aws-cdk-lib 2.216.0__py3-none-any.whl → 2.217.0__py3-none-any.whl

aws_cdk/aws_ecs/__init__.py

@@ -7361,7 +7361,7 @@ class CfnServiceProps:
     ) -> None:
         '''Properties for defining a ``CfnService``.
 
-        :param availability_zone_rebalancing: Indicates whether to use Availability Zone rebalancing for the service. For more information, see `Balancing an Amazon ECS service across Availability Zones <https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-rebalancing.html>`_ in the **Amazon Elastic Container Service Developer Guide** . Default: - "ENABLED"
+        :param availability_zone_rebalancing: Indicates whether to use Availability Zone rebalancing for the service. For more information, see `Balancing an Amazon ECS service across Availability Zones <https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-rebalancing.html>`_ in the **Amazon Elastic Container Service Developer Guide** . The default behavior of ``AvailabilityZoneRebalancing`` differs between create and update requests: - For create service requests, when no value is specified for ``AvailabilityZoneRebalancing`` , Amazon ECS defaults the value to ``ENABLED`` . - For update service requests, when no value is specified for ``AvailabilityZoneRebalancing`` , Amazon ECS defaults to the existing service’s ``AvailabilityZoneRebalancing`` value. If the service never had an ``AvailabilityZoneRebalancing`` value set, Amazon ECS treats this as ``DISABLED`` . Default: - "ENABLED"
         :param capacity_provider_strategy: The capacity provider strategy to use for the service. If a ``capacityProviderStrategy`` is specified, the ``launchType`` parameter must be omitted. If no ``capacityProviderStrategy`` or ``launchType`` is specified, the ``defaultCapacityProviderStrategy`` for the cluster is used. A capacity provider strategy can contain a maximum of 20 capacity providers. .. epigraph:: To remove this property from your service resource, specify an empty ``CapacityProviderStrategyItem`` array.
         :param cluster: The short name or full Amazon Resource Name (ARN) of the cluster that you run your service on. If you do not specify a cluster, the default cluster is assumed.
         :param deployment_configuration: Optional deployment parameters that control how many tasks run during the deployment and the ordering of stopping and starting tasks.
@@ -7370,7 +7370,7 @@ class CfnServiceProps:
         :param enable_ecs_managed_tags: Specifies whether to turn on Amazon ECS managed tags for the tasks within the service. For more information, see `Tagging your Amazon ECS resources <https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html>`_ in the *Amazon Elastic Container Service Developer Guide* . When you use Amazon ECS managed tags, you must set the ``propagateTags`` request parameter.
         :param enable_execute_command: Determines whether the execute command functionality is turned on for the service. If ``true`` , the execute command functionality is turned on for all containers in tasks as part of the service.
         :param force_new_deployment: Determines whether to force a new deployment of the service. By default, deployments aren't forced. You can use this option to start a new deployment with no service definition changes. For example, you can update a service's tasks to use a newer Docker image with the same image/tag combination ( ``my_image:latest`` ) or to roll Fargate tasks onto a newer platform version.
-        :param health_check_grace_period_seconds: The period of time, in seconds, that the Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing, VPC Lattice, and container health checks after a task has first started. If you don't specify a health check grace period value, the default value of ``0`` is used. If you don't use any of the health checks, then ``healthCheckGracePeriodSeconds`` is unused. If your service's tasks take a while to start and respond to health checks, you can specify a health check grace period of up to 2,147,483,647 seconds (about 69 years). During that time, the Amazon ECS service scheduler ignores health check status. This grace period can prevent the service scheduler from marking tasks as unhealthy and stopping them before they have time to come up.
+        :param health_check_grace_period_seconds: The period of time, in seconds, that the Amazon Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing, VPC Lattice, and container health checks after a task has first started. If you do not specify a health check grace period value, the default value of 0 is used. If you do not use any of the health checks, then ``healthCheckGracePeriodSeconds`` is unused. If your service has more running tasks than desired, unhealthy tasks in the grace period might be stopped to reach the desired count.
         :param launch_type: The launch type on which to run your service. For more information, see `Amazon ECS Launch Types <https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html>`_ in the *Amazon Elastic Container Service Developer Guide* .
         :param load_balancers: A list of load balancer objects to associate with the service. If you specify the ``Role`` property, ``LoadBalancers`` must be specified as well. For information about the number of load balancers that you can specify per service, see `Service Load Balancing <https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-load-balancing.html>`_ in the *Amazon Elastic Container Service Developer Guide* . .. epigraph:: To remove this property from your service resource, specify an empty ``LoadBalancer`` array.
         :param network_configuration: The network configuration for the service. This parameter is required for task definitions that use the ``awsvpc`` network mode to receive their own elastic network interface, and it is not supported for other network modes. For more information, see `Task Networking <https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html>`_ in the *Amazon Elastic Container Service Developer Guide* .
@@ -7397,6 +7397,8 @@ class CfnServiceProps:
             # The values are placeholders you should change.
             from aws_cdk import aws_ecs as ecs
             
+            # hook_details: Any
+            
             cfn_service_props = ecs.CfnServiceProps(
                 availability_zone_rebalancing="availabilityZoneRebalancing",
                 capacity_provider_strategy=[ecs.CfnService.CapacityProviderStrategyItemProperty(
@@ -7419,7 +7421,10 @@ class CfnServiceProps:
                     lifecycle_hooks=[ecs.CfnService.DeploymentLifecycleHookProperty(
                         hook_target_arn="hookTargetArn",
                         lifecycle_stages=["lifecycleStages"],
-                        role_arn="roleArn"
+                        role_arn="roleArn",
+            
+                        # the properties below are optional
+                        hook_details=hook_details
                     )],
                     maximum_percent=123,
                     minimum_healthy_percent=123,
@@ -7664,6 +7669,11 @@ class CfnServiceProps:
 
         For more information, see `Balancing an Amazon ECS service across Availability Zones <https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-rebalancing.html>`_ in the **Amazon Elastic Container Service Developer Guide** .
 
