aws-cdk-lib 2.198.0__py3-none-any.whl → 2.200.0__py3-none-any.whl

aws_cdk/aws_deadline/__init__.py

@@ -553,7 +553,7 @@ class CfnFleet(
         :param max_worker_count: The maximum number of workers specified in the fleet.
         :param role_arn: The IAM role that workers in the fleet use when processing jobs.
         :param description: A description that helps identify what the fleet is used for. .. epigraph:: This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field. Default: - ""
-        :param host_configuration: 
+        :param host_configuration: Provides a script that runs as a worker is starting up that you can use to provide additional configuration for workers in your fleet. To remove a script from a fleet, use the `UpdateFleet <https://docs.aws.amazon.com/deadline-cloud/latest/APIReference/API_UpdateFleet.html>`_ operation with the ``hostConfiguration`` ``scriptBody`` parameter set to an empty string ("").
         :param min_worker_count: The minimum number of workers in the fleet. Default: - 0
         :param tags: The tags to add to your fleet. Each tag consists of a tag key and a tag value. Tag keys and values are both required, but tag values can be empty strings.
         '''
@@ -748,6 +748,7 @@ class CfnFleet(
     def host_configuration(
         self,
     ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnFleet.HostConfigurationProperty"]]:
+        '''Provides a script that runs as a worker is starting up that you can use to provide additional configuration for workers in your fleet.'''
         return typing.cast(typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnFleet.HostConfigurationProperty"]], jsii.get(self, "hostConfiguration"))
 
     @host_configuration.setter
@@ -1135,7 +1136,7 @@ class CfnFleet(
             :param mode: The AWS Auto Scaling mode for the customer managed fleet configuration.
             :param worker_capabilities: The worker capabilities for a customer managed fleet configuration.
             :param storage_profile_id: The storage profile ID.
-            :param tag_propagation_mode: 
+            :param tag_propagation_mode: Specifies whether tags associated with a fleet are attached to workers when the worker is launched. When the ``tagPropagationMode`` is set to ``PROPAGATE_TAGS_TO_WORKERS_AT_LAUNCH`` any tag associated with a fleet is attached to workers when they launch. If the tags for a fleet change, the tags associated with running workers *do not* change. If you don't specify ``tagPropagationMode`` , the default is ``NO_PROPAGATION`` .
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-deadline-fleet-customermanagedfleetconfiguration.html
             :exampleMetadata: fixture=_generated
@@ -1244,7 +1245,12 @@ class CfnFleet(
 
         @builtins.property
         def tag_propagation_mode(self) -> typing.Optional[builtins.str]:
-            '''
+            '''Specifies whether tags associated with a fleet are attached to workers when the worker is launched.
+
+            When the ``tagPropagationMode`` is set to ``PROPAGATE_TAGS_TO_WORKERS_AT_LAUNCH`` any tag associated with a fleet is attached to workers when they launch. If the tags for a fleet change, the tags associated with running workers *do not* change.
+
+            If you don't specify ``tagPropagationMode`` , the default is ``NO_PROPAGATION`` .
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-deadline-fleet-customermanagedfleetconfiguration.html#cfn-deadline-fleet-customermanagedfleetconfiguration-tagpropagationmode
             '''
             result = self._values.get("tag_propagation_mode")
@@ -2023,9 +2029,12 @@ class CfnFleet(
             script_body: builtins.str,
             script_timeout_seconds: typing.Optional[jsii.Number] = None,
         ) -> None:
-            '''
-            :param script_body: 
-            :param script_timeout_seconds: Default: - 300
+            '''Provides a script that runs as a worker is starting up that you can use to provide additional configuration for workers in your fleet.
+
+            To remove a script from a fleet, use the `UpdateFleet <https://docs.aws.amazon.com/deadline-cloud/latest/APIReference/API_UpdateFleet.html>`_ operation with the ``hostConfiguration`` ``scriptBody`` parameter set to an empty string ("").
+
+            :param script_body: The text of the script that runs as a worker is starting up that you can use to provide additional configuration for workers in your fleet. The script runs after a worker enters the ``STARTING`` state and before the worker processes tasks. For more information about using the script, see `Run scripts as an administrator to configure workers <https://docs.aws.amazon.com/deadline-cloud/latest/developerguide/smf-admin.html>`_ in the *Deadline Cloud Developer Guide* . .. epigraph:: The script runs as an administrative user ( ``sudo root`` on Linux, as an Administrator on Windows).
+            :param script_timeout_seconds: The maximum time that the host configuration can run. If the timeout expires, the worker enters the ``NOT RESPONDING`` state and shuts down. You are charged for the time that the worker is running the host configuration script. .. epigraph:: You should configure your fleet for a maximum of one worker while testing your host configuration script to avoid starting additional workers. The default is 300 seconds (5 minutes). Default: - 300
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-deadline-fleet-hostconfiguration.html
             :exampleMetadata: fixture=_generated
@@ -2055,7 +2064,15 @@ class CfnFleet(
 
