aws-cdk-lib 2.217.0__py3-none-any.whl → 2.219.0__py3-none-any.whl

aws_cdk/aws_quicksight/__init__.py

@@ -471,6 +471,7 @@ class CfnCustomPermissionsProps:
                 # the properties below are optional
                 capabilities=quicksight.CfnCustomPermissions.CapabilitiesProperty(
                     add_or_run_anomaly_detection_for_analyses="addOrRunAnomalyDetectionForAnalyses",
+                    analysis="analysis",
                     create_and_update_dashboard_email_reports="createAndUpdateDashboardEmailReports",
                     create_and_update_datasets="createAndUpdateDatasets",
                     create_and_update_data_sources="createAndUpdateDataSources",
@@ -478,6 +479,7 @@ class CfnCustomPermissionsProps:
                     create_and_update_threshold_alerts="createAndUpdateThresholdAlerts",
                     create_shared_folders="createSharedFolders",
                     create_spice_dataset="createSpiceDataset",
+                    dashboard="dashboard",
                     export_to_csv="exportToCsv",
                     export_to_csv_in_scheduled_reports="exportToCsvInScheduledReports",
                     export_to_excel="exportToExcel",
@@ -74615,6 +74617,7 @@ class CfnCustomPermissions(
             # the properties below are optional
             capabilities=quicksight.CfnCustomPermissions.CapabilitiesProperty(
                 add_or_run_anomaly_detection_for_analyses="addOrRunAnomalyDetectionForAnalyses",
+                analysis="analysis",
                 create_and_update_dashboard_email_reports="createAndUpdateDashboardEmailReports",
                 create_and_update_datasets="createAndUpdateDatasets",
                 create_and_update_data_sources="createAndUpdateDataSources",
@@ -74622,6 +74625,7 @@ class CfnCustomPermissions(
                 create_and_update_threshold_alerts="createAndUpdateThresholdAlerts",
                 create_shared_folders="createSharedFolders",
                 create_spice_dataset="createSpiceDataset",
+                dashboard="dashboard",
                 export_to_csv="exportToCsv",
                 export_to_csv_in_scheduled_reports="exportToCsvInScheduledReports",
                 export_to_excel="exportToExcel",
@@ -74794,6 +74798,7 @@ class CfnCustomPermissions(
         jsii_struct_bases=[],
         name_mapping={
             "add_or_run_anomaly_detection_for_analyses": "addOrRunAnomalyDetectionForAnalyses",
+            "analysis": "analysis",
             "create_and_update_dashboard_email_reports": "createAndUpdateDashboardEmailReports",
             "create_and_update_datasets": "createAndUpdateDatasets",
             "create_and_update_data_sources": "createAndUpdateDataSources",
@@ -74801,6 +74806,7 @@ class CfnCustomPermissions(
             "create_and_update_threshold_alerts": "createAndUpdateThresholdAlerts",
             "create_shared_folders": "createSharedFolders",
             "create_spice_dataset": "createSpiceDataset",
+            "dashboard": "dashboard",
             "export_to_csv": "exportToCsv",
             "export_to_csv_in_scheduled_reports": "exportToCsvInScheduledReports",
             "export_to_excel": "exportToExcel",
@@ -74823,6 +74829,7 @@ class CfnCustomPermissions(
             self,
             *,
             add_or_run_anomaly_detection_for_analyses: typing.Optional[builtins.str] = None,
+            analysis: typing.Optional[builtins.str] = None,
             create_and_update_dashboard_email_reports: typing.Optional[builtins.str] = None,
             create_and_update_datasets: typing.Optional[builtins.str] = None,
             create_and_update_data_sources: typing.Optional[builtins.str] = None,
@@ -74830,6 +74837,7 @@ class CfnCustomPermissions(
             create_and_update_threshold_alerts: typing.Optional[builtins.str] = None,
             create_shared_folders: typing.Optional[builtins.str] = None,
             create_spice_dataset: typing.Optional[builtins.str] = None,
+            dashboard: typing.Optional[builtins.str] = None,
             export_to_csv: typing.Optional[builtins.str] = None,
             export_to_csv_in_scheduled_reports: typing.Optional[builtins.str] = None,
             export_to_excel: typing.Optional[builtins.str] = None,
@@ -74849,6 +74857,7 @@ class CfnCustomPermissions(
             '''A set of actions that correspond to Amazon QuickSight permissions.
 
             :param add_or_run_anomaly_detection_for_analyses: The ability to add or run anomaly detection.
+            :param analysis: The ability to perform analysis-related actions.
             :param create_and_update_dashboard_email_reports: The ability to create and update email reports.
             :param create_and_update_datasets: The ability to create and update datasets.
             :param create_and_update_data_sources: The ability to create and update data sources.
@@ -74856,6 +74865,7 @@ class CfnCustomPermissions(
             :param create_and_update_threshold_alerts: The ability to create and update threshold alerts.
             :param create_shared_folders: The ability to create shared folders.
             :param create_spice_dataset: The ability to create a SPICE dataset.
+            :param dashboard: The ability to perform dashboard-related actions.
             :param export_to_csv: The ability to export to CSV files from the UI.
             :param export_to_csv_in_scheduled_reports: The ability to export to CSV files in scheduled email reports.
             :param export_to_excel: The ability to export to Excel files from the UI.
@@ -74883,6 +74893,7 @@ class CfnCustomPermissions(
                 
