aws-cdk-lib 2.188.0__py3-none-any.whl → 2.189.0__py3-none-any.whl

aws_cdk/aws_ec2/__init__.py

@@ -22660,7 +22660,7 @@ class CfnInstance(
             :param associate_public_ip_address: Indicates whether to assign a public IPv4 address to an instance. Applies only if creating a network interface when launching an instance. The network interface must be the primary network interface. If launching into a default subnet, the default value is ``true`` . AWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the `VPC pricing page <https://docs.aws.amazon.com/vpc/pricing/>`_ .
             :param delete_on_termination: Indicates whether the network interface is deleted when the instance is terminated. Applies only if creating a network interface when launching an instance.
             :param description: The description of the network interface. Applies only if creating a network interface when launching an instance.
-            :param ena_srd_specification: Specifies the ENA Express settings for the network interface that's attached to the instance.
+            :param ena_srd_specification: Configures ENA Express for UDP network traffic.
             :param group_set: The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.
             :param ipv6_address_count: A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.
             :param ipv6_addresses: The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.
@@ -22824,7 +22824,7 @@ class CfnInstance(
         def ena_srd_specification(
             self,
         ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnInstance.EnaSrdSpecificationProperty"]]:
-            '''Specifies the ENA Express settings for the network interface that's attached to the instance.
+            '''Configures ENA Express for UDP network traffic.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance-networkinterface.html#cfn-ec2-instance-networkinterface-enasrdspecification
             '''
@@ -29498,7 +29498,7 @@ class CfnLaunchTemplate(
             :param connection_tracking_specification: A connection tracking specification for the network interface.
             :param delete_on_termination: Indicates whether the network interface is deleted when the instance is terminated.
             :param description: A description for the network interface.
-            :param device_index: The device index for the network interface attachment. If the network interface is of type ``interface`` , you must specify a device index. If you create a launch template that includes secondary network interfaces but no primary network interface, and you specify it using the ``LaunchTemplate`` property of ``AWS::EC2::Instance`` , then you must include a primary network interface using the ``NetworkInterfaces`` property of ``AWS::EC2::Instance`` .
+            :param device_index: The device index for the network interface attachment. The primary network interface has a device index of 0. If the network interface is of type ``interface`` , you must specify a device index. If you create a launch template that includes secondary network interfaces but no primary network interface, and you specify it using the ``LaunchTemplate`` property of ``AWS::EC2::Instance`` , then you must include a primary network interface using the ``NetworkInterfaces`` property of ``AWS::EC2::Instance`` .
             :param ena_srd_specification: The ENA Express configuration for the network interface.
             :param groups: The IDs of one or more security groups.
             :param interface_type: The type of network interface. To create an Elastic Fabric Adapter (EFA), specify ``efa`` or ``efa`` . For more information, see `Elastic Fabric Adapter for AI/ML and HPC workloads on Amazon EC2 <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html>`_ in the *Amazon EC2 User Guide* . If you are not creating an EFA, specify ``interface`` or omit this parameter. If you specify ``efa-only`` , do not assign any IP addresses to the network interface. EFA-only network interfaces do not support IP addresses. Valid values: ``interface`` | ``efa`` | ``efa-only``
@@ -29699,7 +29699,7 @@ class CfnLaunchTemplate(
         def device_index(self) -> typing.Optional[jsii.Number]:
             '''The device index for the network interface attachment.
 
-            If the network interface is of type ``interface`` , you must specify a device index.
+            The primary network interface has a device index of 0. If the network interface is of type ``interface`` , you must specify a device index.
 
             If you create a launch template that includes secondary network interfaces but no primary network interface, and you specify it using the ``LaunchTemplate`` property of ``AWS::EC2::Instance`` , then you must include a primary network interface using the ``NetworkInterfaces`` property of ``AWS::EC2::Instance`` .
 
@@ -42164,7 +42164,11 @@ class CfnRouteServer(
     metaclass=jsii.JSIIMeta,
     jsii_type="aws-cdk-lib.aws_ec2.CfnRouteServer",
 ):
-    '''VPC Route Server.
+    '''Specifies a route server to manage dynamic routing in a VPC.
+
+    Amazon VPC Route Server simplifies routing for traffic between workloads that are deployed within a VPC and its internet gateways. With this feature, VPC Route Server dynamically updates VPC and internet gateway route tables with your preferred routes to achieve routing fault tolerance for those workloads. This enables you to automatically reroute traffic within a VPC, which increases the manageability of VPC routing and interoperability with third-party workloads.
+
+    For more information see `Dynamic routing in your VPC with VPC Route Server <https://docs.aws.amazon.com/vpc/latest/userguide/dynamic-routing-route-server.html>`_ in the *Amazon VPC User Guide* .
 