         @builtins.property
         def script_body(self) -> builtins.str:
-            '''
+            '''The text of the script that runs as a worker is starting up that you can use to provide additional configuration for workers in your fleet.
+
+            The script runs after a worker enters the ``STARTING`` state and before the worker processes tasks.
+
+            For more information about using the script, see `Run scripts as an administrator to configure workers <https://docs.aws.amazon.com/deadline-cloud/latest/developerguide/smf-admin.html>`_ in the *Deadline Cloud Developer Guide* .
+            .. epigraph::
+
+               The script runs as an administrative user ( ``sudo root`` on Linux, as an Administrator on Windows).
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-deadline-fleet-hostconfiguration.html#cfn-deadline-fleet-hostconfiguration-scriptbody
             '''
             result = self._values.get("script_body")
@@ -2064,7 +2081,15 @@ class CfnFleet(
 
         @builtins.property
         def script_timeout_seconds(self) -> typing.Optional[jsii.Number]:
-            '''
+            '''The maximum time that the host configuration can run.
+
+            If the timeout expires, the worker enters the ``NOT RESPONDING`` state and shuts down. You are charged for the time that the worker is running the host configuration script.
+            .. epigraph::
+
+               You should configure your fleet for a maximum of one worker while testing your host configuration script to avoid starting additional workers.
+
+            The default is 300 seconds (5 minutes).
+
             :default: - 300
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-deadline-fleet-hostconfiguration.html#cfn-deadline-fleet-hostconfiguration-scripttimeoutseconds
@@ -2704,7 +2729,7 @@ class CfnFleetProps:
         :param max_worker_count: The maximum number of workers specified in the fleet.
         :param role_arn: The IAM role that workers in the fleet use when processing jobs.
         :param description: A description that helps identify what the fleet is used for. .. epigraph:: This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field. Default: - ""
-        :param host_configuration: 
+        :param host_configuration: Provides a script that runs as a worker is starting up that you can use to provide additional configuration for workers in your fleet. To remove a script from a fleet, use the `UpdateFleet <https://docs.aws.amazon.com/deadline-cloud/latest/APIReference/API_UpdateFleet.html>`_ operation with the ``hostConfiguration`` ``scriptBody`` parameter set to an empty string ("").
         :param min_worker_count: The minimum number of workers in the fleet. Default: - 0
         :param tags: The tags to add to your fleet. Each tag consists of a tag key and a tag value. Tag keys and values are both required, but tag values can be empty strings.
 
@@ -2948,7 +2973,10 @@ class CfnFleetProps:
     def host_configuration(
         self,
     ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, CfnFleet.HostConfigurationProperty]]:
-        '''
+        '''Provides a script that runs as a worker is starting up that you can use to provide additional configuration for workers in your fleet.
+
+        To remove a script from a fleet, use the `UpdateFleet <https://docs.aws.amazon.com/deadline-cloud/latest/APIReference/API_UpdateFleet.html>`_ operation with the ``hostConfiguration`` ``scriptBody`` parameter set to an empty string ("").
+
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-deadline-fleet.html#cfn-deadline-fleet-hostconfiguration
         '''
         result = self._values.get("host_configuration")

aws_cdk/aws_ec2/__init__.py

@@ -644,6 +644,14 @@ stack2 = Stack2(app, "Stack2",
 )
 ```
 
+> Note: If you encounter an error like "Delete canceled. Cannot delete export ..."
+> when using a cross-stack reference to a VPC, it's likely due to CloudFormation
+> export/import constraints. In such cases, it's safer to use Vpc.fromLookup()
+> in the consuming stack instead of directly referencing the VPC object, more details
+> is provided in [Importing an existing VPC](#importing-an-existing-vpc). This
+> avoids creating CloudFormation exports and gives more flexibility, especially
+> when stacks need to be deleted or updated independently.
+
 ### Importing an existing VPC
 
 If your VPC is created outside your CDK app, you can use `Vpc.fromLookup()`.
@@ -807,7 +815,6 @@ peer = ec2.Peer.ipv4("10.0.0.0/16")
 peer = ec2.Peer.any_ipv4()
 peer = ec2.Peer.ipv6("::0/0")
 peer = ec2.Peer.any_ipv6()
-peer = ec2.Peer.prefix_list("pl-12345")
 app_fleet.connections.allow_to(peer, ec2.Port.HTTPS, "Allow outbound HTTPS")
 ```
 