                 capabilities_property = quicksight.CfnCustomPermissions.CapabilitiesProperty(
                     add_or_run_anomaly_detection_for_analyses="addOrRunAnomalyDetectionForAnalyses",
+                    analysis="analysis",
                     create_and_update_dashboard_email_reports="createAndUpdateDashboardEmailReports",
                     create_and_update_datasets="createAndUpdateDatasets",
                     create_and_update_data_sources="createAndUpdateDataSources",
@@ -74890,6 +74901,7 @@ class CfnCustomPermissions(
                     create_and_update_threshold_alerts="createAndUpdateThresholdAlerts",
                     create_shared_folders="createSharedFolders",
                     create_spice_dataset="createSpiceDataset",
+                    dashboard="dashboard",
                     export_to_csv="exportToCsv",
                     export_to_csv_in_scheduled_reports="exportToCsvInScheduledReports",
                     export_to_excel="exportToExcel",
@@ -74910,6 +74922,7 @@ class CfnCustomPermissions(
             if __debug__:
                 type_hints = typing.get_type_hints(_typecheckingstub__009751171d18f139beacd68aa2642defd546c981229603196499b5afa98ee605)
                 check_type(argname="argument add_or_run_anomaly_detection_for_analyses", value=add_or_run_anomaly_detection_for_analyses, expected_type=type_hints["add_or_run_anomaly_detection_for_analyses"])
+                check_type(argname="argument analysis", value=analysis, expected_type=type_hints["analysis"])
                 check_type(argname="argument create_and_update_dashboard_email_reports", value=create_and_update_dashboard_email_reports, expected_type=type_hints["create_and_update_dashboard_email_reports"])
                 check_type(argname="argument create_and_update_datasets", value=create_and_update_datasets, expected_type=type_hints["create_and_update_datasets"])
                 check_type(argname="argument create_and_update_data_sources", value=create_and_update_data_sources, expected_type=type_hints["create_and_update_data_sources"])
@@ -74917,6 +74930,7 @@ class CfnCustomPermissions(
                 check_type(argname="argument create_and_update_threshold_alerts", value=create_and_update_threshold_alerts, expected_type=type_hints["create_and_update_threshold_alerts"])
                 check_type(argname="argument create_shared_folders", value=create_shared_folders, expected_type=type_hints["create_shared_folders"])
                 check_type(argname="argument create_spice_dataset", value=create_spice_dataset, expected_type=type_hints["create_spice_dataset"])
+                check_type(argname="argument dashboard", value=dashboard, expected_type=type_hints["dashboard"])
                 check_type(argname="argument export_to_csv", value=export_to_csv, expected_type=type_hints["export_to_csv"])
                 check_type(argname="argument export_to_csv_in_scheduled_reports", value=export_to_csv_in_scheduled_reports, expected_type=type_hints["export_to_csv_in_scheduled_reports"])
                 check_type(argname="argument export_to_excel", value=export_to_excel, expected_type=type_hints["export_to_excel"])
@@ -74935,6 +74949,8 @@ class CfnCustomPermissions(
             self._values: typing.Dict[builtins.str, typing.Any] = {}
             if add_or_run_anomaly_detection_for_analyses is not None:
                 self._values["add_or_run_anomaly_detection_for_analyses"] = add_or_run_anomaly_detection_for_analyses
+            if analysis is not None:
+                self._values["analysis"] = analysis
             if create_and_update_dashboard_email_reports is not None:
                 self._values["create_and_update_dashboard_email_reports"] = create_and_update_dashboard_email_reports
             if create_and_update_datasets is not None:
@@ -74949,6 +74965,8 @@ class CfnCustomPermissions(
                 self._values["create_shared_folders"] = create_shared_folders
             if create_spice_dataset is not None:
                 self._values["create_spice_dataset"] = create_spice_dataset
+            if dashboard is not None:
+                self._values["dashboard"] = dashboard
             if export_to_csv is not None:
                 self._values["export_to_csv"] = export_to_csv
             if export_to_csv_in_scheduled_reports is not None:
@@ -74991,6 +75009,15 @@ class CfnCustomPermissions(
             result = self._values.get("add_or_run_anomaly_detection_for_analyses")
             return typing.cast(typing.Optional[builtins.str], result)
 
+        @builtins.property
+        def analysis(self) -> typing.Optional[builtins.str]:
+            '''The ability to perform analysis-related actions.
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-quicksight-custompermissions-capabilities.html#cfn-quicksight-custompermissions-capabilities-analysis
+            '''
+            result = self._values.get("analysis")
+            return typing.cast(typing.Optional[builtins.str], result)
+
         @builtins.property
         def create_and_update_dashboard_email_reports(
             self,
@@ -75056,6 +75083,15 @@ class CfnCustomPermissions(
             result = self._values.get("create_spice_dataset")
             return typing.cast(typing.Optional[builtins.str], result)
 
+        @builtins.property
+        def dashboard(self) -> typing.Optional[builtins.str]:
+            '''The ability to perform dashboard-related actions.
+
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-quicksight-custompermissions-capabilities.html#cfn-quicksight-custompermissions-capabilities-dashboard
+            '''
+            result = self._values.get("dashboard")
+            return typing.cast(typing.Optional[builtins.str], result)
+
         @builtins.property
         def export_to_csv(self) -> typing.Optional[builtins.str]:
             '''The ability to export to CSV files from the UI.
@@ -235044,6 +235080,7 @@ def _typecheckingstub__2c3791481dfdcd564a45d78c43b58bdd8ec947943a4aa69ad8740ed70
 def _typecheckingstub__009751171d18f139beacd68aa2642defd546c981229603196499b5afa98ee605(
     *,
     add_or_run_anomaly_detection_for_analyses: typing.Optional[builtins.str] = None,
+    analysis: typing.Optional[builtins.str] = None,
     create_and_update_dashboard_email_reports: typing.Optional[builtins.str] = None,
     create_and_update_datasets: typing.Optional[builtins.str] = None,
     create_and_update_data_sources: typing.Optional[builtins.str] = None,
@@ -235051,6 +235088,7 @@ def _typecheckingstub__009751171d18f139beacd68aa2642defd546c981229603196499b5afa
     create_and_update_threshold_alerts: typing.Optional[builtins.str] = None,
     create_shared_folders: typing.Optional[builtins.str] = None,
     create_spice_dataset: typing.Optional[builtins.str] = None,
+    dashboard: typing.Optional[builtins.str] = None,
     export_to_csv: typing.Optional[builtins.str] = None,
     export_to_csv_in_scheduled_reports: typing.Optional[builtins.str] = None,
     export_to_excel: typing.Optional[builtins.str] = None,