+        The default behavior of ``AvailabilityZoneRebalancing`` differs between create and update requests:
+
+        - For create service requests, when no value is specified for ``AvailabilityZoneRebalancing`` , Amazon ECS defaults the value to ``ENABLED`` .
+        - For update service requests, when no value is specified for ``AvailabilityZoneRebalancing`` , Amazon ECS defaults to the existing service’s ``AvailabilityZoneRebalancing`` value. If the service never had an ``AvailabilityZoneRebalancing`` value set, Amazon ECS treats this as ``DISABLED`` .
+
         :default: - "ENABLED"
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html#cfn-ecs-service-availabilityzonerebalancing
@@ -7778,11 +7788,11 @@ class CfnServiceProps:
 
     @builtins.property
     def health_check_grace_period_seconds(self) -> typing.Optional[jsii.Number]:
-        '''The period of time, in seconds, that the Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing, VPC Lattice, and container health checks after a task has first started.
+        '''The period of time, in seconds, that the Amazon Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing, VPC Lattice, and container health checks after a task has first started.
 
-        If you don't specify a health check grace period value, the default value of ``0`` is used. If you don't use any of the health checks, then ``healthCheckGracePeriodSeconds`` is unused.
+        If you do not specify a health check grace period value, the default value of 0 is used. If you do not use any of the health checks, then ``healthCheckGracePeriodSeconds`` is unused.
 
-        If your service's tasks take a while to start and respond to health checks, you can specify a health check grace period of up to 2,147,483,647 seconds (about 69 years). During that time, the Amazon ECS service scheduler ignores health check status. This grace period can prevent the service scheduler from marking tasks as unhealthy and stopping them before they have time to come up.
+        If your service has more running tasks than desired, unhealthy tasks in the grace period might be stopped to reach the desired count.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ecs-service.html#cfn-ecs-service-healthcheckgraceperiodseconds
         '''
@@ -32493,6 +32503,8 @@ class CfnService(
         # The values are placeholders you should change.
         from aws_cdk import aws_ecs as ecs
         
