aws-cdk-lib 2.198.0__py3-none-any.whl → 2.199.0__py3-none-any.whl

aws_cdk/aws_ec2/__init__.py

@@ -644,6 +644,14 @@ stack2 = Stack2(app, "Stack2",
 )
 ```
 
+> Note: If you encounter an error like "Delete canceled. Cannot delete export ..."
+> when using a cross-stack reference to a VPC, it's likely due to CloudFormation
+> export/import constraints. In such cases, it's safer to use Vpc.fromLookup()
+> in the consuming stack instead of directly referencing the VPC object, more details
+> is provided in [Importing an existing VPC](#importing-an-existing-vpc). This
+> avoids creating CloudFormation exports and gives more flexibility, especially
+> when stacks need to be deleted or updated independently.
+
 ### Importing an existing VPC
 
 If your VPC is created outside your CDK app, you can use `Vpc.fromLookup()`.
@@ -90525,15 +90533,18 @@ class SecurityGroup(
 
     Example::
 
-        # vpc: ec2.Vpc
-        
+        vpc = ec2.Vpc(self, "Vpc", max_azs=1)
+        cluster = ecs.Cluster(self, "EcsCluster", vpc=vpc)
+        security_group = ec2.SecurityGroup(self, "SG", vpc=vpc)
         
-        my_security_group = ec2.SecurityGroup(self, "SecurityGroup", vpc=vpc)
-        autoscaling.AutoScalingGroup(self, "ASG",
-            vpc=vpc,
-            instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO),
-            machine_image=ec2.MachineImage.latest_amazon_linux2(),
-            security_group=my_security_group
+        scheduled_fargate_task = ecs_patterns.ScheduledFargateTask(self, "ScheduledFargateTask",
+            cluster=cluster,
+            scheduled_fargate_task_image_options=ecsPatterns.ScheduledFargateTaskImageOptions(
+                image=ecs.ContainerImage.from_registry("amazon/amazon-ecs-sample"),
+                memory_limit_mi_b=512
+            ),
+            schedule=appscaling.Schedule.expression("rate(1 minute)"),
+            security_groups=[security_group]
         )
     '''
 

aws_cdk/aws_ecs_patterns/__init__.py

@@ -249,7 +249,9 @@ load_balanced_fargate_service = ecs_patterns.NetworkMultipleTargetGroupsFargateS
         container_port=90,
         listener="listener2"
     )
-    ]
+    ],
+    min_healthy_percent=100,
+    max_healthy_percent=200
 )
 ```
 
@@ -12688,7 +12690,9 @@ class NetworkMultipleTargetGroupsFargateService(
                 container_port=90,
                 listener="listener2"
             )
-            ]
+            ],
+            min_healthy_percent=100,
+            max_healthy_percent=200
         )
     '''
 
@@ -12698,6 +12702,8 @@ class NetworkMultipleTargetGroupsFargateService(
         id: builtins.str,
         *,
         assign_public_ip: typing.Optional[builtins.bool] = None,
+        max_healthy_percent: typing.Optional[jsii.Number] = None,
+        min_healthy_percent: typing.Optional[jsii.Number] = None,
         cloud_map_options: typing.Optional[typing.Union[_CloudMapOptions_444ee9f2, typing.Dict[builtins.str, typing.Any]]] = None,
         cluster: typing.Optional[_ICluster_16cddd09] = None,
         desired_count: typing.Optional[jsii.Number] = None,
@@ -12722,6 +12728,8 @@ class NetworkMultipleTargetGroupsFargateService(
         :param scope: -
         :param id: -
         :param assign_public_ip: Determines whether the service will be assigned a public IP address. Default: false
+        :param max_healthy_percent: The maximum number of tasks, specified as a percentage of the Amazon ECS service's DesiredCount value, that can run in a service during a deployment. Default: - 200%
+        :param min_healthy_percent: The minimum number of tasks, specified as a percentage of the Amazon ECS service's DesiredCount value, that must continue to run and remain healthy during a deployment. Default: - 50%
         :param cloud_map_options: The options for configuring an Amazon ECS service to use service discovery. Default: - AWS Cloud Map service discovery is not enabled.
         :param cluster: The name of the cluster that hosts the service. If a cluster is specified, the vpc construct should be omitted. Alternatively, you can omit both cluster and vpc. Default: - create a new cluster; if both cluster and vpc are omitted, a new VPC will be created for you.
         :param desired_count: The desired number of instantiations of the task definition to keep running on the service. The minimum value is 1 Default: - The default is 1 for all new services and uses the existing service's desired count when updating an existing service.
@@ -12747,6 +12755,8 @@ class NetworkMultipleTargetGroupsFargateService(
             check_type(argname="argument id", value=id, expected_type=type_hints["id"])
         props = NetworkMultipleTargetGroupsFargateServiceProps(
             assign_public_ip=assign_public_ip,
+            max_healthy_percent=max_healthy_percent,
+            min_healthy_percent=min_healthy_percent,
             cloud_map_options=cloud_map_options,
             cluster=cluster,
             desired_count=desired_count,
@@ -12830,6 +12840,8 @@ class NetworkMultipleTargetGroupsFargateService(
         "runtime_platform": "runtimePlatform",
         "task_definition": "taskDefinition",
         "assign_public_ip": "assignPublicIp",
+        "max_healthy_percent": "maxHealthyPercent",
+        "min_healthy_percent": "minHealthyPercent",
     },
 )
 class NetworkMultipleTargetGroupsFargateServiceProps(
@@ -12858,6 +12870,8 @@ class NetworkMultipleTargetGroupsFargateServiceProps(
         runtime_platform: typing.Optional[typing.Union[_RuntimePlatform_5ed98a9c, typing.Dict[builtins.str, typing.Any]]] = None,
         task_definition: typing.Optional[_FargateTaskDefinition_83754b60] = None,
         assign_public_ip: typing.Optional[builtins.bool] = None,
+        max_healthy_percent: typing.Optional[jsii.Number] = None,
+        min_healthy_percent: typing.Optional[jsii.Number] = None,
     ) -> None:
         '''The properties for the NetworkMultipleTargetGroupsFargateService service.
 