     :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserver.html
     :cloudformationResource: AWS::EC2::RouteServer
@@ -42204,11 +42208,11 @@ class CfnRouteServer(
         '''
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
-        :param amazon_side_asn: The Amazon-side ASN of the Route Server.
-        :param persist_routes: Whether to enable persistent routes.
-        :param persist_routes_duration: The duration of persistent routes in minutes.
-        :param sns_notifications_enabled: Whether to enable SNS notifications.
-        :param tags: An array of key-value pairs to apply to this resource.
+        :param amazon_side_asn: The Border Gateway Protocol (BGP) Autonomous System Number (ASN) for the appliance. Valid values are from 1 to 4294967295. We recommend using a private ASN in the 64512–65534 (16-bit ASN) or 4200000000–4294967294 (32-bit ASN) range.
+        :param persist_routes: Indicates whether routes should be persisted after all BGP sessions are terminated.
+        :param persist_routes_duration: The number of minutes a route server will wait after BGP is re-established to unpersist the routes in the FIB and RIB. Value must be in the range of 1-5. The default value is 1. Only valid if ``persistRoutesState`` is 'enabled'. If you set the duration to 1 minute, then when your network appliance re-establishes BGP with route server, it has 1 minute to relearn it's adjacent network and advertise those routes to route server before route server resumes normal functionality. In most cases, 1 minute is probably sufficient. If, however, you have concerns that your BGP network may not be capable of fully re-establishing and re-learning everything in 1 minute, you can increase the duration up to 5 minutes.
+        :param sns_notifications_enabled: Indicates whether SNS notifications are enabled for the route server. Enabling SNS notifications persists BGP status changes to an SNS topic provisioned by AWS .
+        :param tags: Any tags assigned to the route server.
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__e744a2467360e6327da0cb79726e11e01d594dbeec11f2982a422bcb176447d5)
@@ -42257,7 +42261,7 @@ class CfnRouteServer(
     @builtins.property
     @jsii.member(jsii_name="attrArn")
     def attr_arn(self) -> builtins.str:
-        '''The Amazon Resource Name (ARN) of the Route Server.
+        '''The ARN of the route server.
 
         :cloudformationAttribute: Arn
         '''
@@ -42266,7 +42270,7 @@ class CfnRouteServer(
     @builtins.property
     @jsii.member(jsii_name="attrId")
     def attr_id(self) -> builtins.str:
-        '''The ID of the Route Server.
+        '''The ID of the route server.
 
         :cloudformationAttribute: Id
         '''
@@ -42286,7 +42290,7 @@ class CfnRouteServer(
     @builtins.property
     @jsii.member(jsii_name="amazonSideAsn")
     def amazon_side_asn(self) -> jsii.Number:
-        '''The Amazon-side ASN of the Route Server.'''
+        '''The Border Gateway Protocol (BGP) Autonomous System Number (ASN) for the appliance.'''
         return typing.cast(jsii.Number, jsii.get(self, "amazonSideAsn"))
 
     @amazon_side_asn.setter
@@ -42299,7 +42303,7 @@ class CfnRouteServer(
     @builtins.property
     @jsii.member(jsii_name="persistRoutes")
     def persist_routes(self) -> typing.Optional[builtins.str]:
-        '''Whether to enable persistent routes.'''
+        '''Indicates whether routes should be persisted after all BGP sessions are terminated.'''
         return typing.cast(typing.Optional[builtins.str], jsii.get(self, "persistRoutes"))
 
     @persist_routes.setter
@@ -42312,7 +42316,7 @@ class CfnRouteServer(
     @builtins.property
     @jsii.member(jsii_name="persistRoutesDuration")
     def persist_routes_duration(self) -> typing.Optional[jsii.Number]:
-        '''The duration of persistent routes in minutes.'''
+        '''The number of minutes a route server will wait after BGP is re-established to unpersist the routes in the FIB and RIB.'''
         return typing.cast(typing.Optional[jsii.Number], jsii.get(self, "persistRoutesDuration"))
 
     @persist_routes_duration.setter
@@ -42327,7 +42331,7 @@ class CfnRouteServer(
     def sns_notifications_enabled(
         self,
     ) -> typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]]:
-        '''Whether to enable SNS notifications.'''
+        '''Indicates whether SNS notifications are enabled for the route server.'''
         return typing.cast(typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]], jsii.get(self, "snsNotificationsEnabled"))
 
     @sns_notifications_enabled.setter
@@ -42343,7 +42347,7 @@ class CfnRouteServer(
     @builtins.property
     @jsii.member(jsii_name="tags")
     def tags(self) -> typing.Optional[typing.List[_CfnTag_f6864754]]:
-        '''An array of key-value pairs to apply to this resource.'''
+        '''Any tags assigned to the route server.'''
         return typing.cast(typing.Optional[typing.List[_CfnTag_f6864754]], jsii.get(self, "tags"))
 
     @tags.setter
@@ -42360,7 +42364,9 @@ class CfnRouteServerAssociation(
     metaclass=jsii.JSIIMeta,
     jsii_type="aws-cdk-lib.aws_ec2.CfnRouteServerAssociation",
 ):
-    '''VPC Route Server Association.
+    '''Specifies the association between a route server and a VPC.
+
+    A route server association is the connection established between a route server and a VPC.
 