@@ -825,6 +832,16 @@ fleet1.connections.allow_to(fleet2, ec2.Port.HTTP, "Allow between fleets")
 app_fleet.connections.allow_from_any_ipv4(ec2.Port.HTTP, "Allow from load balancer")
 ```
 
+A managed prefix list is also a connection peer:
+
+```python
+# app_fleet: autoscaling.AutoScalingGroup
+
+
+prefix_list = ec2.PrefixList(self, "PrefixList", max_entries=10)
+app_fleet.connections.allow_from(prefix_list, ec2.Port.HTTPS)
+```
+
 ### Port Ranges
 
 The connections that are allowed are specified by port ranges. A number of classes provide
@@ -20812,7 +20829,7 @@ class CfnInstance(
         :param key_name: The name of the key pair. You can create a key pair using `CreateKeyPair <https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html>`_ or `ImportKeyPair <https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html>`_ . .. epigraph:: If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.
         :param launch_template: The launch template. Any additional parameters that you specify for the new instance overwrite the corresponding parameters included in the launch template.
         :param license_specifications: The license configurations.
-        :param metadata_options: 
+        :param metadata_options: The metadata options for the instance.
         :param monitoring: Specifies whether detailed monitoring is enabled for the instance. Specify ``true`` to enable detailed monitoring. Otherwise, basic monitoring is enabled. For more information about detailed monitoring, see `Enable or turn off detailed monitoring for your instances <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html>`_ in the *Amazon EC2 User Guide* .
         :param network_interfaces: The network interfaces to associate with the instance. .. epigraph:: If you use this property to point to a network interface, you must terminate the original interface before attaching a new one to allow the update of the instance to succeed. If this resource has a public IP address and is also in a VPC that is defined in the same template, you must use the `DependsOn Attribute <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html>`_ to declare a dependency on the VPC-gateway attachment.
         :param placement_group_name: The name of an existing placement group that you want to launch the instance into (cluster | partition | spread).
@@ -21386,6 +21403,7 @@ class CfnInstance(
     def metadata_options(
         self,
     ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnInstance.MetadataOptionsProperty"]]:
+        '''The metadata options for the instance.'''
         return typing.cast(typing.Optional[typing.Union[_IResolvable_da3f097b, "CfnInstance.MetadataOptionsProperty"]], jsii.get(self, "metadataOptions"))
 
     @metadata_options.setter
@@ -22879,12 +22897,13 @@ class CfnInstance(
             http_tokens: typing.Optional[builtins.str] = None,
             instance_metadata_tags: typing.Optional[builtins.str] = None,
         ) -> None:
-            '''
-            :param http_endpoint: Enables or disables the HTTP metadata endpoint on your instances. If you specify a value of disabled, you cannot access your instance metadata.
-            :param http_protocol_ipv6: Enables or disables the IPv6 endpoint for the instance metadata service. To use this option, the instance must be a Nitro-based instance launched in a subnet that supports IPv6.
-            :param http_put_response_hop_limit: The number of network hops that the metadata token can travel. Maximum is 64. Default: - 1
-            :param http_tokens: Indicates whether IMDSv2 is required.
-            :param instance_metadata_tags: Indicates whether tags from the instance are propagated to the EBS volumes.
+            '''Specifies the metadata options for the instance.
+
+            :param http_endpoint: Enables or disables the HTTP metadata endpoint on your instances. If you specify a value of ``disabled`` , you cannot access your instance metadata. Default: ``enabled``
+            :param http_protocol_ipv6: Enables or disables the IPv6 endpoint for the instance metadata service. Default: ``disabled``
+            :param http_put_response_hop_limit: The maximum number of hops that the metadata token can travel. Possible values: Integers from 1 to 64 Default: - 1