+        # hook_details: Any
+        
         cfn_service = ecs.CfnService(self, "MyCfnService",
             availability_zone_rebalancing="availabilityZoneRebalancing",
             capacity_provider_strategy=[ecs.CfnService.CapacityProviderStrategyItemProperty(
@@ -32515,7 +32527,10 @@ class CfnService(
                 lifecycle_hooks=[ecs.CfnService.DeploymentLifecycleHookProperty(
                     hook_target_arn="hookTargetArn",
                     lifecycle_stages=["lifecycleStages"],
-                    role_arn="roleArn"
+                    role_arn="roleArn",
+        
+                    # the properties below are optional
+                    hook_details=hook_details
                 )],
                 maximum_percent=123,
                 minimum_healthy_percent=123,
@@ -32708,7 +32723,7 @@ class CfnService(
         '''
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
-        :param availability_zone_rebalancing: Indicates whether to use Availability Zone rebalancing for the service. For more information, see `Balancing an Amazon ECS service across Availability Zones <https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-rebalancing.html>`_ in the **Amazon Elastic Container Service Developer Guide** . Default: - "ENABLED"
+        :param availability_zone_rebalancing: Indicates whether to use Availability Zone rebalancing for the service. For more information, see `Balancing an Amazon ECS service across Availability Zones <https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-rebalancing.html>`_ in the **Amazon Elastic Container Service Developer Guide** . The default behavior of ``AvailabilityZoneRebalancing`` differs between create and update requests: - For create service requests, when no value is specified for ``AvailabilityZoneRebalancing`` , Amazon ECS defaults the value to ``ENABLED`` . - For update service requests, when no value is specified for ``AvailabilityZoneRebalancing`` , Amazon ECS defaults to the existing service’s ``AvailabilityZoneRebalancing`` value. If the service never had an ``AvailabilityZoneRebalancing`` value set, Amazon ECS treats this as ``DISABLED`` . Default: - "ENABLED"
         :param capacity_provider_strategy: The capacity provider strategy to use for the service. If a ``capacityProviderStrategy`` is specified, the ``launchType`` parameter must be omitted. If no ``capacityProviderStrategy`` or ``launchType`` is specified, the ``defaultCapacityProviderStrategy`` for the cluster is used. A capacity provider strategy can contain a maximum of 20 capacity providers. .. epigraph:: To remove this property from your service resource, specify an empty ``CapacityProviderStrategyItem`` array.
         :param cluster: The short name or full Amazon Resource Name (ARN) of the cluster that you run your service on. If you do not specify a cluster, the default cluster is assumed.
         :param deployment_configuration: Optional deployment parameters that control how many tasks run during the deployment and the ordering of stopping and starting tasks.
@@ -32717,7 +32732,7 @@ class CfnService(
         :param enable_ecs_managed_tags: Specifies whether to turn on Amazon ECS managed tags for the tasks within the service. For more information, see `Tagging your Amazon ECS resources <https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html>`_ in the *Amazon Elastic Container Service Developer Guide* . When you use Amazon ECS managed tags, you must set the ``propagateTags`` request parameter.
         :param enable_execute_command: Determines whether the execute command functionality is turned on for the service. If ``true`` , the execute command functionality is turned on for all containers in tasks as part of the service.
         :param force_new_deployment: Determines whether to force a new deployment of the service. By default, deployments aren't forced. You can use this option to start a new deployment with no service definition changes. For example, you can update a service's tasks to use a newer Docker image with the same image/tag combination ( ``my_image:latest`` ) or to roll Fargate tasks onto a newer platform version.
-        :param health_check_grace_period_seconds: The period of time, in seconds, that the Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing, VPC Lattice, and container health checks after a task has first started. If you don't specify a health check grace period value, the default value of ``0`` is used. If you don't use any of the health checks, then ``healthCheckGracePeriodSeconds`` is unused. If your service's tasks take a while to start and respond to health checks, you can specify a health check grace period of up to 2,147,483,647 seconds (about 69 years). During that time, the Amazon ECS service scheduler ignores health check status. This grace period can prevent the service scheduler from marking tasks as unhealthy and stopping them before they have time to come up.
+        :param health_check_grace_period_seconds: The period of time, in seconds, that the Amazon Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing, VPC Lattice, and container health checks after a task has first started. If you do not specify a health check grace period value, the default value of 0 is used. If you do not use any of the health checks, then ``healthCheckGracePeriodSeconds`` is unused. If your service has more running tasks than desired, unhealthy tasks in the grace period might be stopped to reach the desired count.
         :param launch_type: The launch type on which to run your service. For more information, see `Amazon ECS Launch Types <https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html>`_ in the *Amazon Elastic Container Service Developer Guide* .
         :param load_balancers: A list of load balancer objects to associate with the service. If you specify the ``Role`` property, ``LoadBalancers`` must be specified as well. For information about the number of load balancers that you can specify per service, see `Service Load Balancing <https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-load-balancing.html>`_ in the *Amazon Elastic Container Service Developer Guide* . .. epigraph:: To remove this property from your service resource, specify an empty ``LoadBalancer`` array.
         :param network_configuration: The network configuration for the service. This parameter is required for task definitions that use the ``awsvpc`` network mode to receive their own elastic network interface, and it is not supported for other network modes. For more information, see `Task Networking <https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html>`_ in the *Amazon Elastic Container Service Developer Guide* .
@@ -32990,7 +33005,7 @@ class CfnService(
     @builtins.property
     @jsii.member(jsii_name="healthCheckGracePeriodSeconds")
     def health_check_grace_period_seconds(self) -> typing.Optional[jsii.Number]:
-        '''The period of time, in seconds, that the Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing, VPC Lattice, and container health checks after a task has first started.'''
+        '''The period of time, in seconds, that the Amazon Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing, VPC Lattice, and container health checks after a task has first started.'''
         return typing.cast(typing.Optional[jsii.Number], jsii.get(self, "healthCheckGracePeriodSeconds"))
 
     @health_check_grace_period_seconds.setter
@@ -33825,6 +33840,8 @@ class CfnService(
                 # The values are placeholders you should change.
                 from aws_cdk import aws_ecs as ecs
                 
+                # hook_details: Any
+                
                 deployment_configuration_property = ecs.CfnService.DeploymentConfigurationProperty(
                     alarms=ecs.CfnService.DeploymentAlarmsProperty(
                         alarm_names=["alarmNames"],
@@ -33839,7 +33856,10 @@ class CfnService(
                     lifecycle_hooks=[ecs.CfnService.DeploymentLifecycleHookProperty(
                         hook_target_arn="hookTargetArn",
                         lifecycle_stages=["lifecycleStages"],
-                        role_arn="roleArn"
+                        role_arn="roleArn",
+                
+                        # the properties below are optional
+                        hook_details=hook_details
                     )],
                     maximum_percent=123,
                     minimum_healthy_percent=123,
@@ -34105,6 +34125,7 @@ class CfnService(
             "hook_target_arn": "hookTargetArn",
             "lifecycle_stages": "lifecycleStages",
             "role_arn": "roleArn",
+            "hook_details": "hookDetails",
         },
     )
     class DeploymentLifecycleHookProperty:
@@ -34114,6 +34135,7 @@ class CfnService(
             hook_target_arn: builtins.str,
             lifecycle_stages: typing.Sequence[builtins.str],
             role_arn: builtins.str,
+            hook_details: typing.Any = None,
         ) -> None:
             '''A deployment lifecycle hook runs custom logic at specific stages of the deployment process.
 