     :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserverassociation.html
     :cloudformationResource: AWS::EC2::RouteServerAssociation
@@ -42389,8 +42395,8 @@ class CfnRouteServerAssociation(
         '''
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
-        :param route_server_id: Route Server ID.
-        :param vpc_id: VPC ID.
+        :param route_server_id: The ID of the associated route server.
+        :param vpc_id: The ID of the associated VPC.
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__3e6189f73b644788c8019b72b4d8a2aa6c79c4d018333b9c657eba49644b2680)
@@ -42440,7 +42446,7 @@ class CfnRouteServerAssociation(
     @builtins.property
     @jsii.member(jsii_name="routeServerId")
     def route_server_id(self) -> builtins.str:
-        '''Route Server ID.'''
+        '''The ID of the associated route server.'''
         return typing.cast(builtins.str, jsii.get(self, "routeServerId"))
 
     @route_server_id.setter
@@ -42453,7 +42459,7 @@ class CfnRouteServerAssociation(
     @builtins.property
     @jsii.member(jsii_name="vpcId")
     def vpc_id(self) -> builtins.str:
-        '''VPC ID.'''
+        '''The ID of the associated VPC.'''
         return typing.cast(builtins.str, jsii.get(self, "vpcId"))
 
     @vpc_id.setter
@@ -42473,8 +42479,8 @@ class CfnRouteServerAssociationProps:
     def __init__(self, *, route_server_id: builtins.str, vpc_id: builtins.str) -> None:
         '''Properties for defining a ``CfnRouteServerAssociation``.
 
-        :param route_server_id: Route Server ID.
-        :param vpc_id: VPC ID.
+        :param route_server_id: The ID of the associated route server.
+        :param vpc_id: The ID of the associated VPC.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserverassociation.html
         :exampleMetadata: fixture=_generated
@@ -42501,7 +42507,7 @@ class CfnRouteServerAssociationProps:
 
     @builtins.property
     def route_server_id(self) -> builtins.str:
-        '''Route Server ID.
+        '''The ID of the associated route server.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserverassociation.html#cfn-ec2-routeserverassociation-routeserverid
         '''
@@ -42511,7 +42517,7 @@ class CfnRouteServerAssociationProps:
 
     @builtins.property
     def vpc_id(self) -> builtins.str:
-        '''VPC ID.
+        '''The ID of the associated VPC.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserverassociation.html#cfn-ec2-routeserverassociation-vpcid
         '''
@@ -42537,7 +42543,11 @@ class CfnRouteServerEndpoint(
     metaclass=jsii.JSIIMeta,
     jsii_type="aws-cdk-lib.aws_ec2.CfnRouteServerEndpoint",
 ):
-    '''VPC Route Server Endpoint.
+    '''Creates a new endpoint for a route server in a specified subnet.
+
+    A route server endpoint is an AWS -managed component inside a subnet that facilitates `BGP (Border Gateway Protocol) <https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Border_Gateway_Protocol>`_ connections between your route server and your BGP peers.
+
+    For more information see `Dynamic routing in your VPC with VPC Route Server <https://docs.aws.amazon.com/vpc/latest/userguide/dynamic-routing-route-server.html>`_ in the *Amazon VPC User Guide* .
 
     :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserverendpoint.html
     :cloudformationResource: AWS::EC2::RouteServerEndpoint
@@ -42573,9 +42583,9 @@ class CfnRouteServerEndpoint(
         '''
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
-        :param route_server_id: Route Server ID.
-        :param subnet_id: Subnet ID.
-        :param tags: An array of key-value pairs to apply to this resource.
+        :param route_server_id: The ID of the route server associated with this endpoint.
+        :param subnet_id: The ID of the subnet to place the route server endpoint into.
+        :param tags: Any tags assigned to the route server endpoint.
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__bc6285d87d5119c3a92dc59ed8148d7d11adb84676a3fb4a32f638fcab96de86)
@@ -42620,7 +42630,7 @@ class CfnRouteServerEndpoint(
     @builtins.property
     @jsii.member(jsii_name="attrArn")
     def attr_arn(self) -> builtins.str:
-        '''The Amazon Resource Name (ARN) of the Route Server Endpoint.
+        '''The ARN for the endpoint.
 
         :cloudformationAttribute: Arn
         '''
@@ -42629,7 +42639,7 @@ class CfnRouteServerEndpoint(
     @builtins.property
     @jsii.member(jsii_name="attrEniAddress")
     def attr_eni_address(self) -> builtins.str:
-        '''Elastic Network Interface IP address owned by the Route Server Endpoint.
+        '''The IP address of the Elastic network interface for the endpoint.
 
         :cloudformationAttribute: EniAddress
         '''
@@ -42638,7 +42648,7 @@ class CfnRouteServerEndpoint(
     @builtins.property
     @jsii.member(jsii_name="attrEniId")
     def attr_eni_id(self) -> builtins.str:
-        '''Elastic Network Interface ID owned by the Route Server Endpoint.
+        '''The ID of the Elastic network interface for the endpoint.
 
         :cloudformationAttribute: EniId
         '''
@@ -42647,7 +42657,7 @@ class CfnRouteServerEndpoint(
     @builtins.property
     @jsii.member(jsii_name="attrId")
     def attr_id(self) -> builtins.str:
-        '''The ID of the Route Server Endpoint.
+        '''The unique identifier of the route server endpoint.
 