+            :param http_tokens: Indicates whether IMDSv2 is required. - ``optional`` - IMDSv2 is optional, which means that you can use either IMDSv2 or IMDSv1. - ``required`` - IMDSv2 is required, which means that IMDSv1 is disabled, and you must use IMDSv2. Default: - If the value of ``ImdsSupport`` for the Amazon Machine Image (AMI) for your instance is ``v2.0`` and the account level default is set to ``no-preference`` , the default is ``required`` . - If the value of ``ImdsSupport`` for the Amazon Machine Image (AMI) for your instance is ``v2.0`` , but the account level default is set to ``V1 or V2`` , the default is ``optional`` . The default value can also be affected by other combinations of parameters. For more information, see `Order of precedence for instance metadata options <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-options.html#instance-metadata-options-order-of-precedence>`_ in the *Amazon EC2 User Guide* .
+            :param instance_metadata_tags: Set to ``enabled`` to allow access to instance tags from the instance metadata. Set to ``disabled`` to turn off access to instance tags from the instance metadata. For more information, see `Work with instance tags using the instance metadata <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS>`_ . Default: ``disabled``
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance-metadataoptions.html
             :exampleMetadata: fixture=_generated
@@ -22926,7 +22945,9 @@ class CfnInstance(
         def http_endpoint(self) -> typing.Optional[builtins.str]:
             '''Enables or disables the HTTP metadata endpoint on your instances.
 
-            If you specify a value of disabled, you cannot access your instance metadata.
+            If you specify a value of ``disabled`` , you cannot access your instance metadata.
+
+            Default: ``enabled``
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance-metadataoptions.html#cfn-ec2-instance-metadataoptions-httpendpoint
             '''
@@ -22937,7 +22958,7 @@ class CfnInstance(
         def http_protocol_ipv6(self) -> typing.Optional[builtins.str]:
             '''Enables or disables the IPv6 endpoint for the instance metadata service.
 
-            To use this option, the instance must be a Nitro-based instance launched in a subnet that supports IPv6.
+            Default: ``disabled``
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance-metadataoptions.html#cfn-ec2-instance-metadataoptions-httpprotocolipv6
             '''
@@ -22946,9 +22967,9 @@ class CfnInstance(
 
         @builtins.property
         def http_put_response_hop_limit(self) -> typing.Optional[jsii.Number]:
-            '''The number of network hops that the metadata token can travel.
+            '''The maximum number of hops that the metadata token can travel.
 
-            Maximum is 64.
+            Possible values: Integers from 1 to 64
 
             :default: - 1
 
@@ -22961,6 +22982,16 @@ class CfnInstance(
         def http_tokens(self) -> typing.Optional[builtins.str]:
             '''Indicates whether IMDSv2 is required.
 
+            - ``optional`` - IMDSv2 is optional, which means that you can use either IMDSv2 or IMDSv1.
+            - ``required`` - IMDSv2 is required, which means that IMDSv1 is disabled, and you must use IMDSv2.
+
+            Default:
+
+            - If the value of ``ImdsSupport`` for the Amazon Machine Image (AMI) for your instance is ``v2.0`` and the account level default is set to ``no-preference`` , the default is ``required`` .
+            - If the value of ``ImdsSupport`` for the Amazon Machine Image (AMI) for your instance is ``v2.0`` , but the account level default is set to ``V1 or V2`` , the default is ``optional`` .
+
+            The default value can also be affected by other combinations of parameters. For more information, see `Order of precedence for instance metadata options <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-options.html#instance-metadata-options-order-of-precedence>`_ in the *Amazon EC2 User Guide* .
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance-metadataoptions.html#cfn-ec2-instance-metadataoptions-httptokens
             '''
             result = self._values.get("http_tokens")
@@ -22968,7 +22999,11 @@ class CfnInstance(
 
         @builtins.property
         def instance_metadata_tags(self) -> typing.Optional[builtins.str]:
