA.
+
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-transfer-certificate.html#cfn-transfer-certificate-inactivedate
         '''
         result = self._values.get("inactive_date")
@@ -1526,7 +1535,7 @@ class CfnConnector(
             :param compression: Specifies whether the AS2 file is compressed.
             :param encryption_algorithm: The algorithm that is used to encrypt the file. Note the following: - Do not use the ``DES_EDE3_CBC`` algorithm unless you must support a legacy client that requires it, as it is a weak encryption algorithm. - You can only specify ``NONE`` if the URL for your connector uses HTTPS. Using HTTPS ensures that no traffic is sent in clear text.
             :param local_profile_id: A unique identifier for the AS2 local profile.
-            :param mdn_response: Used for outbound requests (from an AWS Transfer Family server to a partner AS2 server) to determine whether the partner response for transfers is synchronous or asynchronous. Specify either of the following values: - ``SYNC`` : The system expects a synchronous MDN response, confirming that the file was transferred successfully (or not). - ``NONE`` : Specifies that no MDN response is required.
+            :param mdn_response: Used for outbound requests (from an AWS Transfer Family connector to a partner AS2 server) to determine whether the partner response for transfers is synchronous or asynchronous. Specify either of the following values: - ``SYNC`` : The system expects a synchronous MDN response, confirming that the file was transferred successfully (or not). - ``NONE`` : Specifies that no MDN response is required.
             :param mdn_signing_algorithm: The signing algorithm for the MDN response. .. epigraph:: If set to DEFAULT (or not set at all), the value for ``SigningAlgorithm`` is used.
             :param message_subject: Used as the ``Subject`` HTTP header attribute in AS2 messages that are being sent with the connector.
             :param partner_profile_id: A unique identifier for the partner profile for the connector.
@@ -1651,7 +1660,7 @@ class CfnConnector(
 
         @builtins.property
         def mdn_response(self) -> typing.Optional[builtins.str]:
-            '''Used for outbound requests (from an AWS Transfer Family server to a partner AS2 server) to determine whether the partner response for transfers is synchronous or asynchronous.
+            '''Used for outbound requests (from an AWS Transfer Family connector to a partner AS2 server) to determine whether the partner response for transfers is synchronous or asynchronous.
 
             Specify either of the following values:
 
@@ -2394,7 +2403,7 @@ class CfnServer(
         :param endpoint_type: The type of endpoint that you want your server to use. You can choose to make your server's endpoint publicly accessible (PUBLIC) or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it. .. epigraph:: After May 19, 2021, you won't be able to create a server using ``EndpointType=VPC_ENDPOINT`` in your AWS account if your account hasn't already done so before May 19, 2021. If you have already created servers with ``EndpointType=VPC_ENDPOINT`` in your AWS account on or before May 19, 2021, you will not be affected. After this date, use ``EndpointType`` = ``VPC`` . For more information, see `Discontinuing the use of VPC_ENDPOINT <https://docs.aws.amazon.com//transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint>`_ . It is recommended that you use ``VPC`` as the ``EndpointType`` . With this endpoint type, you have the option to directly associate up to three Elastic IPv4 addresses (BYO IP included) with your server's endpoint and use VPC security groups to restrict traffic by the client's public IP address. This is not possible with ``EndpointType`` set to ``VPC_ENDPOINT`` .
         :param identity_provider_details: Required when ``IdentityProviderType`` is set to ``AWS_DIRECTORY_SERVICE`` , ``AWS _LAMBDA`` or ``API_GATEWAY`` . Accepts an array containing all of the information required to use a directory in ``AWS_DIRECTORY_SERVICE`` or invoke a customer-supplied authentication API, including the API Gateway URL. Cannot be specified when ``IdentityProviderType`` is set to ``SERVICE_MANAGED`` .
         :param identity_provider_type: The mode of authentication for a server. The default value is ``SERVICE_MANAGED`` , which allows you to store and access user credentials within the AWS Transfer Family service. Use ``AWS_DIRECTORY_SERVICE`` to provide access to Active Directory groups in AWS Directory Service for Microsoft Active Directory or Microsoft Active Directory in your on-premises environment or in AWS using AD Connector. This option also requires you to provide a Directory ID by using the ``IdentityProviderDetails`` parameter. Use the ``API_GATEWAY`` value to integrate with an identity provider of your choosing. The ``API_GATEWAY`` setting requires you to provide an Amazon API Gateway endpoint URL to call for authentication by using the ``IdentityProviderDetails`` parameter. Use the ``AWS_LAMBDA`` value to directly use an AWS Lambda function as your identity provider. If you choose this value, you must specify the ARN for the Lambda function in the ``Function`` parameter for the ``IdentityProviderDetails`` data type.
-        :param logging_role: The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFSevents. When set, you can view user activity in your CloudWatch logs.
+        :param logging_role: The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, you can view user activity in your CloudWatch logs.
         :param post_authentication_login_banner: Specifies a string to display when users connect to a server. This string is displayed after the user authenticates. .. epigraph:: The SFTP protocol does not support post-authentication display banners.
         :param pre_authentication_login_banner: Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. For example, the following banner displays details about using the system: ``This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.``
         :param protocol_details: The protocol settings that are configured for your server. - To indicate passive mode (for FTP and FTPS protocols), use the ``PassiveIp`` parameter. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer. - To ignore the error that is generated when the client attempts to use the ``SETSTAT`` command on a file that you are uploading to an Amazon S3 bucket, use the ``SetStatOption`` parameter. To have the AWS Transfer Family server ignore the ``SETSTAT`` command and upload files without needing to make any changes to your SFTP client, set the value to ``ENABLE_NO_OP`` . If you set the ``SetStatOption`` parameter to ``ENABLE_NO_OP`` , Transfer Family generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a ``SETSTAT`` call. - To determine whether your AWS Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the ``TlsSessionResumptionMode`` parameter. - ``As2Transports`` indicates the transport method for the AS2 messages. Currently, only HTTP is supported. The ``Protocols`` parameter is an array of strings. *Allowed values* : One or more of ``SFTP`` , ``FTPS`` , ``FTP`` , ``AS2``
@@ -2606,7 +2615,7 @@ class CfnServer(
     @builtins.property
     @jsii.member(jsii_name="loggingRole")
     def logging_role(self) -> typing.Optional[builtins.str]:
-        '''The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFSevents.'''
+        '''The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events.'''
         return typing.cast(typing.Optional[builtins.str], jsii.get(self, "loggingRole"))
 