         :cloudformationAttribute: Id
         '''
@@ -42656,7 +42666,7 @@ class CfnRouteServerEndpoint(
     @builtins.property
     @jsii.member(jsii_name="attrVpcId")
     def attr_vpc_id(self) -> builtins.str:
-        '''VPC ID.
+        '''The ID of the VPC containing the endpoint.
 
         :cloudformationAttribute: VpcId
         '''
@@ -42676,7 +42686,7 @@ class CfnRouteServerEndpoint(
     @builtins.property
     @jsii.member(jsii_name="routeServerId")
     def route_server_id(self) -> builtins.str:
-        '''Route Server ID.'''
+        '''The ID of the route server associated with this endpoint.'''
         return typing.cast(builtins.str, jsii.get(self, "routeServerId"))
 
     @route_server_id.setter
@@ -42689,7 +42699,7 @@ class CfnRouteServerEndpoint(
     @builtins.property
     @jsii.member(jsii_name="subnetId")
     def subnet_id(self) -> builtins.str:
-        '''Subnet ID.'''
+        '''The ID of the subnet to place the route server endpoint into.'''
         return typing.cast(builtins.str, jsii.get(self, "subnetId"))
 
     @subnet_id.setter
@@ -42702,7 +42712,7 @@ class CfnRouteServerEndpoint(
     @builtins.property
     @jsii.member(jsii_name="tags")
     def tags(self) -> typing.Optional[typing.List[_CfnTag_f6864754]]:
-        '''An array of key-value pairs to apply to this resource.'''
+        '''Any tags assigned to the route server endpoint.'''
         return typing.cast(typing.Optional[typing.List[_CfnTag_f6864754]], jsii.get(self, "tags"))
 
     @tags.setter
@@ -42732,9 +42742,9 @@ class CfnRouteServerEndpointProps:
     ) -> None:
         '''Properties for defining a ``CfnRouteServerEndpoint``.
 
-        :param route_server_id: Route Server ID.
-        :param subnet_id: Subnet ID.
-        :param tags: An array of key-value pairs to apply to this resource.
+        :param route_server_id: The ID of the route server associated with this endpoint.
+        :param subnet_id: The ID of the subnet to place the route server endpoint into.
+        :param tags: Any tags assigned to the route server endpoint.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserverendpoint.html
         :exampleMetadata: fixture=_generated
@@ -42770,7 +42780,7 @@ class CfnRouteServerEndpointProps:
 
     @builtins.property
     def route_server_id(self) -> builtins.str:
-        '''Route Server ID.
+        '''The ID of the route server associated with this endpoint.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserverendpoint.html#cfn-ec2-routeserverendpoint-routeserverid
         '''
@@ -42780,7 +42790,7 @@ class CfnRouteServerEndpointProps:
 
     @builtins.property
     def subnet_id(self) -> builtins.str:
-        '''Subnet ID.
+        '''The ID of the subnet to place the route server endpoint into.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserverendpoint.html#cfn-ec2-routeserverendpoint-subnetid
         '''
@@ -42790,7 +42800,7 @@ class CfnRouteServerEndpointProps:
 
     @builtins.property
     def tags(self) -> typing.Optional[typing.List[_CfnTag_f6864754]]:
-        '''An array of key-value pairs to apply to this resource.
+        '''Any tags assigned to the route server endpoint.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserverendpoint.html#cfn-ec2-routeserverendpoint-tags
         '''
@@ -42815,7 +42825,9 @@ class CfnRouteServerPeer(
     metaclass=jsii.JSIIMeta,
     jsii_type="aws-cdk-lib.aws_ec2.CfnRouteServerPeer",
 ):
-    '''VPC Route Server Peer.
+    '''Specifies a BGP peer configuration for a route server endpoint.
+
+    A route server peer is a session between a route server endpoint and the device deployed in AWS (such as a firewall appliance or other network security function running on an EC2 instance).
 
     :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserverpeer.html
     :cloudformationResource: AWS::EC2::RouteServerPeer
@@ -42856,10 +42868,10 @@ class CfnRouteServerPeer(
         '''
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
-        :param bgp_options: BGP Options.
-        :param peer_address: IP address of the Route Server Peer.
-        :param route_server_endpoint_id: Route Server Endpoint ID.
-        :param tags: An array of key-value pairs to apply to this resource.
+        :param bgp_options: The BGP configuration options for this peer, including ASN (Autonomous System Number) and BFD (Bidrectional Forwarding Detection) settings.
+        :param peer_address: The IPv4 address of the peer device.
+        :param route_server_endpoint_id: The ID of the route server endpoint associated with this peer.
+        :param tags: Any tags assigned to the route server peer.
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__1a1790ead48cbfa3b30bad1ac0c338d415fa3cdaeb20762a23ab6b7030c2266d)
@@ -42907,7 +42919,7 @@ class CfnRouteServerPeer(
     @builtins.property
     @jsii.member(jsii_name="attrArn")
     def attr_arn(self) -> builtins.str:
-        '''The Amazon Resource Name (ARN) of the Route Server Peer.
+        '''The ARN of the route server peer.
 