-            '''Indicates whether tags from the instance are propagated to the EBS volumes.
+            '''Set to ``enabled`` to allow access to instance tags from the instance metadata.
+
+            Set to ``disabled`` to turn off access to instance tags from the instance metadata. For more information, see `Work with instance tags using the instance metadata <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS>`_ .
+
+            Default: ``disabled``
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance-metadataoptions.html#cfn-ec2-instance-metadataoptions-instancemetadatatags
             '''
@@ -24204,7 +24239,7 @@ class CfnInstanceProps:
         :param key_name: The name of the key pair. You can create a key pair using `CreateKeyPair <https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html>`_ or `ImportKeyPair <https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html>`_ . .. epigraph:: If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.
         :param launch_template: The launch template. Any additional parameters that you specify for the new instance overwrite the corresponding parameters included in the launch template.
         :param license_specifications: The license configurations.
-        :param metadata_options: 
+        :param metadata_options: The metadata options for the instance.
         :param monitoring: Specifies whether detailed monitoring is enabled for the instance. Specify ``true`` to enable detailed monitoring. Otherwise, basic monitoring is enabled. For more information about detailed monitoring, see `Enable or turn off detailed monitoring for your instances <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html>`_ in the *Amazon EC2 User Guide* .
         :param network_interfaces: The network interfaces to associate with the instance. .. epigraph:: If you use this property to point to a network interface, you must terminate the original interface before attaching a new one to allow the update of the instance to succeed. If this resource has a public IP address and is also in a VPC that is defined in the same template, you must use the `DependsOn Attribute <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html>`_ to declare a dependency on the VPC-gateway attachment.
         :param placement_group_name: The name of an existing placement group that you want to launch the instance into (cluster | partition | spread).
@@ -24807,7 +24842,8 @@ class CfnInstanceProps:
     def metadata_options(
         self,
     ) -> typing.Optional[typing.Union[_IResolvable_da3f097b, CfnInstance.MetadataOptionsProperty]]:
-        '''
+        '''The metadata options for the instance.
+
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-instance.html#cfn-ec2-instance-metadataoptions
         '''
         result = self._values.get("metadata_options")
@@ -53684,7 +53720,8 @@ class CfnTrafficMirrorFilter(
     @builtins.property
     @jsii.member(jsii_name="attrId")
     def attr_id(self) -> builtins.str:
-        '''
+        '''The ID of a traffic mirror filter.
+
         :cloudformationAttribute: Id
         '''
         return typing.cast(builtins.str, jsii.get(self, "attrId"))
@@ -75760,7 +75797,7 @@ typing.cast(typing.Any, IPlacementGroup).__jsii_proxy_class__ = lambda : _IPlace
 
 
 @jsii.interface(jsii_type="aws-cdk-lib.aws_ec2.IPrefixList")
-class IPrefixList(_IResource_c80c4260, typing_extensions.Protocol):
+class IPrefixList(_IResource_c80c4260, IPeer, typing_extensions.Protocol):
     '''A prefix list.'''
 
     @builtins.property
@@ -75775,6 +75812,7 @@ class IPrefixList(_IResource_c80c4260, typing_extensions.Protocol):
 
 class _IPrefixListProxy(
     jsii.proxy_for(_IResource_c80c4260), # type: ignore[misc]
+    jsii.proxy_for(IPeer), # type: ignore[misc]
 ):
     '''A prefix list.'''
 
@@ -88667,7 +88705,7 @@ class Peer(metaclass=jsii.JSIIMeta, jsii_type="aws-cdk-lib.aws_ec2.Peer"):
         
         cluster = msk.Cluster(self, "Cluster",
             cluster_name="myCluster",
-            kafka_version=msk.KafkaVersion.V3_9_X,
+            kafka_version=msk.KafkaVersion.V4_0_X_KRAFT,
             vpc=vpc
         )
         
@@ -89073,7 +89111,7 @@ class Port(metaclass=jsii.JSIIMeta, jsii_type="aws-cdk-lib.aws_ec2.Port"):
         
         cluster = msk.Cluster(self, "Cluster",
             cluster_name="myCluster",
-            kafka_version=msk.KafkaVersion.V3_9_X,
+            kafka_version=msk.KafkaVersion.V4_0_X_KRAFT,
             vpc=vpc
         )
         
@@ -89557,6 +89595,16 @@ class PrefixList(
             check_type(argname="argument prefix_list_id", value=prefix_list_id, expected_type=type_hints["prefix_list_id"])
         return typing.cast(IPrefixList, jsii.sinvoke(cls, "fromPrefixListId", [scope, id, prefix_list_id]))
 
+    @jsii.member(jsii_name="toEgressRuleConfig")
+    def to_egress_rule_config(self) -> typing.Any:
+        '''Produce the egress rule JSON for the given connection.'''
+        return typing.cast(typing.Any, jsii.invoke(self, "toEgressRuleConfig", []))
+
+    @jsii.member(jsii_name="toIngressRuleConfig")
+    def to_ingress_rule_config(self) -> typing.Any:
+        '''Produce the ingress rule JSON for the given connection.'''
+        return typing.cast(typing.Any, jsii.invoke(self, "toIngressRuleConfig", []))
+
     @jsii.python.classproperty
     @jsii.member(jsii_name="PROPERTY_INJECTION_ID")
     def PROPERTY_INJECTION_ID(cls) -> builtins.str:
@@ -89569,6 +89617,18 @@ class PrefixList(
         '''The address family of the prefix list.'''
         return typing.cast(builtins.str, jsii.get(self, "addressFamily"))
 
+    @builtins.property
+    @jsii.member(jsii_name="canInlineRule")
+    def can_inline_rule(self) -> builtins.bool:
+        '''Whether the rule can be inlined into a SecurityGroup or not.'''
+        return typing.cast(builtins.bool, jsii.get(self, "canInlineRule"))
+
+    @builtins.property
+    @jsii.member(jsii_name="connections")
+    def connections(self) -> "Connections":
+        '''The network connections associated with this resource.'''
+        return typing.cast("Connections", jsii.get(self, "connections"))
+
     @builtins.property
     @jsii.member(jsii_name="ownerId")
     def owner_id(self) -> builtins.str:
@@ -89602,6 +89662,12 @@ class PrefixList(
         '''
         return typing.cast(builtins.str, jsii.get(self, "prefixListName"))
 
+    @builtins.property
+    @jsii.member(jsii_name="uniqueId")
+    def unique_id(self) -> builtins.str:
+        '''A unique identifier for this connection peer.'''
+        return typing.cast(builtins.str, jsii.get(self, "uniqueId"))
+
     @builtins.property
     @jsii.member(jsii_name="version")
     def version(self) -> jsii.Number:
@@ -89642,7 +89708,7 @@ class PrefixListLookupOptions:
             cf_origin_facing = ec2.PrefixList.from_lookup(self, "CloudFrontOriginFacing",
                 prefix_list_name="com.amazonaws.global.cloudfront.origin-facing"
             )
-            alb.connections.allow_from(ec2.Peer.prefix_list(cf_origin_facing.prefix_list_id), ec2.Port.HTTP)
+            alb.connections.allow_from(cf_origin_facing, ec2.Port.HTTP)
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__4353f67b97f73eaeb1fbd94df299a14d0727dbc31a3319f8619e9b6d60f5c1bb)
@@ -90525,15 +90591,18 @@ class SecurityGroup(
 
     Example::
 
-        # vpc: ec2.Vpc
-        
+        vpc = ec2.Vpc(self, "Vpc", max_azs=1)
+        cluster = ecs.Cluster(self, "EcsCluster", vpc=vpc)
+        security_group = ec2.SecurityGroup(self, "SG", vpc=vpc)
         
-        my_security_group = ec2.SecurityGroup(self, "SecurityGroup", vpc=vpc)
-        autoscaling.AutoScalingGroup(self, "ASG",
-            vpc=vpc,
-            instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.MICRO),
-            machine_image=ec2.MachineImage.latest_amazon_linux2(),
-            security_group=my_security_group
+        scheduled_fargate_task = ecs_patterns.ScheduledFargateTask(self, "ScheduledFargateTask",
+            cluster=cluster,
+            scheduled_fargate_task_image_options=ecsPatterns.ScheduledFargateTaskImageOptions(
+                image=ecs.ContainerImage.from_registry("amazon/amazon-ecs-sample"),
+                memory_limit_mi_b=512
+            ),
+            schedule=appscaling.Schedule.expression("rate(1 minute)"),
+            security_groups=[security_group]
         )
     '''
 

aws_cdk/aws_ecs_patterns/__init__.py

@@ -249,7 +249,9 @@ load_balanced_fargate_service = ecs_patterns.NetworkMultipleTargetGroupsFargateS
         container_port=90,
         listener="listener2"
     )
-    ]
+    ],
+    min_healthy_percent=100,
+    max_healthy_percent=200
 )
 ```
 
@@ -12688,7 +12690,9 @@ class NetworkMultipleTargetGroupsFargateService(
                 container_port=90,
                 listener="listener2"
             )
-            ]
+            ],
+            min_healthy_percent=100,
+            max_healthy_percent=200
         )
     '''
 
@@ -12698,6 +12702,8 @@ class NetworkMultipleTargetGroupsFargateService(
         id: builtins.str,
         *,
         assign_public_ip: typing.Optional[builtins.bool] = None,
+        max_healthy_percent: typing.Optional[jsii.Number] = None,
+        min_healthy_percent: typing.Optional[jsii.Number] = None,
         cloud_map_options: typing.Optional[typing.Union[_CloudMapOptions_444ee9f2, typing.Dict[builtins.str, typing.Any]]] = None,
         cluster: typing.Optional[_ICluster_16cddd09] = None,
         desired_count: typing.Optional[jsii.Number] = None,
@@ -12722,6 +12728,8 @@ class NetworkMultipleTargetGroupsFargateService(
         :param scope: -
         :param id: -
         :param assign_public_ip: Determines whether the service will be assigned a public IP address. Default: false
+        :param max_healthy_percent: The maximum number of tasks, specified as a percentage of the Amazon ECS service's DesiredCount value, that can run in a service during a deployment. Default: - 200%
+        :param min_healthy_percent: The minimum number of tasks, specified as a percentage of the Amazon ECS service's DesiredCount value, that must continue to run and remain healthy during a deployment. Default: - 50%
         :param cloud_map_options: The options for configuring an Amazon ECS service to use service discovery. Default: - AWS Cloud Map service discovery is not enabled.
         :param cluster: The name of the cluster that hosts the service. If a cluster is specified, the vpc construct should be omitted. Alternatively, you can omit both cluster and vpc. Default: - create a new cluster; if both cluster and vpc are omitted, a new VPC will be created for you.
         :param desired_count: The desired number of instantiations of the task definition to keep running on the service. The minimum value is 1 Default: - The default is 1 for all new services and uses the existing service's desired count when updating an existing service.
@@ -12747,6 +12755,8 @@ class NetworkMultipleTargetGroupsFargateService(
             check_type(argname="argument id", value=id, expected_type=type_hints["id"])
         props = NetworkMultipleTargetGroupsFargateServiceProps(
             assign_public_ip=assign_public_ip,
+            max_healthy_percent=max_healthy_percent,
+            min_healthy_percent=min_healthy_percent,
             cloud_map_options=cloud_map_options,
             cluster=cluster,
             desired_count=desired_count,
@@ -12830,6 +12840,8 @@ class NetworkMultipleTargetGroupsFargateService(
         "runtime_platform": "runtimePlatform",
         "task_definition": "taskDefinition",
         "assign_public_ip": "assignPublicIp",
+        "max_healthy_percent": "maxHealthyPercent",
+        "min_healthy_percent": "minHealthyPercent",
     },
 )
 class NetworkMultipleTargetGroupsFargateServiceProps(
@@ -12858,6 +12870,8 @@ class NetworkMultipleTargetGroupsFargateServiceProps(
         runtime_platform: typing.Optional[typing.Union[_RuntimePlatform_5ed98a9c, typing.Dict[builtins.str, typing.Any]]] = None,
         task_definition: typing.Optional[_FargateTaskDefinition_83754b60] = None,
         assign_public_ip: typing.Optional[builtins.bool] = None,
+        max_healthy_percent: typing.Optional[jsii.Number] = None,
+        min_healthy_percent: typing.Optional[jsii.Number] = None,
     ) -> None:
         '''The properties for the NetworkMultipleTargetGroupsFargateService service.
 
@@ -12880,6 +12894,8 @@ class NetworkMultipleTargetGroupsFargateServiceProps(
         :param runtime_platform: The runtime platform of the task definition. Default: - If the property is undefined, ``operatingSystemFamily`` is LINUX and ``cpuArchitecture`` is X86_64
         :param task_definition: The task definition to use for tasks in the service. TaskDefinition or TaskImageOptions must be specified, but not both. [disable-awslint:ref-via-interface] Default: - none
         :param assign_public_ip: Determines whether the service will be assigned a public IP address. Default: false
+        :param max_healthy_percent: The maximum number of tasks, specified as a percentage of the Amazon ECS service's DesiredCount value, that can run in a service during a deployment. Default: - 200%
+        :param min_healthy_percent: The minimum number of tasks, specified as a percentage of the Amazon ECS service's DesiredCount value, that must continue to run and remain healthy during a deployment. Default: - 50%
 
         :exampleMetadata: infused
 
@@ -12915,7 +12931,9 @@ class NetworkMultipleTargetGroupsFargateServiceProps(
                     container_port=90,
                     listener="listener2"
                 )
-                ]
+                ],
+                min_healthy_percent=100,
+                max_healthy_percent=200
             )
         '''
         if isinstance(cloud_map_options, dict):
@@ -12945,6 +12963,8 @@ class NetworkMultipleTargetGroupsFargateServiceProps(
             check_type(argname="argument runtime_platform", value=runtime_platform, expected_type=type_hints["runtime_platform"])
             check_type(argname="argument task_definition", value=task_definition, expected_type=type_hints["task_definition"])
             check_type(argname="argument assign_public_ip", value=assign_public_ip, expected_type=type_hints["assign_public_ip"])
+            check_type(argname="argument max_healthy_percent", value=max_healthy_percent, expected_type=type_hints["max_healthy_percent"])
+            check_type(argname="argument min_healthy_percent", value=min_healthy_percent, expected_type=type_hints["min_healthy_percent"])
         self._values: typing.Dict[builtins.str, typing.Any] = {}
         if cloud_map_options is not None:
             self._values["cloud_map_options"] = cloud_map_options
@@ -12984,6 +13004,10 @@ class NetworkMultipleTargetGroupsFargateServiceProps(
             self._values["task_definition"] = task_definition
         if assign_public_ip is not None:
             self._values["assign_public_ip"] = assign_public_ip
+        if max_healthy_percent is not None:
+            self._values["max_healthy_percent"] = max_healthy_percent
+        if min_healthy_percent is not None:
+            self._values["min_healthy_percent"] = min_healthy_percent
 
     @builtins.property
     def cloud_map_options(self) -> typing.Optional[_CloudMapOptions_444ee9f2]:
@@ -13219,6 +13243,24 @@ class NetworkMultipleTargetGroupsFargateServiceProps(
         result = self._values.get("assign_public_ip")
         return typing.cast(typing.Optional[builtins.bool], result)
 
+    @builtins.property
+    def max_healthy_percent(self) -> typing.Optional[jsii.Number]:
+        '''The maximum number of tasks, specified as a percentage of the Amazon ECS service's DesiredCount value, that can run in a service during a deployment.
+
+        :default: - 200%
+        '''
+        result = self._values.get("max_healthy_percent")
+        return typing.cast(typing.Optional[jsii.Number], result)
+
+    @builtins.property
+    def min_healthy_percent(self) -> typing.Optional[jsii.Number]:
+        '''The minimum number of tasks, specified as a percentage of the Amazon ECS service's DesiredCount value, that must continue to run and remain healthy during a deployment.
+
+        :default: - 50%
+        '''
+        result = self._values.get("min_healthy_percent")
+        return typing.cast(typing.Optional[jsii.Number], result)
+
     def __eq__(self, rhs: typing.Any) -> builtins.bool:
         return isinstance(rhs, self.__class__) and rhs._values == self._values
 
@@ -17595,6 +17637,8 @@ def _typecheckingstub__d0896ef010a141982cad4e6363ddf5474e1d63a5c38dc712f84a1d13e
     id: builtins.str,
     *,
     assign_public_ip: typing.Optional[builtins.bool] = None,
+    max_healthy_percent: typing.Optional[jsii.Number] = None,
+    min_healthy_percent: typing.Optional[jsii.Number] = None,
     cloud_map_options: typing.Optional[typing.Union[_CloudMapOptions_444ee9f2, typing.Dict[builtins.str, typing.Any]]] = None,
     cluster: typing.Optional[_ICluster_16cddd09] = None,
     desired_count: typing.Optional[jsii.Number] = None,
@@ -17638,6 +17682,8 @@ def _typecheckingstub__052b2be34bb887cde358099c21efe7f3e968827a5a4e4c975e35f96da
     runtime_platform: typing.Optional[typing.Union[_RuntimePlatform_5ed98a9c, typing.Dict[builtins.str, typing.Any]]] = None,
     task_definition: typing.Optional[_FargateTaskDefinition_83754b60] = None,
     assign_public_ip: typing.Optional[builtins.bool] = None,
+    max_healthy_percent: typing.Optional[jsii.Number] = None,
+    min_healthy_percent: typing.Optional[jsii.Number] = None,
 ) -> None:
     """Type checking stubs"""
     pass