@@ -12880,6 +12894,8 @@ class NetworkMultipleTargetGroupsFargateServiceProps(
         :param runtime_platform: The runtime platform of the task definition. Default: - If the property is undefined, ``operatingSystemFamily`` is LINUX and ``cpuArchitecture`` is X86_64
         :param task_definition: The task definition to use for tasks in the service. TaskDefinition or TaskImageOptions must be specified, but not both. [disable-awslint:ref-via-interface] Default: - none
         :param assign_public_ip: Determines whether the service will be assigned a public IP address. Default: false
+        :param max_healthy_percent: The maximum number of tasks, specified as a percentage of the Amazon ECS service's DesiredCount value, that can run in a service during a deployment. Default: - 200%
+        :param min_healthy_percent: The minimum number of tasks, specified as a percentage of the Amazon ECS service's DesiredCount value, that must continue to run and remain healthy during a deployment. Default: - 50%
 
         :exampleMetadata: infused
 
@@ -12915,7 +12931,9 @@ class NetworkMultipleTargetGroupsFargateServiceProps(
                     container_port=90,
                     listener="listener2"
                 )
-                ]
+                ],
+                min_healthy_percent=100,
+                max_healthy_percent=200
             )
         '''
         if isinstance(cloud_map_options, dict):
@@ -12945,6 +12963,8 @@ class NetworkMultipleTargetGroupsFargateServiceProps(
             check_type(argname="argument runtime_platform", value=runtime_platform, expected_type=type_hints["runtime_platform"])
             check_type(argname="argument task_definition", value=task_definition, expected_type=type_hints["task_definition"])
             check_type(argname="argument assign_public_ip", value=assign_public_ip, expected_type=type_hints["assign_public_ip"])
+            check_type(argname="argument max_healthy_percent", value=max_healthy_percent, expected_type=type_hints["max_healthy_percent"])
+            check_type(argname="argument min_healthy_percent", value=min_healthy_percent, expected_type=type_hints["min_healthy_percent"])
         self._values: typing.Dict[builtins.str, typing.Any] = {}
         if cloud_map_options is not None:
             self._values["cloud_map_options"] = cloud_map_options
@@ -12984,6 +13004,10 @@ class NetworkMultipleTargetGroupsFargateServiceProps(
             self._values["task_definition"] = task_definition
         if assign_public_ip is not None:
             self._values["assign_public_ip"] = assign_public_ip
+        if max_healthy_percent is not None:
+            self._values["max_healthy_percent"] = max_healthy_percent
+        if min_healthy_percent is not None:
+            self._values["min_healthy_percent"] = min_healthy_percent
 
     @builtins.property
     def cloud_map_options(self) -> typing.Optional[_CloudMapOptions_444ee9f2]:
@@ -13219,6 +13243,24 @@ class NetworkMultipleTargetGroupsFargateServiceProps(
         result = self._values.get("assign_public_ip")
         return typing.cast(typing.Optional[builtins.bool], result)
 