     @logging_role.setter
@@ -3468,7 +3477,7 @@ class CfnServerProps:
         :param endpoint_type: The type of endpoint that you want your server to use. You can choose to make your server's endpoint publicly accessible (PUBLIC) or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it. .. epigraph:: After May 19, 2021, you won't be able to create a server using ``EndpointType=VPC_ENDPOINT`` in your AWS account if your account hasn't already done so before May 19, 2021. If you have already created servers with ``EndpointType=VPC_ENDPOINT`` in your AWS account on or before May 19, 2021, you will not be affected. After this date, use ``EndpointType`` = ``VPC`` . For more information, see `Discontinuing the use of VPC_ENDPOINT <https://docs.aws.amazon.com//transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint>`_ . It is recommended that you use ``VPC`` as the ``EndpointType`` . With this endpoint type, you have the option to directly associate up to three Elastic IPv4 addresses (BYO IP included) with your server's endpoint and use VPC security groups to restrict traffic by the client's public IP address. This is not possible with ``EndpointType`` set to ``VPC_ENDPOINT`` .
         :param identity_provider_details: Required when ``IdentityProviderType`` is set to ``AWS_DIRECTORY_SERVICE`` , ``AWS _LAMBDA`` or ``API_GATEWAY`` . Accepts an array containing all of the information required to use a directory in ``AWS_DIRECTORY_SERVICE`` or invoke a customer-supplied authentication API, including the API Gateway URL. Cannot be specified when ``IdentityProviderType`` is set to ``SERVICE_MANAGED`` .
         :param identity_provider_type: The mode of authentication for a server. The default value is ``SERVICE_MANAGED`` , which allows you to store and access user credentials within the AWS Transfer Family service. Use ``AWS_DIRECTORY_SERVICE`` to provide access to Active Directory groups in AWS Directory Service for Microsoft Active Directory or Microsoft Active Directory in your on-premises environment or in AWS using AD Connector. This option also requires you to provide a Directory ID by using the ``IdentityProviderDetails`` parameter. Use the ``API_GATEWAY`` value to integrate with an identity provider of your choosing. The ``API_GATEWAY`` setting requires you to provide an Amazon API Gateway endpoint URL to call for authentication by using the ``IdentityProviderDetails`` parameter. Use the ``AWS_LAMBDA`` value to directly use an AWS Lambda function as your identity provider. If you choose this value, you must specify the ARN for the Lambda function in the ``Function`` parameter for the ``IdentityProviderDetails`` data type.
-        :param logging_role: The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFSevents. When set, you can view user activity in your CloudWatch logs.
+        :param logging_role: The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events. When set, you can view user activity in your CloudWatch logs.
         :param post_authentication_login_banner: Specifies a string to display when users connect to a server. This string is displayed after the user authenticates. .. epigraph:: The SFTP protocol does not support post-authentication display banners.
         :param pre_authentication_login_banner: Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. For example, the following banner displays details about using the system: ``This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.``
         :param protocol_details: The protocol settings that are configured for your server. - To indicate passive mode (for FTP and FTPS protocols), use the ``PassiveIp`` parameter. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer. - To ignore the error that is generated when the client attempts to use the ``SETSTAT`` command on a file that you are uploading to an Amazon S3 bucket, use the ``SetStatOption`` parameter. To have the AWS Transfer Family server ignore the ``SETSTAT`` command and upload files without needing to make any changes to your SFTP client, set the value to ``ENABLE_NO_OP`` . If you set the ``SetStatOption`` parameter to ``ENABLE_NO_OP`` , Transfer Family generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a ``SETSTAT`` call. - To determine whether your AWS Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the ``TlsSessionResumptionMode`` parameter. - ``As2Transports`` indicates the transport method for the AS2 messages. Currently, only HTTP is supported. The ``Protocols`` parameter is an array of strings. *Allowed values* : One or more of ``SFTP`` , ``FTPS`` , ``FTP`` , ``AS2``
@@ -3693,7 +3702,7 @@ class CfnServerProps:
 
     @builtins.property
     def logging_role(self) -> typing.Optional[builtins.str]:
-        '''The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFSevents.
+        '''The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFS events.
 
         When set, you can view user activity in your CloudWatch logs.