         :cloudformationAttribute: Arn
         '''
@@ -42916,7 +42928,7 @@ class CfnRouteServerPeer(
     @builtins.property
     @jsii.member(jsii_name="attrEndpointEniAddress")
     def attr_endpoint_eni_address(self) -> builtins.str:
-        '''Elastic Network Interface IP address owned by the Route Server Endpoint.
+        '''The IP address of the Elastic network interface for the route server endpoint.
 
         :cloudformationAttribute: EndpointEniAddress
         '''
@@ -42925,7 +42937,7 @@ class CfnRouteServerPeer(
     @builtins.property
     @jsii.member(jsii_name="attrEndpointEniId")
     def attr_endpoint_eni_id(self) -> builtins.str:
-        '''Elastic Network Interface ID owned by the Route Server Endpoint.
+        '''The ID of the Elastic network interface for the route server endpoint.
 
         :cloudformationAttribute: EndpointEniId
         '''
@@ -42934,7 +42946,7 @@ class CfnRouteServerPeer(
     @builtins.property
     @jsii.member(jsii_name="attrId")
     def attr_id(self) -> builtins.str:
-        '''The ID of the Route Server Peer.
+        '''The ID of the route server peer.
 
         :cloudformationAttribute: Id
         '''
@@ -42943,7 +42955,7 @@ class CfnRouteServerPeer(
     @builtins.property
     @jsii.member(jsii_name="attrRouteServerId")
     def attr_route_server_id(self) -> builtins.str:
-        '''Route Server ID.
+        '''The ID of the route server associated with this peer.
 
         :cloudformationAttribute: RouteServerId
         '''
@@ -42952,7 +42964,7 @@ class CfnRouteServerPeer(
     @builtins.property
     @jsii.member(jsii_name="attrSubnetId")
     def attr_subnet_id(self) -> builtins.str:
-        '''Subnet ID.
+        '''The ID of the subnet containing the route server peer.
 
         :cloudformationAttribute: SubnetId
         '''
@@ -42961,7 +42973,7 @@ class CfnRouteServerPeer(
     @builtins.property
     @jsii.member(jsii_name="attrVpcId")
     def attr_vpc_id(self) -> builtins.str:
-        '''VPC ID.
+        '''The ID of the VPC containing the route server peer.
 
         :cloudformationAttribute: VpcId
         '''
@@ -42983,7 +42995,7 @@ class CfnRouteServerPeer(
     def bgp_options(
         self,
     ) -> typing.Union[_IResolvable_da3f097b, "CfnRouteServerPeer.BgpOptionsProperty"]:
-        '''BGP Options.'''
+        '''The BGP configuration options for this peer, including ASN (Autonomous System Number) and BFD (Bidrectional Forwarding Detection) settings.'''
         return typing.cast(typing.Union[_IResolvable_da3f097b, "CfnRouteServerPeer.BgpOptionsProperty"], jsii.get(self, "bgpOptions"))
 
     @bgp_options.setter
@@ -42999,7 +43011,7 @@ class CfnRouteServerPeer(
     @builtins.property
     @jsii.member(jsii_name="peerAddress")
     def peer_address(self) -> builtins.str:
-        '''IP address of the Route Server Peer.'''
+        '''The IPv4 address of the peer device.'''
         return typing.cast(builtins.str, jsii.get(self, "peerAddress"))
 
     @peer_address.setter
@@ -43012,7 +43024,7 @@ class CfnRouteServerPeer(
     @builtins.property
     @jsii.member(jsii_name="routeServerEndpointId")
     def route_server_endpoint_id(self) -> builtins.str:
-        '''Route Server Endpoint ID.'''
+        '''The ID of the route server endpoint associated with this peer.'''
         return typing.cast(builtins.str, jsii.get(self, "routeServerEndpointId"))
 
     @route_server_endpoint_id.setter
@@ -43025,7 +43037,7 @@ class CfnRouteServerPeer(
     @builtins.property
     @jsii.member(jsii_name="tags")
     def tags(self) -> typing.Optional[typing.List[_CfnTag_f6864754]]:
-        '''An array of key-value pairs to apply to this resource.'''
+        '''Any tags assigned to the route server peer.'''
         return typing.cast(typing.Optional[typing.List[_CfnTag_f6864754]], jsii.get(self, "tags"))
 
     @tags.setter
@@ -43050,10 +43062,10 @@ class CfnRouteServerPeer(
             peer_asn: typing.Optional[jsii.Number] = None,
             peer_liveness_detection: typing.Optional[builtins.str] = None,
         ) -> None:
-            '''BGP Options.
+            '''The BGP configuration options for this peer, including ASN (Autonomous System Number) and BFD (Bidrectional Forwarding Detection) settings.
 