@@ -34124,6 +34146,7 @@ class CfnService(
             :param hook_target_arn: The Amazon Resource Name (ARN) of the hook target. Currently, only Lambda function ARNs are supported. You must provide this parameter when configuring a deployment lifecycle hook.
             :param lifecycle_stages: The lifecycle stages at which to run the hook. Choose from these valid values:. - RECONCILE_SERVICE The reconciliation stage that only happens when you start a new service deployment with more than 1 service revision in an ACTIVE state. You can use a lifecycle hook for this stage. - PRE_SCALE_UP The green service revision has not started. The blue service revision is handling 100% of the production traffic. There is no test traffic. You can use a lifecycle hook for this stage. - POST_SCALE_UP The green service revision has started. The blue service revision is handling 100% of the production traffic. There is no test traffic. You can use a lifecycle hook for this stage. - TEST_TRAFFIC_SHIFT The blue and green service revisions are running. The blue service revision handles 100% of the production traffic. The green service revision is migrating from 0% to 100% of test traffic. You can use a lifecycle hook for this stage. - POST_TEST_TRAFFIC_SHIFT The test traffic shift is complete. The green service revision handles 100% of the test traffic. You can use a lifecycle hook for this stage. - PRODUCTION_TRAFFIC_SHIFT Production traffic is shifting to the green service revision. The green service revision is migrating from 0% to 100% of production traffic. You can use a lifecycle hook for this stage. - POST_PRODUCTION_TRAFFIC_SHIFT The production traffic shift is complete. You can use a lifecycle hook for this stage. You must provide this parameter when configuring a deployment lifecycle hook.
             :param role_arn: The Amazon Resource Name (ARN) of the IAM role that grants Amazon ECS permission to call Lambda functions on your behalf. For more information, see `Permissions required for Lambda functions in Amazon ECS blue/green deployments <https://docs.aws.amazon.com/AmazonECS/latest/developerguide/blue-green-permissions.html>`_ in the *Amazon Elastic Container Service Developer Guide* .
+            :param hook_details: Use this field to specify custom parameters that Amazon ECS passes to your hook target invocations (such as a Lambda function). This field must be a JSON object as a string.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-service-deploymentlifecyclehook.html
             :exampleMetadata: fixture=_generated
@@ -34134,10 +34157,15 @@ class CfnService(
                 # The values are placeholders you should change.
                 from aws_cdk import aws_ecs as ecs
                 
+                # hook_details: Any
+                
                 deployment_lifecycle_hook_property = ecs.CfnService.DeploymentLifecycleHookProperty(
                     hook_target_arn="hookTargetArn",
                     lifecycle_stages=["lifecycleStages"],
-                    role_arn="roleArn"
+                    role_arn="roleArn",
+                
+                    # the properties below are optional
+                    hook_details=hook_details
                 )
             '''
             if __debug__:
@@ -34145,11 +34173,14 @@ class CfnService(
                 check_type(argname="argument hook_target_arn", value=hook_target_arn, expected_type=type_hints["hook_target_arn"])
                 check_type(argname="argument lifecycle_stages", value=lifecycle_stages, expected_type=type_hints["lifecycle_stages"])
                 check_type(argname="argument role_arn", value=role_arn, expected_type=type_hints["role_arn"])
+                check_type(argname="argument hook_details", value=hook_details, expected_type=type_hints["hook_details"])
             self._values: typing.Dict[builtins.str, typing.Any] = {
                 "hook_target_arn": hook_target_arn,
                 "lifecycle_stages": lifecycle_stages,
                 "role_arn": role_arn,
             }
+            if hook_details is not None:
+                self._values["hook_details"] = hook_details
 
         @builtins.property
         def hook_target_arn(self) -> builtins.str:
@@ -34229,6 +34260,17 @@ class CfnService(
             assert result is not None, "Required property 'role_arn' is missing"
             return typing.cast(builtins.str, result)
 
+        @builtins.property
+        def hook_details(self) -> typing.Any:
+            '''Use this field to specify custom parameters that Amazon ECS passes to your hook target invocations (such as a Lambda function).
+
+            This field must be a JSON object as a string.
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-service-deploymentlifecyclehook.html#cfn-ecs-service-deploymentlifecyclehook-hookdetails
+            '''
+            result = self._values.get("hook_details")
+            return typing.cast(typing.Any, result)
+
         def __eq__(self, rhs: typing.Any) -> builtins.bool:
             return isinstance(rhs, self.__class__) and rhs._values == self._values
 
@@ -49622,6 +49664,7 @@ def _typecheckingstub__81d51cf744a434ad2ba13fc9f3dea23611c28b28f4a9414d8324cf577
     hook_target_arn: builtins.str,
     lifecycle_stages: typing.Sequence[builtins.str],
     role_arn: builtins.str,
+    hook_details: typing.Any = None,
 ) -> None:
     """Type checking stubs"""
     pass

aws_cdk/aws_elasticloadbalancingv2/__init__.py

@@ -4370,6 +4370,7 @@ class CfnListenerRuleProps:
     jsii_type="aws-cdk-lib.aws_elasticloadbalancingv2.CfnLoadBalancerProps",
     jsii_struct_bases=[],
     name_mapping={
+        "enable_capacity_reservation_provision_stabilize": "enableCapacityReservationProvisionStabilize",
         "enable_prefix_for_ipv6_source_nat": "enablePrefixForIpv6SourceNat",
         "enforce_security_group_inbound_rules_on_private_link_traffic": "enforceSecurityGroupInboundRulesOnPrivateLinkTraffic",
         "ip_address_type": "ipAddressType",
@@ -4389,6 +4390,7 @@ class CfnLoadBalancerProps:
     def __init__(
         self,
         *,
+        enable_capacity_reservation_provision_stabilize: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
         enable_prefix_for_ipv6_source_nat: typing.Optional[builtins.str] = None,
         enforce_security_group_inbound_rules_on_private_link_traffic: typing.Optional[builtins.str] = None,
         ip_address_type: typing.Optional[builtins.str] = None,
@@ -4405,6 +4407,7 @@ class CfnLoadBalancerProps:
     ) -> None:
         '''Properties for defining a ``CfnLoadBalancer``.
 