aws_cdk/aws_rds/__init__.py

@@ -5403,7 +5403,7 @@ class CfnDBClusterProps:
         :param iops: The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster. For information about valid IOPS values, see `Provisioned IOPS storage <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS>`_ in the *Amazon RDS User Guide* . This setting is required to create a Multi-AZ DB cluster. Valid for Cluster Type: Multi-AZ DB clusters only Constraints: - Must be a multiple between .5 and 50 of the storage amount for the DB cluster.
         :param kms_key_id: The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the database instances in the DB cluster, such as ``arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef`` . If you enable the ``StorageEncrypted`` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the ``StorageEncrypted`` property to ``true`` . If you specify the ``SnapshotIdentifier`` property, the ``StorageEncrypted`` property value is inherited from the snapshot, and if the DB cluster is encrypted, the specified ``KmsKeyId`` property is used. If you create a read replica of an encrypted DB cluster in another AWS Region, make sure to set ``KmsKeyId`` to a KMS key identifier that is valid in the destination AWS Region. This KMS key is used to encrypt the read replica in that AWS Region. Valid for: Aurora DB clusters and Multi-AZ DB clusters
         :param manage_master_user_password: Specifies whether to manage the master user password with AWS Secrets Manager. For more information, see `Password management with AWS Secrets Manager <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html>`_ in the *Amazon RDS User Guide* and `Password management with AWS Secrets Manager <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html>`_ in the *Amazon Aurora User Guide.* Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters Constraints: - Can't manage the master user password with AWS Secrets Manager if ``MasterUserPassword`` is specified.
-        :param master_user_authentication_type: Specifies the authentication type for the master user. With IAM master user authentication, you can configure the master DB user with IAM database authentication when you create a DB cluster. You can specify one of the following values: - ``password`` - Use standard database authentication with a password. - ``iam-db-auth`` - Use IAM database authentication for the master user. Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters This option is only valid for RDS for PostgreSQL and Aurora PostgreSQL engines.
+        :param master_user_authentication_type: Specifies the authentication type for the master user. With IAM master user authentication, you can configure the master DB user with IAM database authentication when you create a DB cluster. You can specify one of the following values: - ``password`` - Use standard database authentication with a password. - ``iam-db-auth`` - Use IAM database authentication for the master user. Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters This option is only valid for RDS for MySQL, RDS for MariaDB, RDS for PostgreSQL, Aurora MySQL, and Aurora PostgreSQL engines.
         :param master_username: The name of the master user for the DB cluster. .. epigraph:: If you specify the ``SourceDBClusterIdentifier`` , ``SnapshotIdentifier`` , or ``GlobalClusterIdentifier`` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. Valid for: Aurora DB clusters and Multi-AZ DB clusters
         :param master_user_password: The master password for the DB instance. .. epigraph:: If you specify the ``SourceDBClusterIdentifier`` , ``SnapshotIdentifier`` , or ``GlobalClusterIdentifier`` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. Valid for: Aurora DB clusters and Multi-AZ DB clusters
         :param master_user_secret: The secret managed by RDS in AWS Secrets Manager for the master user password. .. epigraph:: When you restore a DB cluster from a snapshot, Amazon RDS generates a new secret instead of reusing the secret specified in the ``SecretArn`` property. This ensures that the restored DB cluster is securely managed with a dedicated secret. To maintain consistent integration with your application, you might need to update resource configurations to reference the newly created secret. For more information, see `Password management with AWS Secrets Manager <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html>`_ in the *Amazon RDS User Guide* and `Password management with AWS Secrets Manager <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html>`_ in the *Amazon Aurora User Guide.*
@@ -6297,7 +6297,7 @@ class CfnDBClusterProps:
 
         Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters
 
-        This option is only valid for RDS for PostgreSQL and Aurora PostgreSQL engines.
+        This option is only valid for RDS for MySQL, RDS for MariaDB, RDS for PostgreSQL, Aurora MySQL, and Aurora PostgreSQL engines.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-masteruserauthenticationtype
         '''
@@ -7025,7 +7025,7 @@ class CfnDBInstanceProps:
         :param kms_key_id: The ARN of the AWS KMS key that's used to encrypt the DB instance, such as ``arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef`` . If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default KMS key. If you specify this property, you must set the StorageEncrypted property to true. If you specify the ``SourceDBInstanceIdentifier`` or ``SourceDbiResourceId`` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified ``KmsKeyId`` property is used. However, if the source DB instance is in a different AWS Region, you must specify a KMS key ID. If you specify the ``SourceDBInstanceAutomatedBackupsArn`` property, don't specify this property. The value is inherited from the source DB instance automated backup, and if the automated backup is encrypted, the specified ``KmsKeyId`` property is used. If you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region. If you specify the ``DBSnapshotIdentifier`` property, don't specify this property. The ``StorageEncrypted`` property value is inherited from the snapshot. If the DB instance is encrypted, the specified ``KmsKeyId`` property is also inherited from the snapshot. If you specify ``DBSecurityGroups`` , AWS CloudFormation ignores this property. To specify both a security group and this property, you must use a VPC security group. For more information about Amazon RDS and VPC, see `Using Amazon RDS with Amazon VPC <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html>`_ in the *Amazon RDS User Guide* . *Amazon Aurora* Not applicable. The KMS key identifier is managed by the DB cluster.
         :param license_model: License model information for this DB instance. Valid Values: - Aurora MySQL - ``general-public-license`` - Aurora PostgreSQL - ``postgresql-license`` - RDS for Db2 - ``bring-your-own-license`` . For more information about RDS for Db2 licensing, see ` <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-licensing.html>`_ in the *Amazon RDS User Guide.* - RDS for MariaDB - ``general-public-license`` - RDS for Microsoft SQL Server - ``license-included`` - RDS for MySQL - ``general-public-license`` - RDS for Oracle - ``bring-your-own-license`` or ``license-included`` - RDS for PostgreSQL - ``postgresql-license`` .. epigraph:: If you've specified ``DBSecurityGroups`` and then you update the license model, AWS CloudFormation replaces the underlying DB instance. This will incur some interruptions to database availability.
         :param manage_master_user_password: Specifies whether to manage the master user password with AWS Secrets Manager. For more information, see `Password management with AWS Secrets Manager <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html>`_ in the *Amazon RDS User Guide.* Constraints: - Can't manage the master user password with AWS Secrets Manager if ``MasterUserPassword`` is specified.
-        :param master_user_authentication_type: Specifies the authentication type for the master user. With IAM master user authentication, you can configure the master DB user with IAM database authentication when you create a DB instance. You can specify one of the following values: - ``password`` - Use standard database authentication with a password. - ``iam-db-auth`` - Use IAM database authentication for the master user. This option is only valid for RDS for PostgreSQL and Aurora PostgreSQL engines.
+        :param master_user_authentication_type: Specifies the authentication type for the master user. With IAM master user authentication, you can configure the master DB user with IAM database authentication when you create a DB instance. You can specify one of the following values: - ``password`` - Use standard database authentication with a password. - ``iam-db-auth`` - Use IAM database authentication for the master user. This option is only valid for RDS for MySQL, RDS for MariaDB, RDS for PostgreSQL, Aurora MySQL, and Aurora PostgreSQL engines.
         :param master_username: The master user name for the DB instance. .. epigraph:: If you specify the ``SourceDBInstanceIdentifier`` or ``DBSnapshotIdentifier`` property, don't specify this property. The value is inherited from the source DB instance or snapshot. When migrating a self-managed Db2 database, we recommend that you use the same master username as your self-managed Db2 instance name. *Amazon Aurora* Not applicable. The name for the master user is managed by the DB cluster. *RDS for Db2* Constraints: - Must be 1 to 16 letters or numbers. - First character must be a letter. - Can't be a reserved word for the chosen database engine. *RDS for MariaDB* Constraints: - Must be 1 to 16 letters or numbers. - Can't be a reserved word for the chosen database engine. *RDS for Microsoft SQL Server* Constraints: - Must be 1 to 128 letters or numbers. - First character must be a letter. - Can't be a reserved word for the chosen database engine. *RDS for MySQL* Constraints: - Must be 1 to 16 letters or numbers. - First character must be a letter. - Can't be a reserved word for the chosen database engine. *RDS for Oracle* Constraints: - Must be 1 to 30 letters or numbers. - First character must be a letter. - Can't be a reserved word for the chosen database engine. *RDS for PostgreSQL* Constraints: - Must be 1 to 63 letters or numbers. - First character must be a letter. - Can't be a reserved word for the chosen database engine.
         :param master_user_password: The password for the master user. The password can include any printable ASCII character except "/", """, or "@". *Amazon Aurora* Not applicable. The password for the master user is managed by the DB cluster. *RDS for Db2* Must contain from 8 to 255 characters. *RDS for MariaDB* Constraints: Must contain from 8 to 41 characters. *RDS for Microsoft SQL Server* Constraints: Must contain from 8 to 128 characters. *RDS for MySQL* Constraints: Must contain from 8 to 41 characters. *RDS for Oracle* Constraints: Must contain from 8 to 30 characters. *RDS for PostgreSQL* Constraints: Must contain from 8 to 128 characters.
         :param master_user_secret: The secret managed by RDS in AWS Secrets Manager for the master user password. For more information, see `Password management with AWS Secrets Manager <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html>`_ in the *Amazon RDS User Guide.*
@@ -8385,7 +8385,7 @@ class CfnDBInstanceProps:
         - ``password`` - Use standard database authentication with a password.
         - ``iam-db-auth`` - Use IAM database authentication for the master user.
 