-            :param peer_asn: BGP ASN of the Route Server Peer.
-            :param peer_liveness_detection: BGP Liveness Detection.
+            :param peer_asn: The Border Gateway Protocol (BGP) Autonomous System Number (ASN) for the appliance. Valid values are from 1 to 4294967295. We recommend using a private ASN in the 64512–65534 (16-bit ASN) or 4200000000–4294967294 (32-bit ASN) range.
+            :param peer_liveness_detection: The liveness detection protocol used for the BGP peer. The requested liveness detection protocol for the BGP peer. - ``bgp-keepalive`` : The standard BGP keep alive mechanism ( `RFC4271 <https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc4271#page-21>`_ ) that is stable but may take longer to fail-over in cases of network impact or router failure. - ``bfd`` : An additional Bidirectional Forwarding Detection (BFD) protocol ( `RFC5880 <https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc5880>`_ ) that enables fast failover by using more sensitive liveness detection. Defaults to ``bgp-keepalive`` .
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-routeserverpeer-bgpoptions.html
             :exampleMetadata: fixture=_generated
@@ -43081,7 +43093,9 @@ class CfnRouteServerPeer(
 
         @builtins.property
         def peer_asn(self) -> typing.Optional[jsii.Number]:
-            '''BGP ASN of the Route Server Peer.
+            '''The Border Gateway Protocol (BGP) Autonomous System Number (ASN) for the appliance.
+
+            Valid values are from 1 to 4294967295. We recommend using a private ASN in the 64512–65534 (16-bit ASN) or 4200000000–4294967294 (32-bit ASN) range.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-routeserverpeer-bgpoptions.html#cfn-ec2-routeserverpeer-bgpoptions-peerasn
             '''
@@ -43090,7 +43104,14 @@ class CfnRouteServerPeer(
 
         @builtins.property
         def peer_liveness_detection(self) -> typing.Optional[builtins.str]:
-            '''BGP Liveness Detection.
+            '''The liveness detection protocol used for the BGP peer.
+
+            The requested liveness detection protocol for the BGP peer.
+
+            - ``bgp-keepalive`` : The standard BGP keep alive mechanism ( `RFC4271 <https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc4271#page-21>`_ ) that is stable but may take longer to fail-over in cases of network impact or router failure.
+            - ``bfd`` : An additional Bidirectional Forwarding Detection (BFD) protocol ( `RFC5880 <https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc5880>`_ ) that enables fast failover by using more sensitive liveness detection.
+
+            Defaults to ``bgp-keepalive`` .
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-routeserverpeer-bgpoptions.html#cfn-ec2-routeserverpeer-bgpoptions-peerlivenessdetection
             '''
@@ -43130,10 +43151,10 @@ class CfnRouteServerPeerProps:
     ) -> None:
         '''Properties for defining a ``CfnRouteServerPeer``.
 
-        :param bgp_options: BGP Options.
-        :param peer_address: IP address of the Route Server Peer.
-        :param route_server_endpoint_id: Route Server Endpoint ID.
-        :param tags: An array of key-value pairs to apply to this resource.
+        :param bgp_options: The BGP configuration options for this peer, including ASN (Autonomous System Number) and BFD (Bidrectional Forwarding Detection) settings.
+        :param peer_address: The IPv4 address of the peer device.
+        :param route_server_endpoint_id: The ID of the route server endpoint associated with this peer.
+        :param tags: Any tags assigned to the route server peer.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserverpeer.html
         :exampleMetadata: fixture=_generated
@@ -43177,7 +43198,7 @@ class CfnRouteServerPeerProps:
     def bgp_options(
         self,
     ) -> typing.Union[_IResolvable_da3f097b, CfnRouteServerPeer.BgpOptionsProperty]:
-        '''BGP Options.
+        '''The BGP configuration options for this peer, including ASN (Autonomous System Number) and BFD (Bidrectional Forwarding Detection) settings.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserverpeer.html#cfn-ec2-routeserverpeer-bgpoptions
         '''
@@ -43187,7 +43208,7 @@ class CfnRouteServerPeerProps:
 
     @builtins.property
     def peer_address(self) -> builtins.str:
-        '''IP address of the Route Server Peer.
+        '''The IPv4 address of the peer device.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserverpeer.html#cfn-ec2-routeserverpeer-peeraddress
         '''
@@ -43197,7 +43218,7 @@ class CfnRouteServerPeerProps:
 
     @builtins.property
     def route_server_endpoint_id(self) -> builtins.str:
-        '''Route Server Endpoint ID.
+        '''The ID of the route server endpoint associated with this peer.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserverpeer.html#cfn-ec2-routeserverpeer-routeserverendpointid
         '''
@@ -43207,7 +43228,7 @@ class CfnRouteServerPeerProps:
 
     @builtins.property
     def tags(self) -> typing.Optional[typing.List[_CfnTag_f6864754]]:
-        '''An array of key-value pairs to apply to this resource.
+        '''Any tags assigned to the route server peer.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserverpeer.html#cfn-ec2-routeserverpeer-tags
         '''
@@ -43232,7 +43253,9 @@ class CfnRouteServerPropagation(
     metaclass=jsii.JSIIMeta,
     jsii_type="aws-cdk-lib.aws_ec2.CfnRouteServerPropagation",
 ):
-    '''VPC Route Server Propagation.
+    '''Specifies route propagation from a route server to a route table.
+
+    For more information see `Dynamic routing in your VPC with VPC Route Server <https://docs.aws.amazon.com/vpc/latest/userguide/dynamic-routing-route-server.html>`_ in the *Amazon VPC User Guide* .
 