+    @builtins.property
+    def max_healthy_percent(self) -> typing.Optional[jsii.Number]:
+        '''The maximum number of tasks, specified as a percentage of the Amazon ECS service's DesiredCount value, that can run in a service during a deployment.
+
+        :default: - 200%
+        '''
+        result = self._values.get("max_healthy_percent")
+        return typing.cast(typing.Optional[jsii.Number], result)
+
+    @builtins.property
+    def min_healthy_percent(self) -> typing.Optional[jsii.Number]:
+        '''The minimum number of tasks, specified as a percentage of the Amazon ECS service's DesiredCount value, that must continue to run and remain healthy during a deployment.
+
+        :default: - 50%
+        '''
+        result = self._values.get("min_healthy_percent")
+        return typing.cast(typing.Optional[jsii.Number], result)
+
     def __eq__(self, rhs: typing.Any) -> builtins.bool:
         return isinstance(rhs, self.__class__) and rhs._values == self._values
 
@@ -17595,6 +17637,8 @@ def _typecheckingstub__d0896ef010a141982cad4e6363ddf5474e1d63a5c38dc712f84a1d13e
     id: builtins.str,
     *,
     assign_public_ip: typing.Optional[builtins.bool] = None,
+    max_healthy_percent: typing.Optional[jsii.Number] = None,
+    min_healthy_percent: typing.Optional[jsii.Number] = None,
     cloud_map_options: typing.Optional[typing.Union[_CloudMapOptions_444ee9f2, typing.Dict[builtins.str, typing.Any]]] = None,
     cluster: typing.Optional[_ICluster_16cddd09] = None,
     desired_count: typing.Optional[jsii.Number] = None,
@@ -17638,6 +17682,8 @@ def _typecheckingstub__052b2be34bb887cde358099c21efe7f3e968827a5a4e4c975e35f96da
     runtime_platform: typing.Optional[typing.Union[_RuntimePlatform_5ed98a9c, typing.Dict[builtins.str, typing.Any]]] = None,
     task_definition: typing.Optional[_FargateTaskDefinition_83754b60] = None,
     assign_public_ip: typing.Optional[builtins.bool] = None,
+    max_healthy_percent: typing.Optional[jsii.Number] = None,
+    min_healthy_percent: typing.Optional[jsii.Number] = None,
 ) -> None:
     """Type checking stubs"""
     pass

aws_cdk/aws_eks/__init__.py

@@ -1976,10 +1976,13 @@ load_balancer_address = cluster.get_service_load_balancer_address("my-service")
 