-        This option is only valid for RDS for PostgreSQL and Aurora PostgreSQL engines.
+        This option is only valid for RDS for MySQL, RDS for MariaDB, RDS for PostgreSQL, Aurora MySQL, and Aurora PostgreSQL engines.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html#cfn-rds-dbinstance-masteruserauthenticationtype
         '''
@@ -9243,7 +9243,7 @@ class CfnDBProxyEndpointProps:
         :param db_proxy_endpoint_name: The name of the DB proxy endpoint to create.
         :param db_proxy_name: The name of the DB proxy associated with the DB proxy endpoint that you create.
         :param vpc_subnet_ids: The VPC subnet IDs for the DB proxy endpoint that you create. You can specify a different set of subnet IDs than for the original DB proxy.
-        :param endpoint_network_type: The network type of the DB proxy endpoint. The network type determines the IP version that the proxy endpoint supports.
+        :param endpoint_network_type: The network type of the DB proxy endpoint. The network type determines the IP version that the proxy endpoint supports. Valid values: - ``IPV4`` - The proxy endpoint supports IPv4 only. - ``IPV6`` - The proxy endpoint supports IPv6 only. - ``DUAL`` - The proxy endpoint supports both IPv4 and IPv6.
         :param tags: An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.
         :param target_role: A value that indicates whether the DB proxy endpoint can be used for read/write or read-only operations.
         :param vpc_security_group_ids: The VPC security group IDs for the DB proxy endpoint that you create. You can specify a different set of security group IDs than for the original DB proxy. The default is the default security group for the VPC.
@@ -9333,6 +9333,12 @@ class CfnDBProxyEndpointProps:
 
         The network type determines the IP version that the proxy endpoint supports.
 
+        Valid values:
+
+        - ``IPV4`` - The proxy endpoint supports IPv4 only.
+        - ``IPV6`` - The proxy endpoint supports IPv6 only.
+        - ``DUAL`` - The proxy endpoint supports both IPv4 and IPv6.
+
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbproxyendpoint.html#cfn-rds-dbproxyendpoint-endpointnetworktype
         '''
         result = self._values.get("endpoint_network_type")
@@ -9426,12 +9432,12 @@ class CfnDBProxyProps:
         :param vpc_subnet_ids: One or more VPC subnet IDs to associate with the new proxy.
         :param auth: The authorization mechanism that the proxy uses.
         :param debug_logging: Specifies whether the proxy logs detailed connection and query information. When you enable ``DebugLogging`` , the proxy captures connection details and connection pool behavior from your queries. Debug logging increases CloudWatch costs and can impact proxy performance. Enable this option only when you need to troubleshoot connection or performance issues.
-        :param default_auth_scheme: The default authentication scheme that the proxy uses for client connections to the proxy and connections from the proxy to the underlying database.
-        :param endpoint_network_type: The network type of the DB proxy endpoint. The network type determines the IP version that the proxy endpoint supports.
+        :param default_auth_scheme: The default authentication scheme that the proxy uses for client connections to the proxy and connections from the proxy to the underlying database. Valid values are ``NONE`` and ``IAM_AUTH`` . When set to ``IAM_AUTH`` , the proxy uses end-to-end IAM authentication to connect to the database.
+        :param endpoint_network_type: The network type of the DB proxy endpoint. The network type determines the IP version that the proxy endpoint supports. Valid values: - ``IPV4`` - The proxy endpoint supports IPv4 only. - ``IPV6`` - The proxy endpoint supports IPv6 only. - ``DUAL`` - The proxy endpoint supports both IPv4 and IPv6.
         :param idle_client_timeout: The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.
         :param require_tls: Specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy. By enabling this setting, you can enforce encrypted TLS connections to the proxy.
         :param tags: An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.
-        :param target_connection_network_type: The network type that the proxy uses to connect to the target database. The network type determines the IP version that the proxy uses for connections to the database.
+        :param target_connection_network_type: The network type that the proxy uses to connect to the target database. The network type determines the IP version that the proxy uses for connections to the database. Valid values: - ``IPV4`` - The proxy connects to the database using IPv4 only. - ``IPV6`` - The proxy connects to the database using IPv6 only.
         :param vpc_security_group_ids: One or more VPC security group IDs to associate with the new proxy. If you plan to update the resource, don't specify VPC security groups in a shared VPC.
 