     :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserverpropagation.html
     :cloudformationResource: AWS::EC2::RouteServerPropagation
@@ -43261,8 +43284,8 @@ class CfnRouteServerPropagation(
         '''
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
-        :param route_server_id: Route Server ID.
-        :param route_table_id: Route Table ID.
+        :param route_server_id: The ID of the route server configured for route propagation.
+        :param route_table_id: The ID of the route table configured for route server propagation.
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__0d139e896cf279d926dd7b03bd4605d62bf6e6d336cab83c19f03f115f11332f)
@@ -43312,7 +43335,7 @@ class CfnRouteServerPropagation(
     @builtins.property
     @jsii.member(jsii_name="routeServerId")
     def route_server_id(self) -> builtins.str:
-        '''Route Server ID.'''
+        '''The ID of the route server configured for route propagation.'''
         return typing.cast(builtins.str, jsii.get(self, "routeServerId"))
 
     @route_server_id.setter
@@ -43325,7 +43348,7 @@ class CfnRouteServerPropagation(
     @builtins.property
     @jsii.member(jsii_name="routeTableId")
     def route_table_id(self) -> builtins.str:
-        '''Route Table ID.'''
+        '''The ID of the route table configured for route server propagation.'''
         return typing.cast(builtins.str, jsii.get(self, "routeTableId"))
 
     @route_table_id.setter
@@ -43353,8 +43376,8 @@ class CfnRouteServerPropagationProps:
     ) -> None:
         '''Properties for defining a ``CfnRouteServerPropagation``.
 
-        :param route_server_id: Route Server ID.
-        :param route_table_id: Route Table ID.
+        :param route_server_id: The ID of the route server configured for route propagation.
+        :param route_table_id: The ID of the route table configured for route server propagation.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserverpropagation.html
         :exampleMetadata: fixture=_generated
@@ -43381,7 +43404,7 @@ class CfnRouteServerPropagationProps:
 
     @builtins.property
     def route_server_id(self) -> builtins.str:
-        '''Route Server ID.
+        '''The ID of the route server configured for route propagation.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserverpropagation.html#cfn-ec2-routeserverpropagation-routeserverid
         '''
@@ -43391,7 +43414,7 @@ class CfnRouteServerPropagationProps:
 
     @builtins.property
     def route_table_id(self) -> builtins.str:
-        '''Route Table ID.
+        '''The ID of the route table configured for route server propagation.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserverpropagation.html#cfn-ec2-routeserverpropagation-routetableid
         '''
@@ -43434,11 +43457,11 @@ class CfnRouteServerProps:
     ) -> None:
         '''Properties for defining a ``CfnRouteServer``.
 
-        :param amazon_side_asn: The Amazon-side ASN of the Route Server.
-        :param persist_routes: Whether to enable persistent routes.
-        :param persist_routes_duration: The duration of persistent routes in minutes.
-        :param sns_notifications_enabled: Whether to enable SNS notifications.
-        :param tags: An array of key-value pairs to apply to this resource.
+        :param amazon_side_asn: The Border Gateway Protocol (BGP) Autonomous System Number (ASN) for the appliance. Valid values are from 1 to 4294967295. We recommend using a private ASN in the 64512–65534 (16-bit ASN) or 4200000000–4294967294 (32-bit ASN) range.
+        :param persist_routes: Indicates whether routes should be persisted after all BGP sessions are terminated.
+        :param persist_routes_duration: The number of minutes a route server will wait after BGP is re-established to unpersist the routes in the FIB and RIB. Value must be in the range of 1-5. The default value is 1. Only valid if ``persistRoutesState`` is 'enabled'. If you set the duration to 1 minute, then when your network appliance re-establishes BGP with route server, it has 1 minute to relearn it's adjacent network and advertise those routes to route server before route server resumes normal functionality. In most cases, 1 minute is probably sufficient. If, however, you have concerns that your BGP network may not be capable of fully re-establishing and re-learning everything in 1 minute, you can increase the duration up to 5 minutes.
+        :param sns_notifications_enabled: Indicates whether SNS notifications are enabled for the route server. Enabling SNS notifications persists BGP status changes to an SNS topic provisioned by AWS .
+        :param tags: Any tags assigned to the route server.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserver.html
         :exampleMetadata: fixture=_generated
@@ -43483,7 +43506,9 @@ class CfnRouteServerProps:
 
     @builtins.property
     def amazon_side_asn(self) -> jsii.Number:
-        '''The Amazon-side ASN of the Route Server.
+        '''The Border Gateway Protocol (BGP) Autonomous System Number (ASN) for the appliance.
+
+        Valid values are from 1 to 4294967295. We recommend using a private ASN in the 64512–65534 (16-bit ASN) or 4200000000–4294967294 (32-bit ASN) range.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserver.html#cfn-ec2-routeserver-amazonsideasn
         '''
@@ -43493,7 +43518,7 @@ class CfnRouteServerProps:
 