 eks.Addon(self, "Addon",
     cluster=cluster,
-    addon_name="aws-guardduty-agent",
-    addon_version="v1.6.1",
+    addon_name="coredns",
+    addon_version="v1.11.4-eksbuild.2",
     # whether to preserve the add-on software on your cluster but Amazon EKS stops managing any settings for the add-on.
-    preserve_on_delete=False
+    preserve_on_delete=False,
+    configuration_values={
+        "replica_count": 2
+    }
 )
 ```
 
@@ -2808,6 +2811,7 @@ class AddonAttributes:
         "addon_name": "addonName",
         "cluster": "cluster",
         "addon_version": "addonVersion",
+        "configuration_values": "configurationValues",
         "preserve_on_delete": "preserveOnDelete",
     },
 )
@@ -2818,6 +2822,7 @@ class AddonProps:
         addon_name: builtins.str,
         cluster: "ICluster",
         addon_version: typing.Optional[builtins.str] = None,
+        configuration_values: typing.Optional[typing.Mapping[builtins.str, typing.Any]] = None,
         preserve_on_delete: typing.Optional[builtins.bool] = None,
     ) -> None:
         '''Properties for creating an Amazon EKS Add-On.
@@ -2825,6 +2830,7 @@ class AddonProps:
         :param addon_name: Name of the Add-On.
         :param cluster: The EKS cluster the Add-On is associated with.
         :param addon_version: Version of the Add-On. You can check all available versions with describe-addon-versions. For example, this lists all available versions for the ``eks-pod-identity-agent`` addon: $ aws eks describe-addon-versions --addon-name eks-pod-identity-agent --query 'addons[*].addonVersions[*].addonVersion' Default: the latest version.
+        :param configuration_values: The configuration values for the Add-on. Default: - Use default configuration.
         :param preserve_on_delete: Specifying this option preserves the add-on software on your cluster but Amazon EKS stops managing any settings for the add-on. If an IAM account is associated with the add-on, it isn't removed. Default: true
 
         :exampleMetadata: infused
@@ -2836,10 +2842,13 @@ class AddonProps:
             
             eks.Addon(self, "Addon",
                 cluster=cluster,
-                addon_name="aws-guardduty-agent",
-                addon_version="v1.6.1",
+                addon_name="coredns",
+                addon_version="v1.11.4-eksbuild.2",
                 # whether to preserve the add-on software on your cluster but Amazon EKS stops managing any settings for the add-on.
-                preserve_on_delete=False
+                preserve_on_delete=False,
+                configuration_values={
+                    "replica_count": 2
+                }
             )
         '''
         if __debug__:
@@ -2847,6 +2856,7 @@ class AddonProps:
             check_type(argname="argument addon_name", value=addon_name, expected_type=type_hints["addon_name"])
             check_type(argname="argument cluster", value=cluster, expected_type=type_hints["cluster"])
             check_type(argname="argument addon_version", value=addon_version, expected_type=type_hints["addon_version"])
+            check_type(argname="argument configuration_values", value=configuration_values, expected_type=type_hints["configuration_values"])
             check_type(argname="argument preserve_on_delete", value=preserve_on_delete, expected_type=type_hints["preserve_on_delete"])
         self._values: typing.Dict[builtins.str, typing.Any] = {
             "addon_name": addon_name,
@@ -2854,6 +2864,8 @@ class AddonProps:
         }
         if addon_version is not None:
             self._values["addon_version"] = addon_version
+        if configuration_values is not None:
+            self._values["configuration_values"] = configuration_values
         if preserve_on_delete is not None:
             self._values["preserve_on_delete"] = preserve_on_delete
 
@@ -2885,6 +2897,17 @@ class AddonProps:
         result = self._values.get("addon_version")
         return typing.cast(typing.Optional[builtins.str], result)
 
+    @builtins.property
+    def configuration_values(
+        self,
+    ) -> typing.Optional[typing.Mapping[builtins.str, typing.Any]]:
+        '''The configuration values for the Add-on.
+
+        :default: - Use default configuration.
+        '''
+        result = self._values.get("configuration_values")
+        return typing.cast(typing.Optional[typing.Mapping[builtins.str, typing.Any]], result)
+
     @builtins.property
     def preserve_on_delete(self) -> typing.Optional[builtins.bool]:
         '''Specifying this option preserves the add-on software on your cluster but Amazon EKS stops managing any settings for the add-on.
@@ -18415,10 +18438,13 @@ class Addon(
         
         eks.Addon(self, "Addon",
             cluster=cluster,
-            addon_name="aws-guardduty-agent",
-            addon_version="v1.6.1",
+            addon_name="coredns",
+            addon_version="v1.11.4-eksbuild.2",
             # whether to preserve the add-on software on your cluster but Amazon EKS stops managing any settings for the add-on.
-            preserve_on_delete=False
+            preserve_on_delete=False,
+            configuration_values={
+                "replica_count": 2
+            }
         )
     '''
 
@@ -18430,6 +18456,7 @@ class Addon(
         addon_name: builtins.str,
         cluster: ICluster,
         addon_version: typing.Optional[builtins.str] = None,
+        configuration_values: typing.Optional[typing.Mapping[builtins.str, typing.Any]] = None,
         preserve_on_delete: typing.Optional[builtins.bool] = None,
     ) -> None:
         '''Creates a new Amazon EKS Add-On.
@@ -18439,6 +18466,7 @@ class Addon(
         :param addon_name: Name of the Add-On.
         :param cluster: The EKS cluster the Add-On is associated with.
         :param addon_version: Version of the Add-On. You can check all available versions with describe-addon-versions. For example, this lists all available versions for the ``eks-pod-identity-agent`` addon: $ aws eks describe-addon-versions --addon-name eks-pod-identity-agent --query 'addons[*].addonVersions[*].addonVersion' Default: the latest version.