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbproxy.html
@@ -9582,6 +9588,8 @@ class CfnDBProxyProps:
     def default_auth_scheme(self) -> typing.Optional[builtins.str]:
         '''The default authentication scheme that the proxy uses for client connections to the proxy and connections from the proxy to the underlying database.
 
+        Valid values are ``NONE`` and ``IAM_AUTH`` . When set to ``IAM_AUTH`` , the proxy uses end-to-end IAM authentication to connect to the database.
+
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbproxy.html#cfn-rds-dbproxy-defaultauthscheme
         '''
         result = self._values.get("default_auth_scheme")
@@ -9593,6 +9601,12 @@ class CfnDBProxyProps:
 
         The network type determines the IP version that the proxy endpoint supports.
 
+        Valid values:
+
+        - ``IPV4`` - The proxy endpoint supports IPv4 only.
+        - ``IPV6`` - The proxy endpoint supports IPv6 only.
+        - ``DUAL`` - The proxy endpoint supports both IPv4 and IPv6.
+
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbproxy.html#cfn-rds-dbproxy-endpointnetworktype
         '''
         result = self._values.get("endpoint_network_type")
@@ -9637,6 +9651,11 @@ class CfnDBProxyProps:
 
         The network type determines the IP version that the proxy uses for connections to the database.
 
+        Valid values:
+
+        - ``IPV4`` - The proxy connects to the database using IPv4 only.
+        - ``IPV6`` - The proxy connects to the database using IPv6 only.
+
         :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbproxy.html#cfn-rds-dbproxy-targetconnectionnetworktype
         '''
         result = self._values.get("target_connection_network_type")
@@ -27659,6 +27678,12 @@ class MysqlEngineVersion(
         '''Version "5.7.44-rds.20250508".'''
         return typing.cast("MysqlEngineVersion", jsii.sget(cls, "VER_5_7_44_RDS_20250508"))
 