     @builtins.property
     def persist_routes(self) -> typing.Optional[builtins.str]:
-        '''Whether to enable persistent routes.
+        '''Indicates whether routes should be persisted after all BGP sessions are terminated.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserver.html#cfn-ec2-routeserver-persistroutes
         '''
@@ -43502,7 +43527,11 @@ class CfnRouteServerProps:
 
     @builtins.property
     def persist_routes_duration(self) -> typing.Optional[jsii.Number]:
-        '''The duration of persistent routes in minutes.
+        '''The number of minutes a route server will wait after BGP is re-established to unpersist the routes in the FIB and RIB.
+
+        Value must be in the range of 1-5. The default value is 1. Only valid if ``persistRoutesState`` is 'enabled'.
+
+        If you set the duration to 1 minute, then when your network appliance re-establishes BGP with route server, it has 1 minute to relearn it's adjacent network and advertise those routes to route server before route server resumes normal functionality. In most cases, 1 minute is probably sufficient. If, however, you have concerns that your BGP network may not be capable of fully re-establishing and re-learning everything in 1 minute, you can increase the duration up to 5 minutes.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserver.html#cfn-ec2-routeserver-persistroutesduration
         '''
@@ -43513,7 +43542,9 @@ class CfnRouteServerProps:
     def sns_notifications_enabled(
         self,
     ) -> typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]]:
-        '''Whether to enable SNS notifications.
+        '''Indicates whether SNS notifications are enabled for the route server.
+
+        Enabling SNS notifications persists BGP status changes to an SNS topic provisioned by AWS .
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserver.html#cfn-ec2-routeserver-snsnotificationsenabled
         '''
@@ -43522,7 +43553,7 @@ class CfnRouteServerProps:
 
     @builtins.property
     def tags(self) -> typing.Optional[typing.List[_CfnTag_f6864754]]:
-        '''An array of key-value pairs to apply to this resource.
+        '''Any tags assigned to the route server.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-routeserver.html#cfn-ec2-routeserver-tags
         '''
@@ -43762,6 +43793,8 @@ class CfnSecurityGroup(
 
     If you do not specify an egress rule, we add egress rules that allow outbound IPv4 and IPv6 traffic on all ports and protocols to any destination. We do not add these rules if you specify your own egress rules.
 
+    If you modify a rule, CloudFormation removes the existing rule and then adds a new rule. There is a brief period when neither the original rule or the new rule exists, so the corresponding traffic is dropped.
+
     This type supports updates. For more information about updating stacks, see `AWS CloudFormation Stacks Updates <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks.html>`_ .
     .. epigraph::
 
@@ -43833,8 +43866,8 @@ class CfnSecurityGroup(
         :param id: Construct identifier for this resource (unique in its scope).
         :param group_description: A description for the security group. Constraints: Up to 255 characters in length Valid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
         :param group_name: The name of the security group. Names are case-insensitive and must be unique within the VPC. Constraints: Up to 255 characters in length. Can't start with ``sg-`` . Valid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
-        :param security_group_egress: The outbound rules associated with the security group. There is a short interruption during which you cannot connect to the security group.
-        :param security_group_ingress: The inbound rules associated with the security group. There is a short interruption during which you cannot connect to the security group.
+        :param security_group_egress: The outbound rules associated with the security group.
+        :param security_group_ingress: The inbound rules associated with the security group.
         :param tags: Any tags assigned to the security group.
         :param vpc_id: The ID of the VPC for the security group. If you do not specify a VPC, the default is to use the default VPC for the Region. If there's no specified VPC and no default VPC, security group creation fails.
         '''
@@ -45518,8 +45551,8 @@ class CfnSecurityGroupProps:
 
         :param group_description: A description for the security group. Constraints: Up to 255 characters in length Valid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
         :param group_name: The name of the security group. Names are case-insensitive and must be unique within the VPC. Constraints: Up to 255 characters in length. Can't start with ``sg-`` . Valid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
-        :param security_group_egress: The outbound rules associated with the security group. There is a short interruption during which you cannot connect to the security group.
-        :param security_group_ingress: The inbound rules associated with the security group. There is a short interruption during which you cannot connect to the security group.
+        :param security_group_egress: The outbound rules associated with the security group.
+        :param security_group_ingress: The inbound rules associated with the security group.
         :param tags: Any tags assigned to the security group.
         :param vpc_id: The ID of the VPC for the security group. If you do not specify a VPC, the default is to use the default VPC for the Region. If there's no specified VPC and no default VPC, security group creation fails.
 
@@ -45625,8 +45658,6 @@ class CfnSecurityGroupProps:
     ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, CfnSecurityGroup.EgressProperty]]]]:
         '''The outbound rules associated with the security group.
 
-        There is a short interruption during which you cannot connect to the security group.
-
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-securitygroup.html#cfn-ec2-securitygroup-securitygroupegress
         '''
         result = self._values.get("security_group_egress")
@@ -45638,8 +45669,6 @@ class CfnSecurityGroupProps:
     ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, CfnSecurityGroup.IngressProperty]]]]:
         '''The inbound rules associated with the security group.
 
-        There is a short interruption during which you cannot connect to the security group.
-
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-securitygroup.html#cfn-ec2-securitygroup-securitygroupingress
         '''
         result = self._values.get("security_group_ingress")