+        :param configuration_values: The configuration values for the Add-on. Default: - Use default configuration.
         :param preserve_on_delete: Specifying this option preserves the add-on software on your cluster but Amazon EKS stops managing any settings for the add-on. If an IAM account is associated with the add-on, it isn't removed. Default: true
         '''
         if __debug__:
@@ -18449,6 +18477,7 @@ class Addon(
             addon_name=addon_name,
             cluster=cluster,
             addon_version=addon_version,
+            configuration_values=configuration_values,
             preserve_on_delete=preserve_on_delete,
         )
 
@@ -21808,6 +21837,7 @@ def _typecheckingstub__febc9f6cb4243d885b1b1838be38d633e7c5fc6534eaaf731f00a2465
     addon_name: builtins.str,
     cluster: ICluster,
     addon_version: typing.Optional[builtins.str] = None,
+    configuration_values: typing.Optional[typing.Mapping[builtins.str, typing.Any]] = None,
     preserve_on_delete: typing.Optional[builtins.bool] = None,
 ) -> None:
     """Type checking stubs"""
@@ -23585,6 +23615,7 @@ def _typecheckingstub__a8342124e215d4789acf852df764143c4809251dbcaa86f6b4a11860e
     addon_name: builtins.str,
     cluster: ICluster,
     addon_version: typing.Optional[builtins.str] = None,
+    configuration_values: typing.Optional[typing.Mapping[builtins.str, typing.Any]] = None,
     preserve_on_delete: typing.Optional[builtins.bool] = None,
 ) -> None:
     """Type checking stubs"""

aws_cdk/aws_events_targets/__init__.py

@@ -27,6 +27,7 @@ Currently supported are:
     * [Assign public IP addresses to tasks](#assign-public-ip-addresses-to-tasks)
     * [Enable Amazon ECS Exec for ECS Task](#enable-amazon-ecs-exec-for-ecs-task)
   * [Run a Redshift query](#schedule-a-redshift-query-serverless-or-cluster)
+  * [Publish to an SNS topic](#publish-to-an-sns-topic)
 
 See the README of the `aws-cdk-lib/aws-events` library for more information on
 EventBridge.
@@ -624,6 +625,40 @@ rule.add_target(targets.RedshiftQuery(workgroup.attr_workgroup_workgroup_arn,
     sql=["SELECT * FROM foo", "SELECT * FROM baz"]
 ))
 ```
+
+## Publish to an SNS Topic
+
+Use the `SnsTopic` target to publish to an SNS Topic.
+
+The code snippet below creates the scheduled event rule that publishes to an SNS Topic using a resource policy.
+
+```python
+import aws_cdk.aws_sns as sns
+
+# topic: sns.ITopic
+
+
+rule = events.Rule(self, "Rule",
+    schedule=events.Schedule.rate(cdk.Duration.hours(1))
+)
+
+rule.add_target(targets.SnsTopic(topic))
+```
+
+Alternatively, a role can be attached to the target when the rule is triggered.
+
+```python
+import aws_cdk.aws_sns as sns
+
+# topic: sns.ITopic
+
+
+rule = events.Rule(self, "Rule",
+    schedule=events.Schedule.rate(cdk.Duration.hours(1))
+)
+
+rule.add_target(targets.SnsTopic(topic, authorize_using_role=True))
+```
 '''
 from pkgutil import extend_path
 __path__ = extend_path(__path__, __name__)
@@ -3302,14 +3337,18 @@ class SnsTopic(
         self,
         topic: _ITopic_9eca4852,
         *,
+        authorize_using_role: typing.Optional[builtins.bool] = None,
         message: typing.Optional[_RuleTargetInput_6beca786] = None,
+        role: typing.Optional[_IRole_235f5d8e] = None,
         dead_letter_queue: typing.Optional[_IQueue_7ed6f679] = None,
         max_event_age: typing.Optional[_Duration_4839e8c3] = None,
         retry_attempts: typing.Optional[jsii.Number] = None,
     ) -> None:
         '''
         :param topic: -
+        :param authorize_using_role: Specifies whether an IAM role should be used to publish to the topic. Default: - true if ``role`` is provided, false otherwise
         :param message: The message to send to the topic. Default: the entire EventBridge event
+        :param role: The IAM role to be used to publish to the topic. Default: - a new role will be created if ``authorizeUsingRole`` is true
         :param dead_letter_queue: The SQS queue to be used as deadLetterQueue. Check out the `considerations for using a dead-letter queue <https://docs.aws.amazon.com/eventbridge/latest/userguide/rule-dlq.html#dlq-considerations>`_. The events not successfully delivered are automatically retried for a specified period of time, depending on the retry policy of the target. If an event is not delivered before all retry attempts are exhausted, it will be sent to the dead letter queue. Default: - no dead-letter queue
         :param max_event_age: The maximum age of a request that Lambda sends to a function for processing. Minimum value of 60. Maximum value of 86400. Default: Duration.hours(24)
         :param retry_attempts: The maximum number of times to retry when the function returns an error. Minimum value of 0. Maximum value of 185. Default: 185
@@ -3318,7 +3357,9 @@ class SnsTopic(
             type_hints = typing.get_type_hints(_typecheckingstub__b58aa74b2a717b90ef291556746b786df8882b8158b4b3255bf88691dbd8fd07)
             check_type(argname="argument topic", value=topic, expected_type=type_hints["topic"])
         props = SnsTopicProps(
+            authorize_using_role=authorize_using_role,
             message=message,
+            role=role,
             dead_letter_queue=dead_letter_queue,
             max_event_age=max_event_age,
             retry_attempts=retry_attempts,
@@ -5722,7 +5763,9 @@ class SfnStateMachineProps(TargetBaseProps):
         "dead_letter_queue": "deadLetterQueue",
         "max_event_age": "maxEventAge",
         "retry_attempts": "retryAttempts",
+        "authorize_using_role": "authorizeUsingRole",
         "message": "message",
+        "role": "role",
     },
 )
 class SnsTopicProps(TargetBaseProps):
@@ -5732,14 +5775,18 @@ class SnsTopicProps(TargetBaseProps):
         dead_letter_queue: typing.Optional[_IQueue_7ed6f679] = None,
         max_event_age: typing.Optional[_Duration_4839e8c3] = None,
         retry_attempts: typing.Optional[jsii.Number] = None,
+        authorize_using_role: typing.Optional[builtins.bool] = None,
         message: typing.Optional[_RuleTargetInput_6beca786] = None,
+        role: typing.Optional[_IRole_235f5d8e] = None,
     ) -> None:
         '''Customize the SNS Topic Event Target.
 
         :param dead_letter_queue: The SQS queue to be used as deadLetterQueue. Check out the `considerations for using a dead-letter queue <https://docs.aws.amazon.com/eventbridge/latest/userguide/rule-dlq.html#dlq-considerations>`_. The events not successfully delivered are automatically retried for a specified period of time, depending on the retry policy of the target. If an event is not delivered before all retry attempts are exhausted, it will be sent to the dead letter queue. Default: - no dead-letter queue
         :param max_event_age: The maximum age of a request that Lambda sends to a function for processing. Minimum value of 60. Maximum value of 86400. Default: Duration.hours(24)
         :param retry_attempts: The maximum number of times to retry when the function returns an error. Minimum value of 0. Maximum value of 185. Default: 185
+        :param authorize_using_role: Specifies whether an IAM role should be used to publish to the topic. Default: - true if ``role`` is provided, false otherwise
         :param message: The message to send to the topic. Default: the entire EventBridge event
+        :param role: The IAM role to be used to publish to the topic. Default: - a new role will be created if ``authorizeUsingRole`` is true
 
         :exampleMetadata: infused
 
@@ -5750,7 +5797,9 @@ class SnsTopicProps(TargetBaseProps):
             
             
             on_commit_rule.add_target(targets.SnsTopic(topic,
-                message=events.RuleTargetInput.from_text(f"A commit was pushed to the repository {codecommit.ReferenceEvent.repositoryName} on branch {codecommit.ReferenceEvent.referenceName}")
+                message=events.RuleTargetInput.from_object({
+                    "DataType": f"custom_{events.EventField.fromPath('$.detail-type')}"
+                })
             ))
         '''
         if __debug__:
@@ -5758,7 +5807,9 @@ class SnsTopicProps(TargetBaseProps):
             check_type(argname="argument dead_letter_queue", value=dead_letter_queue, expected_type=type_hints["dead_letter_queue"])
             check_type(argname="argument max_event_age", value=max_event_age, expected_type=type_hints["max_event_age"])
             check_type(argname="argument retry_attempts", value=retry_attempts, expected_type=type_hints["retry_attempts"])
+            check_type(argname="argument authorize_using_role", value=authorize_using_role, expected_type=type_hints["authorize_using_role"])
             check_type(argname="argument message", value=message, expected_type=type_hints["message"])
+            check_type(argname="argument role", value=role, expected_type=type_hints["role"])
         self._values: typing.Dict[builtins.str, typing.Any] = {}
         if dead_letter_queue is not None:
             self._values["dead_letter_queue"] = dead_letter_queue
@@ -5766,8 +5817,12 @@ class SnsTopicProps(TargetBaseProps):
             self._values["max_event_age"] = max_event_age
         if retry_attempts is not None:
             self._values["retry_attempts"] = retry_attempts
+        if authorize_using_role is not None:
+            self._values["authorize_using_role"] = authorize_using_role
         if message is not None:
             self._values["message"] = message
+        if role is not None:
+            self._values["role"] = role
 
     @builtins.property
     def dead_letter_queue(self) -> typing.Optional[_IQueue_7ed6f679]:
@@ -5806,6 +5861,15 @@ class SnsTopicProps(TargetBaseProps):
         result = self._values.get("retry_attempts")
         return typing.cast(typing.Optional[jsii.Number], result)
 
+    @builtins.property
+    def authorize_using_role(self) -> typing.Optional[builtins.bool]:
+        '''Specifies whether an IAM role should be used to publish to the topic.
+
+        :default: - true if ``role`` is provided, false otherwise
+        '''
+        result = self._values.get("authorize_using_role")
+        return typing.cast(typing.Optional[builtins.bool], result)
+
     @builtins.property
     def message(self) -> typing.Optional[_RuleTargetInput_6beca786]:
         '''The message to send to the topic.
@@ -5815,6 +5879,15 @@ class SnsTopicProps(TargetBaseProps):
         result = self._values.get("message")
         return typing.cast(typing.Optional[_RuleTargetInput_6beca786], result)
 
+    @builtins.property
+    def role(self) -> typing.Optional[_IRole_235f5d8e]:
+        '''The IAM role to be used to publish to the topic.
+
+        :default: - a new role will be created if ``authorizeUsingRole`` is true
+        '''
+        result = self._values.get("role")
+        return typing.cast(typing.Optional[_IRole_235f5d8e], result)
+
     def __eq__(self, rhs: typing.Any) -> builtins.bool:
         return isinstance(rhs, self.__class__) and rhs._values == self._values
 
@@ -6428,7 +6501,9 @@ def _typecheckingstub__0e0733fbe09a8310edfc7237ca759e925b3db6d25ad43627fcf4f165c
 def _typecheckingstub__b58aa74b2a717b90ef291556746b786df8882b8158b4b3255bf88691dbd8fd07(
     topic: _ITopic_9eca4852,
     *,
+    authorize_using_role: typing.Optional[builtins.bool] = None,
     message: typing.Optional[_RuleTargetInput_6beca786] = None,
+    role: typing.Optional[_IRole_235f5d8e] = None,
     dead_letter_queue: typing.Optional[_IQueue_7ed6f679] = None,
     max_event_age: typing.Optional[_Duration_4839e8c3] = None,
     retry_attempts: typing.Optional[jsii.Number] = None,
@@ -6641,7 +6716,9 @@ def _typecheckingstub__29b5b095e8884167f8f78e4ccfc6cd844ecb24d73c2e229d24c0a7a18
     dead_letter_queue: typing.Optional[_IQueue_7ed6f679] = None,
     max_event_age: typing.Optional[_Duration_4839e8c3] = None,
     retry_attempts: typing.Optional[jsii.Number] = None,
+    authorize_using_role: typing.Optional[builtins.bool] = None,
     message: typing.Optional[_RuleTargetInput_6beca786] = None,
+    role: typing.Optional[_IRole_235f5d8e] = None,
 ) -> None:
     """Type checking stubs"""
     pass

aws_cdk/aws_rds/__init__.py

@@ -21423,7 +21423,7 @@ class DatabaseClusterFromSnapshotProps:
         :param snapshot_credentials: Master user credentials. Note - It is not possible to change the master username for a snapshot; however, it is possible to provide (or generate) a new password. Default: - The existing username and password from the snapshot will be used.
         :param storage_encrypted: Whether to enable storage encryption. Default: - true if storageEncryptionKey is provided, false otherwise
         :param storage_encryption_key: The KMS key for storage encryption. If specified, ``storageEncrypted`` will be set to ``true``. Default: - if storageEncrypted is true then the default master key, no key otherwise
-        :param storage_type: The storage type to be associated with the DB cluster. Default: - DBClusterStorageType.AURORA_IOPT1
+        :param storage_type: The storage type to be associated with the DB cluster. Default: - DBClusterStorageType.AURORA
         :param subnet_group: Existing subnet group for the cluster. Default: - a new subnet group will be created.
         :param vpc: What subnets to run the RDS instances in. Must be at least 2 subnets in two different AZs.
         :param vpc_subnets: Where to place the instances within the VPC. Default: - the Vpc default strategy if not specified.
@@ -22198,7 +22198,7 @@ class DatabaseClusterFromSnapshotProps:
     def storage_type(self) -> typing.Optional[DBClusterStorageType]:
         '''The storage type to be associated with the DB cluster.
 
-        :default: - DBClusterStorageType.AURORA_IOPT1
+        :default: - DBClusterStorageType.AURORA
         '''
         result = self._values.get("storage_type")
         return typing.cast(typing.Optional[DBClusterStorageType], result)
@@ -22418,7 +22418,7 @@ class DatabaseClusterProps:
         :param serverless_v2_min_capacity: The minimum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 8, 8.5, 9, and so on. The smallest value that you can use is 0. For Aurora versions that support the Aurora Serverless v2 auto-pause feature, the smallest value that you can use is 0. For versions that don't support Aurora Serverless v2 auto-pause, the smallest value that you can use is 0.5. Default: 0.5
         :param storage_encrypted: Whether to enable storage encryption. Default: - true if storageEncryptionKey is provided, false otherwise
         :param storage_encryption_key: The KMS key for storage encryption. If specified, ``storageEncrypted`` will be set to ``true``. Default: - if storageEncrypted is true then the default master key, no key otherwise
-        :param storage_type: The storage type to be associated with the DB cluster. Default: - DBClusterStorageType.AURORA_IOPT1
+        :param storage_type: The storage type to be associated with the DB cluster. Default: - DBClusterStorageType.AURORA
         :param subnet_group: Existing subnet group for the cluster. Default: - a new subnet group will be created.
         :param vpc: What subnets to run the RDS instances in. Must be at least 2 subnets in two different AZs.
         :param vpc_subnets: Where to place the instances within the VPC. Default: - the Vpc default strategy if not specified.
@@ -23176,7 +23176,7 @@ class DatabaseClusterProps:
     def storage_type(self) -> typing.Optional[DBClusterStorageType]:
         '''The storage type to be associated with the DB cluster.
 
-        :default: - DBClusterStorageType.AURORA_IOPT1
+        :default: - DBClusterStorageType.AURORA
         '''
         result = self._values.get("storage_type")
         return typing.cast(typing.Optional[DBClusterStorageType], result)
@@ -42728,7 +42728,7 @@ class DatabaseClusterFromSnapshot(
         :param snapshot_credentials: Master user credentials. Note - It is not possible to change the master username for a snapshot; however, it is possible to provide (or generate) a new password. Default: - The existing username and password from the snapshot will be used.
         :param storage_encrypted: Whether to enable storage encryption. Default: - true if storageEncryptionKey is provided, false otherwise
         :param storage_encryption_key: The KMS key for storage encryption. If specified, ``storageEncrypted`` will be set to ``true``. Default: - if storageEncrypted is true then the default master key, no key otherwise
-        :param storage_type: The storage type to be associated with the DB cluster. Default: - DBClusterStorageType.AURORA_IOPT1
+        :param storage_type: The storage type to be associated with the DB cluster. Default: - DBClusterStorageType.AURORA
         :param subnet_group: Existing subnet group for the cluster. Default: - a new subnet group will be created.
         :param vpc: What subnets to run the RDS instances in. Must be at least 2 subnets in two different AZs.
         :param vpc_subnets: Where to place the instances within the VPC. Default: - the Vpc default strategy if not specified.
@@ -46936,7 +46936,7 @@ class DatabaseCluster(
         :param serverless_v2_min_capacity: The minimum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 8, 8.5, 9, and so on. The smallest value that you can use is 0. For Aurora versions that support the Aurora Serverless v2 auto-pause feature, the smallest value that you can use is 0. For versions that don't support Aurora Serverless v2 auto-pause, the smallest value that you can use is 0.5. Default: 0.5
         :param storage_encrypted: Whether to enable storage encryption. Default: - true if storageEncryptionKey is provided, false otherwise
         :param storage_encryption_key: The KMS key for storage encryption. If specified, ``storageEncrypted`` will be set to ``true``. Default: - if storageEncrypted is true then the default master key, no key otherwise
-        :param storage_type: The storage type to be associated with the DB cluster. Default: - DBClusterStorageType.AURORA_IOPT1
+        :param storage_type: The storage type to be associated with the DB cluster. Default: - DBClusterStorageType.AURORA
         :param subnet_group: Existing subnet group for the cluster. Default: - a new subnet group will be created.
         :param vpc: What subnets to run the RDS instances in. Must be at least 2 subnets in two different AZs.
         :param vpc_subnets: Where to place the instances within the VPC. Default: - the Vpc default strategy if not specified.