+    @jsii.python.classproperty
+    @jsii.member(jsii_name="VER_5_7_44_RDS_20250818")
+    def VER_5_7_44_RDS_20250818(cls) -> "MysqlEngineVersion":
+        '''Version "5.7.44-RDS.20250818".'''
+        return typing.cast("MysqlEngineVersion", jsii.sget(cls, "VER_5_7_44_RDS_20250818"))
+
     @jsii.python.classproperty
     @jsii.member(jsii_name="VER_8_0")
     def VER_8_0(cls) -> "MysqlEngineVersion":
@@ -36956,7 +36981,7 @@ class CfnDBCluster(
         :param iops: The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster. For information about valid IOPS values, see `Provisioned IOPS storage <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS>`_ in the *Amazon RDS User Guide* . This setting is required to create a Multi-AZ DB cluster. Valid for Cluster Type: Multi-AZ DB clusters only Constraints: - Must be a multiple between .5 and 50 of the storage amount for the DB cluster.
         :param kms_key_id: The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the database instances in the DB cluster, such as ``arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef`` . If you enable the ``StorageEncrypted`` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the ``StorageEncrypted`` property to ``true`` . If you specify the ``SnapshotIdentifier`` property, the ``StorageEncrypted`` property value is inherited from the snapshot, and if the DB cluster is encrypted, the specified ``KmsKeyId`` property is used. If you create a read replica of an encrypted DB cluster in another AWS Region, make sure to set ``KmsKeyId`` to a KMS key identifier that is valid in the destination AWS Region. This KMS key is used to encrypt the read replica in that AWS Region. Valid for: Aurora DB clusters and Multi-AZ DB clusters
         :param manage_master_user_password: Specifies whether to manage the master user password with AWS Secrets Manager. For more information, see `Password management with AWS Secrets Manager <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html>`_ in the *Amazon RDS User Guide* and `Password management with AWS Secrets Manager <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html>`_ in the *Amazon Aurora User Guide.* Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters Constraints: - Can't manage the master user password with AWS Secrets Manager if ``MasterUserPassword`` is specified.
-        :param master_user_authentication_type: Specifies the authentication type for the master user. With IAM master user authentication, you can configure the master DB user with IAM database authentication when you create a DB cluster. You can specify one of the following values: - ``password`` - Use standard database authentication with a password. - ``iam-db-auth`` - Use IAM database authentication for the master user. Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters This option is only valid for RDS for PostgreSQL and Aurora PostgreSQL engines.
+        :param master_user_authentication_type: Specifies the authentication type for the master user. With IAM master user authentication, you can configure the master DB user with IAM database authentication when you create a DB cluster. You can specify one of the following values: - ``password`` - Use standard database authentication with a password. - ``iam-db-auth`` - Use IAM database authentication for the master user. Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters This option is only valid for RDS for MySQL, RDS for MariaDB, RDS for PostgreSQL, Aurora MySQL, and Aurora PostgreSQL engines.
         :param master_username: The name of the master user for the DB cluster. .. epigraph:: If you specify the ``SourceDBClusterIdentifier`` , ``SnapshotIdentifier`` , or ``GlobalClusterIdentifier`` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. Valid for: Aurora DB clusters and Multi-AZ DB clusters
         :param master_user_password: The master password for the DB instance. .. epigraph:: If you specify the ``SourceDBClusterIdentifier`` , ``SnapshotIdentifier`` , or ``GlobalClusterIdentifier`` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. Valid for: Aurora DB clusters and Multi-AZ DB clusters
         :param master_user_secret: The secret managed by RDS in AWS Secrets Manager for the master user password. .. epigraph:: When you restore a DB cluster from a snapshot, Amazon RDS generates a new secret instead of reusing the secret specified in the ``SecretArn`` property. This ensures that the restored DB cluster is securely managed with a dedicated secret. To maintain consistent integration with your application, you might need to update resource configurations to reference the newly created secret. For more information, see `Password management with AWS Secrets Manager <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html>`_ in the *Amazon RDS User Guide* and `Password management with AWS Secrets Manager <https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html>`_ in the *Amazon Aurora User Guide.*
@@ -39099,7 +39124,7 @@ class CfnDBInstance(
         :param kms_key_id: The ARN of the AWS KMS key that's used to encrypt the DB instance, such as ``arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef`` . If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default KMS key. If you specify this property, you must set the StorageEncrypted property to true. If you specify the ``SourceDBInstanceIdentifier`` or ``SourceDbiResourceId`` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified ``KmsKeyId`` property is used. However, if the source DB instance is in a different AWS Region, you must specify a KMS key ID. If you specify the ``SourceDBInstanceAutomatedBackupsArn`` property, don't specify this property. The value is inherited from the source DB instance automated backup, and if the automated backup is encrypted, the specified ``KmsKeyId`` property is used. If you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region. If you specify the ``DBSnapshotIdentifier`` property, don't specify this property. The ``StorageEncrypted`` property value is inherited from the snapshot. If the DB instance is encrypted, the specified ``KmsKeyId`` property is also inherited from the snapshot. If you specify ``DBSecurityGroups`` , AWS CloudFormation ignores this property. To specify both a security group and this property, you must use a VPC security group. For more information about Amazon RDS and VPC, see `Using Amazon RDS with Amazon VPC <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html>`_ in the *Amazon RDS User Guide* . *Amazon Aurora* Not applicable. The KMS key identifier is managed by the DB cluster.
         :param license_model: License model information for this DB instance. Valid Values: - Aurora MySQL - ``general-public-license`` - Aurora PostgreSQL - ``postgresql-license`` - RDS for Db2 - ``bring-your-own-license`` . For more information about RDS for Db2 licensing, see ` <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-licensing.html>`_ in the *Amazon RDS User Guide.* - RDS for MariaDB - ``general-public-license`` - RDS for Microsoft SQL Server - ``license-included`` - RDS for MySQL - ``general-public-license`` - RDS for Oracle - ``bring-your-own-license`` or ``license-included`` - RDS for PostgreSQL - ``postgresql-license`` .. epigraph:: If you've specified ``DBSecurityGroups`` and then you update the license model, AWS CloudFormation replaces the underlying DB instance. This will incur some interruptions to database availability.
         :param manage_master_user_password: Specifies whether to manage the master user password with AWS Secrets Manager. For more information, see `Password management with AWS Secrets Manager <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html>`_ in the *Amazon RDS User Guide.* Constraints: - Can't manage the master user password with AWS Secrets Manager if ``MasterUserPassword`` is specified.
-        :param master_user_authentication_type: Specifies the authentication type for the master user. With IAM master user authentication, you can configure the master DB user with IAM database authentication when you create a DB instance. You can specify one of the following values: - ``password`` - Use standard database authentication with a password. - ``iam-db-auth`` - Use IAM database authentication for the master user. This option is only valid for RDS for PostgreSQL and Aurora PostgreSQL engines.
+        :param master_user_authentication_type: Specifies the authentication type for the master user. With IAM master user authentication, you can configure the master DB user with IAM database authentication when you create a DB instance. You can specify one of the following values: - ``password`` - Use standard database authentication with a password. - ``iam-db-auth`` - Use IAM database authentication for the master user. This option is only valid for RDS for MySQL, RDS for MariaDB, RDS for PostgreSQL, Aurora MySQL, and Aurora PostgreSQL engines.
         :param master_username: The master user name for the DB instance. .. epigraph:: If you specify the ``SourceDBInstanceIdentifier`` or ``DBSnapshotIdentifier`` property, don't specify this property. The value is inherited from the source DB instance or snapshot. When migrating a self-managed Db2 database, we recommend that you use the same master username as your self-managed Db2 instance name. *Amazon Aurora* Not applicable. The name for the master user is managed by the DB cluster. *RDS for Db2* Constraints: - Must be 1 to 16 letters or numbers. - First character must be a letter. - Can't be a reserved word for the chosen database engine. *RDS for MariaDB* Constraints: - Must be 1 to 16 letters or numbers. - Can't be a reserved word for the chosen database engine. *RDS for Microsoft SQL Server* Constraints: - Must be 1 to 128 letters or numbers. - First character must be a letter. - Can't be a reserved word for the chosen database engine. *RDS for MySQL* Constraints: - Must be 1 to 16 letters or numbers. - First character must be a letter. - Can't be a reserved word for the chosen database engine. *RDS for Oracle* Constraints: - Must be 1 to 30 letters or numbers. - First character must be a letter. - Can't be a reserved word for the chosen database engine. *RDS for PostgreSQL* Constraints: - Must be 1 to 63 letters or numbers. - First character must be a letter. - Can't be a reserved word for the chosen database engine.
         :param master_user_password: The password for the master user. The password can include any printable ASCII character except "/", """, or "@". *Amazon Aurora* Not applicable. The password for the master user is managed by the DB cluster. *RDS for Db2* Must contain from 8 to 255 characters. *RDS for MariaDB* Constraints: Must contain from 8 to 41 characters. *RDS for Microsoft SQL Server* Constraints: Must contain from 8 to 128 characters. *RDS for MySQL* Constraints: Must contain from 8 to 41 characters. *RDS for Oracle* Constraints: Must contain from 8 to 30 characters. *RDS for PostgreSQL* Constraints: Must contain from 8 to 128 characters.
         :param master_user_secret: The secret managed by RDS in AWS Secrets Manager for the master user password. For more information, see `Password management with AWS Secrets Manager <https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html>`_ in the *Amazon RDS User Guide.*
@@ -41547,12 +41572,12 @@ class CfnDBProxy(
         :param vpc_subnet_ids: One or more VPC subnet IDs to associate with the new proxy.
         :param auth: The authorization mechanism that the proxy uses.
         :param debug_logging: Specifies whether the proxy logs detailed connection and query information. When you enable ``DebugLogging`` , the proxy captures connection details and connection pool behavior from your queries. Debug logging increases CloudWatch costs and can impact proxy performance. Enable this option only when you need to troubleshoot connection or performance issues.
-        :param default_auth_scheme: The default authentication scheme that the proxy uses for client connections to the proxy and connections from the proxy to the underlying database.
-        :param endpoint_network_type: The network type of the DB proxy endpoint. The network type determines the IP version that the proxy endpoint supports.
+        :param default_auth_scheme: The default authentication scheme that the proxy uses for client connections to the proxy and connections from the proxy to the underlying database. Valid values are ``NONE`` and ``IAM_AUTH`` . When set to ``IAM_AUTH`` , the proxy uses end-to-end IAM authentication to connect to the database.
+        :param endpoint_network_type: The network type of the DB proxy endpoint. The network type determines the IP version that the proxy endpoint supports. Valid values: - ``IPV4`` - The proxy endpoint supports IPv4 only. - ``IPV6`` - The proxy endpoint supports IPv6 only. - ``DUAL`` - The proxy endpoint supports both IPv4 and IPv6.
         :param idle_client_timeout: The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.
         :param require_tls: Specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy. By enabling this setting, you can enforce encrypted TLS connections to the proxy.
         :param tags: An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.
-        :param target_connection_network_type: The network type that the proxy uses to connect to the target database. The network type determines the IP version that the proxy uses for connections to the database.
+        :param target_connection_network_type: The network type that the proxy uses to connect to the target database. The network type determines the IP version that the proxy uses for connections to the database. Valid values: - ``IPV4`` - The proxy connects to the database using IPv4 only. - ``IPV6`` - The proxy connects to the database using IPv6 only.
         :param vpc_security_group_ids: One or more VPC security group IDs to associate with the new proxy. If you plan to update the resource, don't specify VPC security groups in a shared VPC.
         '''
         if __debug__:
@@ -42105,7 +42130,7 @@ class CfnDBProxyEndpoint(
         :param db_proxy_endpoint_name: The name of the DB proxy endpoint to create.
         :param db_proxy_name: The name of the DB proxy associated with the DB proxy endpoint that you create.
         :param vpc_subnet_ids: The VPC subnet IDs for the DB proxy endpoint that you create. You can specify a different set of subnet IDs than for the original DB proxy.
-        :param endpoint_network_type: The network type of the DB proxy endpoint. The network type determines the IP version that the proxy endpoint supports.
+        :param endpoint_network_type: The network type of the DB proxy endpoint. The network type determines the IP version that the proxy endpoint supports. Valid values: - ``IPV4`` - The proxy endpoint supports IPv4 only. - ``IPV6`` - The proxy endpoint supports IPv6 only. - ``DUAL`` - The proxy endpoint supports both IPv4 and IPv6.
         :param tags: An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.
         :param target_role: A value that indicates whether the DB proxy endpoint can be used for read/write or read-only operations.
         :param vpc_security_group_ids: The VPC security group IDs for the DB proxy endpoint that you create. You can specify a different set of security group IDs than for the original DB proxy. The default is the default security group for the VPC.
@@ -43743,6 +43768,27 @@ class CfnEventSubscription(
 