+        :param enable_capacity_reservation_provision_stabilize: Default: - false
         :param enable_prefix_for_ipv6_source_nat: [Network Load Balancers with UDP listeners] Indicates whether to use an IPv6 prefix from each subnet for source NAT. The IP address type must be ``dualstack`` . The default value is ``off`` .
         :param enforce_security_group_inbound_rules_on_private_link_traffic: Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through AWS PrivateLink . The default is ``on`` . You can't configure this property on a Network Load Balancer unless you associated a security group with the load balancer when you created it.
         :param ip_address_type: The IP address type. Internal load balancers must use ``ipv4`` . [Application Load Balancers] The possible values are ``ipv4`` (IPv4 addresses), ``dualstack`` (IPv4 and IPv6 addresses), and ``dualstack-without-public-ipv4`` (public IPv6 addresses and private IPv4 and IPv6 addresses). Application Load Balancer authentication supports IPv4 addresses only when connecting to an Identity Provider (IdP) or Amazon Cognito endpoint. Without a public IPv4 address the load balancer can't complete the authentication process, resulting in HTTP 500 errors. [Network Load Balancers and Gateway Load Balancers] The possible values are ``ipv4`` (IPv4 addresses) and ``dualstack`` (IPv4 and IPv6 addresses).
@@ -4429,6 +4432,7 @@ class CfnLoadBalancerProps:
             from aws_cdk import aws_elasticloadbalancingv2 as elbv2
             
             cfn_load_balancer_props = elbv2.CfnLoadBalancerProps(
+                enable_capacity_reservation_provision_stabilize=False,
                 enable_prefix_for_ipv6_source_nat="enablePrefixForIpv6SourceNat",
                 enforce_security_group_inbound_rules_on_private_link_traffic="enforceSecurityGroupInboundRulesOnPrivateLinkTraffic",
                 ip_address_type="ipAddressType",
@@ -4462,6 +4466,7 @@ class CfnLoadBalancerProps:
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__6b1eb30cea756dc45f625ec82ab8cba6ea31d24595a925a4aabceb7e6605bcde)
+            check_type(argname="argument enable_capacity_reservation_provision_stabilize", value=enable_capacity_reservation_provision_stabilize, expected_type=type_hints["enable_capacity_reservation_provision_stabilize"])
             check_type(argname="argument enable_prefix_for_ipv6_source_nat", value=enable_prefix_for_ipv6_source_nat, expected_type=type_hints["enable_prefix_for_ipv6_source_nat"])
             check_type(argname="argument enforce_security_group_inbound_rules_on_private_link_traffic", value=enforce_security_group_inbound_rules_on_private_link_traffic, expected_type=type_hints["enforce_security_group_inbound_rules_on_private_link_traffic"])
             check_type(argname="argument ip_address_type", value=ip_address_type, expected_type=type_hints["ip_address_type"])
@@ -4476,6 +4481,8 @@ class CfnLoadBalancerProps:
             check_type(argname="argument tags", value=tags, expected_type=type_hints["tags"])
             check_type(argname="argument type", value=type, expected_type=type_hints["type"])
         self._values: typing.Dict[builtins.str, typing.Any] = {}
+        if enable_capacity_reservation_provision_stabilize is not None:
+            self._values["enable_capacity_reservation_provision_stabilize"] = enable_capacity_reservation_provision_stabilize
         if enable_prefix_for_ipv6_source_nat is not None:
             self._values["enable_prefix_for_ipv6_source_nat"] = enable_prefix_for_ipv6_source_nat
         if enforce_security_group_inbound_rules_on_private_link_traffic is not None:
@@ -4503,6 +4510,18 @@ class CfnLoadBalancerProps:
         if type is not None:
             self._values["type"] = type
 
+    @builtins.property
+    def enable_capacity_reservation_provision_stabilize(
+        self,
+    ) -> typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]]:
+        '''
+        :default: - false
+
+        :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#cfn-elasticloadbalancingv2-loadbalancer-enablecapacityreservationprovisionstabilize
+        '''
+        result = self._values.get("enable_capacity_reservation_provision_stabilize")
+        return typing.cast(typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]], result)
+
     @builtins.property
     def enable_prefix_for_ipv6_source_nat(self) -> typing.Optional[builtins.str]:
         '''[Network Load Balancers with UDP listeners] Indicates whether to use an IPv6 prefix from each subnet for source NAT.
@@ -21911,6 +21930,7 @@ class CfnLoadBalancer(
         from aws_cdk import aws_elasticloadbalancingv2 as elbv2
         
         cfn_load_balancer = elbv2.CfnLoadBalancer(self, "MyCfnLoadBalancer",
+            enable_capacity_reservation_provision_stabilize=False,
             enable_prefix_for_ipv6_source_nat="enablePrefixForIpv6SourceNat",
             enforce_security_group_inbound_rules_on_private_link_traffic="enforceSecurityGroupInboundRulesOnPrivateLinkTraffic",
             ip_address_type="ipAddressType",
@@ -21948,6 +21968,7 @@ class CfnLoadBalancer(
         scope: _constructs_77d1e7e8.Construct,
         id: builtins.str,
         *,
+        enable_capacity_reservation_provision_stabilize: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
         enable_prefix_for_ipv6_source_nat: typing.Optional[builtins.str] = None,
         enforce_security_group_inbound_rules_on_private_link_traffic: typing.Optional[builtins.str] = None,
         ip_address_type: typing.Optional[builtins.str] = None,
@@ -21965,6 +21986,7 @@ class CfnLoadBalancer(
         '''
         :param scope: Scope in which this resource is defined.
         :param id: Construct identifier for this resource (unique in its scope).
+        :param enable_capacity_reservation_provision_stabilize: Default: - false
         :param enable_prefix_for_ipv6_source_nat: [Network Load Balancers with UDP listeners] Indicates whether to use an IPv6 prefix from each subnet for source NAT. The IP address type must be ``dualstack`` . The default value is ``off`` .
         :param enforce_security_group_inbound_rules_on_private_link_traffic: Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through AWS PrivateLink . The default is ``on`` . You can't configure this property on a Network Load Balancer unless you associated a security group with the load balancer when you created it.
         :param ip_address_type: The IP address type. Internal load balancers must use ``ipv4`` . [Application Load Balancers] The possible values are ``ipv4`` (IPv4 addresses), ``dualstack`` (IPv4 and IPv6 addresses), and ``dualstack-without-public-ipv4`` (public IPv6 addresses and private IPv4 and IPv6 addresses). Application Load Balancer authentication supports IPv4 addresses only when connecting to an Identity Provider (IdP) or Amazon Cognito endpoint. Without a public IPv4 address the load balancer can't complete the authentication process, resulting in HTTP 500 errors. [Network Load Balancers and Gateway Load Balancers] The possible values are ``ipv4`` (IPv4 addresses) and ``dualstack`` (IPv4 and IPv6 addresses).
@@ -21984,6 +22006,7 @@ class CfnLoadBalancer(
             check_type(argname="argument scope", value=scope, expected_type=type_hints["scope"])
             check_type(argname="argument id", value=id, expected_type=type_hints["id"])
         props = CfnLoadBalancerProps(
+            enable_capacity_reservation_provision_stabilize=enable_capacity_reservation_provision_stabilize,
             enable_prefix_for_ipv6_source_nat=enable_prefix_for_ipv6_source_nat,
             enforce_security_group_inbound_rules_on_private_link_traffic=enforce_security_group_inbound_rules_on_private_link_traffic,
             ip_address_type=ip_address_type,
@@ -22110,6 +22133,23 @@ class CfnLoadBalancer(
         '''Tag Manager which manages the tags for this resource.'''
         return typing.cast(_TagManager_0a598cb3, jsii.get(self, "tags"))
 
+    @builtins.property
+    @jsii.member(jsii_name="enableCapacityReservationProvisionStabilize")
+    def enable_capacity_reservation_provision_stabilize(
+        self,
+    ) -> typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]]:
+        return typing.cast(typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]], jsii.get(self, "enableCapacityReservationProvisionStabilize"))
+
+    @enable_capacity_reservation_provision_stabilize.setter
+    def enable_capacity_reservation_provision_stabilize(
+        self,
+        value: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]],
+    ) -> None:
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__db326b5431980db555d148f9ae3420eff076c5f4436bcac08ce2f9c7154eefce)
+            check_type(argname="argument value", value=value, expected_type=type_hints["value"])
+        jsii.set(self, "enableCapacityReservationProvisionStabilize", value) # pyright: ignore[reportArgumentType]
+
     @builtins.property
     @jsii.member(jsii_name="enablePrefixForIpv6SourceNat")
     def enable_prefix_for_ipv6_source_nat(self) -> typing.Optional[builtins.str]:
@@ -28396,6 +28436,7 @@ def _typecheckingstub__ca75076613edf0bf6ade8ee145bc71de34aa66567d90d5721bd40f862
 
 def _typecheckingstub__6b1eb30cea756dc45f625ec82ab8cba6ea31d24595a925a4aabceb7e6605bcde(
     *,
+    enable_capacity_reservation_provision_stabilize: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
     enable_prefix_for_ipv6_source_nat: typing.Optional[builtins.str] = None,
     enforce_security_group_inbound_rules_on_private_link_traffic: typing.Optional[builtins.str] = None,
     ip_address_type: typing.Optional[builtins.str] = None,
@@ -29797,6 +29838,7 @@ def _typecheckingstub__907e1e3e88136a6a7bdcdac293563447ed893c77b9f7b1e7154fb1749
     scope: _constructs_77d1e7e8.Construct,
     id: builtins.str,
     *,
+    enable_capacity_reservation_provision_stabilize: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
     enable_prefix_for_ipv6_source_nat: typing.Optional[builtins.str] = None,
     enforce_security_group_inbound_rules_on_private_link_traffic: typing.Optional[builtins.str] = None,
     ip_address_type: typing.Optional[builtins.str] = None,
@@ -29826,6 +29868,12 @@ def _typecheckingstub__1a178a2aa61d40ebc079a81b6caeba1ff6649a54d784e4ce75ed79b7e
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__db326b5431980db555d148f9ae3420eff076c5f4436bcac08ce2f9c7154eefce(
+    value: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]],
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__38b5ad2c151ce05a51bb2ba1eaa4eb8a906d379df6a66c99f7a4f368bf663f77(
     value: typing.Optional[builtins.str],
 ) -> None:

aws_cdk/aws_elasticsearch/__init__.py

@@ -5593,7 +5593,7 @@ class CfnDomain(
                The ``AWS::Elasticsearch::Domain`` resource is being replaced by the `AWS::OpenSearchService::Domain <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opensearchservice-domain.html>`_ resource. While the legacy Elasticsearch resource and options are still supported, we recommend modifying your existing Cloudformation templates to use the new OpenSearch Service resource, which supports both OpenSearch and Elasticsearch. For more information about the service rename, see `New resource types <https://docs.aws.amazon.com/opensearch-service/latest/developerguide/rename.html#rename-resource>`_ in the *Amazon OpenSearch Service Developer Guide* .
 
             :param custom_endpoint: The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.
-            :param custom_endpoint_certificate_arn: The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.
+            :param custom_endpoint_certificate_arn: The Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.
             :param custom_endpoint_enabled: True to enable a custom endpoint for the domain. If enabled, you must also provide values for ``CustomEndpoint`` and ``CustomEndpointCertificateArn`` .
             :param enforce_https: True to require that all traffic to the domain arrive over HTTPS.
             :param tls_security_policy: The minimum TLS version required for traffic to the domain. Valid values are TLS 1.3 (recommended) or 1.2:. - ``Policy-Min-TLS-1-0-2019-07`` - ``Policy-Min-TLS-1-2-2019-07``
@@ -5647,7 +5647,7 @@ class CfnDomain(
 
         @builtins.property
         def custom_endpoint_certificate_arn(self) -> typing.Optional[builtins.str]:
-            '''The AWS Certificate Manager ARN for your domain's SSL/TLS certificate.
+            '''The Certificate Manager ARN for your domain's SSL/TLS certificate.
 
             Required if you enabled a custom endpoint for the domain.
 

aws_cdk/aws_evs/__init__.py

@@ -210,7 +210,11 @@ class CfnEnvironmentProps:
                     ),
                     v_tep=evs.CfnEnvironment.InitialVlanInfoProperty(
                         cidr="cidr"
-                    )
+                    ),
+            
+                    # the properties below are optional
+                    hcx_network_acl_id="hcxNetworkAclId",
+                    is_hcx_public=False
                 ),
                 kms_key_id="kmsKeyId",
                 service_access_security_groups=evs.CfnEnvironment.ServiceAccessSecurityGroupsProperty(
@@ -644,7 +648,11 @@ class CfnEnvironment(
                 ),
                 v_tep=evs.CfnEnvironment.InitialVlanInfoProperty(
                     cidr="cidr"
-                )
+                ),
+        
+                # the properties below are optional
+                hcx_network_acl_id="hcxNetworkAclId",
+                is_hcx_public=False
             ),
             kms_key_id="kmsKeyId",
             service_access_security_groups=evs.CfnEnvironment.ServiceAccessSecurityGroupsProperty(
@@ -1432,6 +1440,8 @@ class CfnEnvironment(
             "v_motion": "vMotion",
             "v_san": "vSan",
             "v_tep": "vTep",
+            "hcx_network_acl_id": "hcxNetworkAclId",
+            "is_hcx_public": "isHcxPublic",
         },
     )
     class InitialVlansProperty:
@@ -1448,6 +1458,8 @@ class CfnEnvironment(
             v_motion: typing.Union[_IResolvable_da3f097b, typing.Union["CfnEnvironment.InitialVlanInfoProperty", typing.Dict[builtins.str, typing.Any]]],
             v_san: typing.Union[_IResolvable_da3f097b, typing.Union["CfnEnvironment.InitialVlanInfoProperty", typing.Dict[builtins.str, typing.Any]]],
             v_tep: typing.Union[_IResolvable_da3f097b, typing.Union["CfnEnvironment.InitialVlanInfoProperty", typing.Dict[builtins.str, typing.Any]]],
+            hcx_network_acl_id: typing.Optional[builtins.str] = None,
+            is_hcx_public: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
         ) -> None:
             '''The initial VLAN subnets for the environment.
 
@@ -1456,13 +1468,15 @@ class CfnEnvironment(
             :param edge_v_tep: The edge VTEP VLAN subnet. This VLAN subnet manages traffic flowing between the internal network and external networks, including internet access and other site connections.
             :param expansion_vlan1: An additional VLAN subnet that can be used to extend VCF capabilities once configured. For example, you can configure an expansion VLAN subnet to use NSX Federation for centralized management and synchronization of multiple NSX deployments across different locations.
             :param expansion_vlan2: An additional VLAN subnet that can be used to extend VCF capabilities once configured. For example, you can configure an expansion VLAN subnet to use NSX Federation for centralized management and synchronization of multiple NSX deployments across different locations.
-            :param hcx: The HCX VLAN subnet. This VLAN subnet allows the HCX Interconnnect (IX) and HCX Network Extension (NE) to reach their peers and enable HCX Service Mesh creation.
+            :param hcx: The HCX VLAN subnet. This VLAN subnet allows the HCX Interconnnect (IX) and HCX Network Extension (NE) to reach their peers and enable HCX Service Mesh creation. If you plan to use a public HCX VLAN subnet, the following requirements must be met: - Must have a /28 netmask and be allocated from the IPAM public pool. Required for HCX internet access configuration. - The HCX public VLAN CIDR block must be added to the VPC as a secondary CIDR block. - Must have at least two Elastic IP addresses to be allocated from the public IPAM pool for HCX components.
             :param nsx_up_link: The NSX uplink VLAN subnet. This VLAN subnet allows connectivity to the NSX overlay network.
             :param vmk_management: The host VMkernel management VLAN subnet. This VLAN subnet carries traffic for managing ESXi hosts and communicating with VMware vCenter Server.
             :param vm_management: The VM management VLAN subnet. This VLAN subnet carries traffic for vSphere virtual machines.
             :param v_motion: The vMotion VLAN subnet. This VLAN subnet carries traffic for vSphere vMotion.
             :param v_san: The vSAN VLAN subnet. This VLAN subnet carries the communication between ESXi hosts to implement a vSAN shared storage pool.
             :param v_tep: The VTEP VLAN subnet. This VLAN subnet handles internal network traffic between virtual machines within a VCF instance.
+            :param hcx_network_acl_id: A unique ID for a network access control list that the HCX VLAN uses. Required when ``isHcxPublic`` is set to ``true`` .
+            :param is_hcx_public: Determines if the HCX VLAN that Amazon EVS provisions is public or private.
 
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-evs-environment-initialvlans.html
             :exampleMetadata: fixture=_generated
@@ -1503,7 +1517,11 @@ class CfnEnvironment(
                     ),
                     v_tep=evs.CfnEnvironment.InitialVlanInfoProperty(
                         cidr="cidr"
-                    )
+                    ),
+                
+                    # the properties below are optional
+                    hcx_network_acl_id="hcxNetworkAclId",
+                    is_hcx_public=False
                 )
             '''
             if __debug__:
@@ -1518,6 +1536,8 @@ class CfnEnvironment(
                 check_type(argname="argument v_motion", value=v_motion, expected_type=type_hints["v_motion"])
                 check_type(argname="argument v_san", value=v_san, expected_type=type_hints["v_san"])
                 check_type(argname="argument v_tep", value=v_tep, expected_type=type_hints["v_tep"])
+                check_type(argname="argument hcx_network_acl_id", value=hcx_network_acl_id, expected_type=type_hints["hcx_network_acl_id"])
+                check_type(argname="argument is_hcx_public", value=is_hcx_public, expected_type=type_hints["is_hcx_public"])
             self._values: typing.Dict[builtins.str, typing.Any] = {
                 "edge_v_tep": edge_v_tep,
                 "expansion_vlan1": expansion_vlan1,
@@ -1530,6 +1550,10 @@ class CfnEnvironment(
                 "v_san": v_san,
                 "v_tep": v_tep,
             }
+            if hcx_network_acl_id is not None:
+                self._values["hcx_network_acl_id"] = hcx_network_acl_id
+            if is_hcx_public is not None:
+                self._values["is_hcx_public"] = is_hcx_public
 
         @builtins.property
         def edge_v_tep(
@@ -1581,6 +1605,12 @@ class CfnEnvironment(
 
             This VLAN subnet allows the HCX Interconnnect (IX) and HCX Network Extension (NE) to reach their peers and enable HCX Service Mesh creation.
 
+            If you plan to use a public HCX VLAN subnet, the following requirements must be met:
+
+            - Must have a /28 netmask and be allocated from the IPAM public pool. Required for HCX internet access configuration.
+            - The HCX public VLAN CIDR block must be added to the VPC as a secondary CIDR block.
+            - Must have at least two Elastic IP addresses to be allocated from the public IPAM pool for HCX components.
+
             :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-evs-environment-initialvlans.html#cfn-evs-environment-initialvlans-hcx
             '''
             result = self._values.get("hcx")
@@ -1671,6 +1701,28 @@ class CfnEnvironment(
             assert result is not None, "Required property 'v_tep' is missing"
             return typing.cast(typing.Union[_IResolvable_da3f097b, "CfnEnvironment.InitialVlanInfoProperty"], result)
 
+        @builtins.property
+        def hcx_network_acl_id(self) -> typing.Optional[builtins.str]:
+            '''A unique ID for a network access control list that the HCX VLAN uses.
+
+            Required when ``isHcxPublic`` is set to ``true`` .
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-evs-environment-initialvlans.html#cfn-evs-environment-initialvlans-hcxnetworkaclid
+            '''
+            result = self._values.get("hcx_network_acl_id")
+            return typing.cast(typing.Optional[builtins.str], result)
+
+        @builtins.property
+        def is_hcx_public(
+            self,
+        ) -> typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]]:
+            '''Determines if the HCX VLAN that Amazon EVS provisions is public or private.
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-evs-environment-initialvlans.html#cfn-evs-environment-initialvlans-ishcxpublic
+            '''
+            result = self._values.get("is_hcx_public")
+            return typing.cast(typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]], result)
+
         def __eq__(self, rhs: typing.Any) -> builtins.bool:
             return isinstance(rhs, self.__class__) and rhs._values == self._values
 
@@ -2261,6 +2313,8 @@ def _typecheckingstub__a70b9547ba64740f8b44168dbcdcd80e75a75a1dc2ed733c834ad336f
     v_motion: typing.Union[_IResolvable_da3f097b, typing.Union[CfnEnvironment.InitialVlanInfoProperty, typing.Dict[builtins.str, typing.Any]]],
     v_san: typing.Union[_IResolvable_da3f097b, typing.Union[CfnEnvironment.InitialVlanInfoProperty, typing.Dict[builtins.str, typing.Any]]],
     v_tep: typing.Union[_IResolvable_da3f097b, typing.Union[CfnEnvironment.InitialVlanInfoProperty, typing.Dict[builtins.str, typing.Any]]],
+    hcx_network_acl_id: typing.Optional[builtins.str] = None,
+    is_hcx_public: typing.Optional[typing.Union[builtins.bool, _IResolvable_da3f097b]] = None,
 ) -> None:
     """Type checking stubs"""
     pass