         jsii.create(self.__class__, self, [scope, id, props])
 
+    @jsii.member(jsii_name="fromSubscriptionName")
+    @builtins.classmethod
+    def from_subscription_name(
+        cls,
+        scope: _constructs_77d1e7e8.Construct,
+        id: builtins.str,
+        subscription_name: builtins.str,
+    ) -> IEventSubscriptionRef:
+        '''Creates a new IEventSubscriptionRef from a subscriptionName.
+
+        :param scope: -
+        :param id: -
+        :param subscription_name: -
+        '''
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__7bdfa9104a39f2dfe7d880f6e5eebfe1ae057b0ab24bc4fcb634ae8c611941a9)
+            check_type(argname="argument scope", value=scope, expected_type=type_hints["scope"])
+            check_type(argname="argument id", value=id, expected_type=type_hints["id"])
+            check_type(argname="argument subscription_name", value=subscription_name, expected_type=type_hints["subscription_name"])
+        return typing.cast(IEventSubscriptionRef, jsii.sinvoke(cls, "fromSubscriptionName", [scope, id, subscription_name]))
+
     @jsii.member(jsii_name="inspect")
     def inspect(self, inspector: _TreeInspector_488e0dd5) -> None:
         '''Examines the CloudFormation resource and discloses attributes.
@@ -44537,6 +44583,27 @@ class CfnOptionGroup(
 
         jsii.create(self.__class__, self, [scope, id, props])
 
+    @jsii.member(jsii_name="fromOptionGroupName")
+    @builtins.classmethod
+    def from_option_group_name(
+        cls,
+        scope: _constructs_77d1e7e8.Construct,
+        id: builtins.str,
+        option_group_name: builtins.str,
+    ) -> IOptionGroupRef:
+        '''Creates a new IOptionGroupRef from a optionGroupName.
+
+        :param scope: -
+        :param id: -
+        :param option_group_name: -
+        '''
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__09473afac0fca649ab82afad01fdeee2e7355a6469089e5d88ea99ee003a79de)
+            check_type(argname="argument scope", value=scope, expected_type=type_hints["scope"])
+            check_type(argname="argument id", value=id, expected_type=type_hints["id"])
+            check_type(argname="argument option_group_name", value=option_group_name, expected_type=type_hints["option_group_name"])
+        return typing.cast(IOptionGroupRef, jsii.sinvoke(cls, "fromOptionGroupName", [scope, id, option_group_name]))
+
     @jsii.member(jsii_name="inspect")
     def inspect(self, inspector: _TreeInspector_488e0dd5) -> None:
         '''Examines the CloudFormation resource and discloses attributes.
@@ -55803,6 +55870,14 @@ def _typecheckingstub__0c5db068cdeb685ae34885c6eea1acaa01b83ca0af2c63429f3a30e0a
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__7bdfa9104a39f2dfe7d880f6e5eebfe1ae057b0ab24bc4fcb634ae8c611941a9(
+    scope: _constructs_77d1e7e8.Construct,
+    id: builtins.str,
+    subscription_name: builtins.str,
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__31f076db464d46bf940b81eae58c6d887f3b50913e8d41f1e9eaf45eecb21f4a(
     inspector: _TreeInspector_488e0dd5,
 ) -> None:
@@ -56030,6 +56105,14 @@ def _typecheckingstub__160a45fe55c01086901039aa8bde8bd5ace11ff967acd2154abcc9137
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__09473afac0fca649ab82afad01fdeee2e7355a6469089e5d88ea99ee003a79de(
+    scope: _constructs_77d1e7e8.Construct,
+    id: builtins.str,
+    option_group_name: builtins.str,
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__695e11a3e4e7e1f79549d5c0920ec62fd0456898c348576c7f6eab74e91d5cd8(
     inspector: _TreeInspector_488e0dd5,
 ) -> None:

aws_cdk/aws_redshift/__init__.py

@@ -4740,6 +4740,27 @@ class CfnClusterParameterGroup(
 
         jsii.create(self.__class__, self, [scope, id, props])
 
+    @jsii.member(jsii_name="fromParameterGroupName")
+    @builtins.classmethod
+    def from_parameter_group_name(
+        cls,
+        scope: _constructs_77d1e7e8.Construct,
+        id: builtins.str,
+        parameter_group_name: builtins.str,
+    ) -> IClusterParameterGroupRef:
+        '''Creates a new IClusterParameterGroupRef from a parameterGroupName.
+
+        :param scope: -
+        :param id: -
+        :param parameter_group_name: -
+        '''
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__a4fcc0dd642456f37020bcfe38fd9cfd482cbd79750adda84ea8706f1e6df408)
+            check_type(argname="argument scope", value=scope, expected_type=type_hints["scope"])
+            check_type(argname="argument id", value=id, expected_type=type_hints["id"])
+            check_type(argname="argument parameter_group_name", value=parameter_group_name, expected_type=type_hints["parameter_group_name"])
+        return typing.cast(IClusterParameterGroupRef, jsii.sinvoke(cls, "fromParameterGroupName", [scope, id, parameter_group_name]))
+
     @jsii.member(jsii_name="inspect")
     def inspect(self, inspector: _TreeInspector_488e0dd5) -> None:
         '''Examines the CloudFormation resource and discloses attributes.
@@ -7985,6 +8006,14 @@ def _typecheckingstub__a4414ca463de61620f73bf7c02eb829639136d7dcc505964ba4d9e961
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__a4fcc0dd642456f37020bcfe38fd9cfd482cbd79750adda84ea8706f1e6df408(
+    scope: _constructs_77d1e7e8.Construct,
+    id: builtins.str,
+    parameter_group_name: builtins.str,
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__33c3f5debe7a54728cc11b0bbd4cd3ef9a8b793416272ffb149cec7294e16c50(
     inspector: _TreeInspector_488e0dd5,
 ) -> None:

aws_cdk/aws_rekognition/__init__.py

@@ -894,6 +894,48 @@ class CfnCollection(
 
         jsii.create(self.__class__, self, [scope, id, props])
 
+    @jsii.member(jsii_name="fromCollectionArn")
+    @builtins.classmethod
+    def from_collection_arn(
+        cls,
+        scope: _constructs_77d1e7e8.Construct,
+        id: builtins.str,
+        arn: builtins.str,
+    ) -> ICollectionRef:
+        '''Creates a new ICollectionRef from an ARN.
+
+        :param scope: -
+        :param id: -
+        :param arn: -
+        '''
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__7d3242f1abddcc1ee90dcbc46a3d9b120bee7e515a9b64e3c5e40a76de6243d8)
+            check_type(argname="argument scope", value=scope, expected_type=type_hints["scope"])
+            check_type(argname="argument id", value=id, expected_type=type_hints["id"])
+            check_type(argname="argument arn", value=arn, expected_type=type_hints["arn"])
+        return typing.cast(ICollectionRef, jsii.sinvoke(cls, "fromCollectionArn", [scope, id, arn]))
+
+    @jsii.member(jsii_name="fromCollectionId")
+    @builtins.classmethod
+    def from_collection_id(
+        cls,
+        scope: _constructs_77d1e7e8.Construct,
+        id: builtins.str,
+        collection_id: builtins.str,
+    ) -> ICollectionRef:
+        '''Creates a new ICollectionRef from a collectionId.
+
+        :param scope: -
+        :param id: -
+        :param collection_id: -
+        '''
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__89f83cbadab9414e3b2967333d4e4e07e55a46297b44ac738dc482fd7c58c1e2)
+            check_type(argname="argument scope", value=scope, expected_type=type_hints["scope"])
+            check_type(argname="argument id", value=id, expected_type=type_hints["id"])
+            check_type(argname="argument collection_id", value=collection_id, expected_type=type_hints["collection_id"])
+        return typing.cast(ICollectionRef, jsii.sinvoke(cls, "fromCollectionId", [scope, id, collection_id]))
+
     @jsii.member(jsii_name="inspect")
     def inspect(self, inspector: _TreeInspector_488e0dd5) -> None:
         '''Examines the CloudFormation resource and discloses attributes.
@@ -1022,6 +1064,27 @@ class CfnProject(
 
         jsii.create(self.__class__, self, [scope, id, props])
 
+    @jsii.member(jsii_name="fromProjectArn")
+    @builtins.classmethod
+    def from_project_arn(
+        cls,
+        scope: _constructs_77d1e7e8.Construct,
+        id: builtins.str,
+        arn: builtins.str,
+    ) -> IProjectRef:
+        '''Creates a new IProjectRef from an ARN.
+
+        :param scope: -
+        :param id: -
+        :param arn: -
+        '''
+        if __debug__:
+            type_hints = typing.get_type_hints(_typecheckingstub__47ff058de186dbda01a49e6a1edc4d38fbfae207c99297e978eec7bfb197497d)
+            check_type(argname="argument scope", value=scope, expected_type=type_hints["scope"])
+            check_type(argname="argument id", value=id, expected_type=type_hints["id"])
+            check_type(argname="argument arn", value=arn, expected_type=type_hints["arn"])
+        return typing.cast(IProjectRef, jsii.sinvoke(cls, "fromProjectArn", [scope, id, arn]))
+
     @jsii.member(jsii_name="inspect")
     def inspect(self, inspector: _TreeInspector_488e0dd5) -> None:
         '''Examines the CloudFormation resource and discloses attributes.
@@ -2235,6 +2298,22 @@ def _typecheckingstub__001405b167561982ca01f91c85c5f23fd1bfd335896f67495614aef9f
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__7d3242f1abddcc1ee90dcbc46a3d9b120bee7e515a9b64e3c5e40a76de6243d8(
+    scope: _constructs_77d1e7e8.Construct,
+    id: builtins.str,
+    arn: builtins.str,
+) -> None:
+    """Type checking stubs"""
+    pass
+
+def _typecheckingstub__89f83cbadab9414e3b2967333d4e4e07e55a46297b44ac738dc482fd7c58c1e2(
+    scope: _constructs_77d1e7e8.Construct,
+    id: builtins.str,
+    collection_id: builtins.str,
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__6b782257f4d64c4abcb4d4415ba27cde118213945920a4b2608a0dc326e124dc(
     inspector: _TreeInspector_488e0dd5,
 ) -> None:
@@ -2268,6 +2347,14 @@ def _typecheckingstub__14434bd621070d38889fc701fc289b3379981bee9c73fd7502773f1ee
     """Type checking stubs"""
     pass
 
+def _typecheckingstub__47ff058de186dbda01a49e6a1edc4d38fbfae207c99297e978eec7bfb197497d(
+    scope: _constructs_77d1e7e8.Construct,
+    id: builtins.str,
+    arn: builtins.str,
+) -> None:
+    """Type checking stubs"""
+    pass
+
 def _typecheckingstub__0172e641847a31da5e6877581313d2ece51b9650bcb74b1b80ba13e563323cc0(
     inspector: _TreeInspector_488e0dd5,
 ) -> None: