aws-cdk-lib 2.73.0__py3-none-any.whl → 2.76.0__py3-none-any.whl

aws_cdk/__init__.py

@@ -29,10 +29,8 @@ According to the kind of project you are developing:
 You can use a classic import to get access to each service namespaces:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 from aws_cdk import Stack, App, aws_s3 as s3
 
-
 app = App()
 stack = Stack(app, "TestStack")
 
@@ -44,11 +42,9 @@ s3.Bucket(stack, "TestBucket")
 Alternatively, you can use "barrel" imports:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 from aws_cdk import App, Stack
 from aws_cdk.aws_s3 import Bucket
 
-
 app = App()
 stack = Stack(app, "TestStack")
 
@@ -122,7 +118,6 @@ Each of these synthesizers takes configuration arguments. To configure
 a stack with a synthesizer, pass it as one of its properties:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 MyStack(app, "MyStack",
     synthesizer=DefaultStackSynthesizer(
         file_assets_bucket_name="my-orgs-asset-bucket"
@@ -144,7 +139,6 @@ For example, assume that you have a load balancer configuration that you use for
 The following example will define a single top-level stack that contains two nested stacks: each one with a single Amazon S3 bucket:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 class MyNestedStack(cfn.NestedStack):
     def __init__(self, scope, id, *, parameters=None, timeout=None, notifications=None):
         super().__init__(scope, id, parameters=parameters, timeout=timeout, notifications=notifications)
@@ -176,7 +170,6 @@ which defines an Amazon S3 bucket. Then it defines a second stack, `stack2`,
 which takes the bucket from stack1 as a constructor property.
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 prod = {"account": "123456789012", "region": "us-east-1"}
 
 stack1 = StackThatProvidesABucket(app, "Stack1", env=prod)
@@ -207,7 +200,6 @@ enabled it is possible to do something like creating a CloudFront distribution i
 an ACM certificate in `us-east-1`.
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 stack1 = Stack(app, "Stack1",
     env=Environment(
         region="us-east-1"
@@ -291,7 +283,6 @@ An instance of Duration is constructed by using one of the static factory
 methods on it:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 Duration.seconds(300) # 5 minutes
 Duration.minutes(5) # 5 minutes
 Duration.hours(1) # 1 hour
@@ -302,7 +293,6 @@ Duration.parse("PT5M")
 Durations can be added or subtracted together:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 Duration.minutes(1).plus(Duration.seconds(60)) # 2 minutes
 Duration.minutes(5).minus(Duration.seconds(10))
 ```
@@ -315,7 +305,6 @@ To make specification of digital storage quantities unambiguous, a class called
 An instance of `Size` is initialized through one of its static factory methods:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 Size.kibibytes(200) # 200 KiB
 Size.mebibytes(5) # 5 MiB
 Size.gibibytes(40) # 40 GiB
@@ -328,7 +317,6 @@ By default, conversion to a higher unit will fail if the conversion does not pro
 a whole number. This can be overridden by unsetting `integral` property.
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 Size.mebibytes(2).to_kibibytes() # yields 2048
 Size.kibibytes(2050).to_mebibytes(rounding=SizeRoundingBehavior.FLOOR)
 ```
@@ -342,7 +330,6 @@ a password or an access key) will take a parameter of type `SecretValue`.
 The best practice is to store secrets in AWS Secrets Manager and reference them using `SecretValue.secretsManager`:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 secret = SecretValue.secrets_manager("secretId",
     json_field="password",  # optional: key of a JSON field to retrieve (defaults to all content),
     version_id="id",  # optional: id of the version (default AWSCURRENT)
@@ -385,7 +372,6 @@ this purpose.
 use the region and account of the stack you're calling it on:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 # stack: Stack
 
 
@@ -404,7 +390,6 @@ but in case of a deploy-time value be aware that the result will be another
 deploy-time value which cannot be inspected in the CDK application.
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 # stack: Stack
 
 
@@ -446,7 +431,6 @@ following creates a single object that represents a dependency on two
 constructs, `constructB` and `constructC`:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 # Declare the dependable object
 b_and_c = DependencyGroup()
 b_and_c.add(construct_b)
@@ -499,7 +483,6 @@ of arbitrarily many custom resource definitions. A single definition looks like
 this:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 CustomResource(self, "MyMagicalResource",
     resource_type="Custom::MyCustomResource",  # must start with 'Custom::'
 
@@ -553,7 +536,6 @@ Here is a basic pattern for defining stack singletons in the CDK. The following
 examples ensures that only a single SNS topic is defined:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 def get_or_create(self, scope):
     stack = Stack.of(scope)
     uniqueid = "GloballyUniqueIdForSingleton" # For example, a UUID from `uuidgen`
@@ -579,7 +561,6 @@ CloudFormation service.
 Set `serviceToken` to `topic.topicArn`  in order to use this provider:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 topic = sns.Topic(self, "MyProvider")
 
 CustomResource(self, "MyResource",
@@ -600,7 +581,6 @@ response to the CloudFormation service and handle various error cases.
 Set `serviceToken` to `lambda.functionArn` to use this provider:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 fn = lambda_.Function(self, "MyProvider", function_props)
 
 CustomResource(self, "MyResource",
@@ -625,7 +605,6 @@ The provider has a built-in singleton method which uses the resource type as a
 stack-unique identifier and returns the service token:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 service_token = CustomResourceProvider.get_or_create(self, "Custom::MyCustomResourceType",
     code_directory=f"{__dirname}/my-handler",
     runtime=CustomResourceProviderRuntime.NODEJS_14_X,
@@ -701,8 +680,8 @@ exports.handler = async (e) => {
 `sum.ts`:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
-from aws_cdk.core import Construct, CustomResource, CustomResourceProvider, CustomResourceProviderRuntime, Token
+from constructs import Construct
+from aws_cdk import CustomResource, CustomResourceProvider, CustomResourceProviderRuntime, Token
 
 class Sum(Construct):
 
@@ -730,7 +709,6 @@ class Sum(Construct):
 Usage will look like this:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 sum = Sum(self, "MySum", lhs=40, rhs=2)
 CfnOutput(self, "Result", value=Token.as_string(sum.result))
 ```
@@ -739,7 +717,6 @@ To access the ARN of the provider's AWS Lambda function role, use the `getOrCrea
 built-in singleton method:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 provider = CustomResourceProvider.get_or_create_provider(self, "Custom::MyCustomResourceType",
     code_directory=f"{__dirname}/my-handler",
     runtime=CustomResourceProviderRuntime.NODEJS_14_X
@@ -753,7 +730,6 @@ This role ARN can then be used in resource-based IAM policies.
 To add IAM policy statements to this role, use `addToRolePolicy()`:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 provider = CustomResourceProvider.get_or_create_provider(self, "Custom::MyCustomResourceType",
     code_directory=f"{__dirname}/my-handler",
     runtime=CustomResourceProviderRuntime.NODEJS_14_X
@@ -782,7 +758,6 @@ allows implementing providers that can take up to two hours to stabilize.
 Set `serviceToken` to `provider.serviceToken` to use this type of provider:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 provider = customresources.Provider(self, "MyProvider",
     on_event_handler=on_event_handler,
     is_complete_handler=is_complete_handler
@@ -807,7 +782,6 @@ CloudFormation [stack outputs](https://docs.aws.amazon.com/AWSCloudFormation/lat
 the `CfnOutput` class:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 CfnOutput(self, "OutputName",
     value=my_bucket.bucket_name,
     description="The name of an S3 bucket",  # Optional
@@ -827,7 +801,6 @@ stack to the AWS CDK).
 Template parameters can be added to a stack by using the `CfnParameter` class:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 CfnParameter(self, "MyParameter",
     type="Number",
     default=1337
@@ -840,7 +813,6 @@ placeholder tokens for the real value (`Token.isUnresolved()` would return `true
 for those):
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 param = CfnParameter(self, "ParameterName")
 
 # If the parameter is a String
@@ -864,7 +836,6 @@ instead, which guarantees the values produced are qualifying the designated
 stack, which is essential in cases where resources are shared cross-stack:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 # "this" is the current construct
 stack = Stack.of(self)
 
@@ -880,7 +851,6 @@ attributes](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-p
 accessing those through the `cfnOptions` property:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 raw_bucket = s3.CfnBucket(self, "Bucket")
 # -or-
 raw_bucket_alt = my_bucket.node.default_child
@@ -896,7 +866,6 @@ Resource dependencies (the `DependsOn` attribute) is modified using the
 `cfnResource.addDependency` method:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 resource_a = CfnResource(self, "ResourceA", resource_props)
 resource_b = CfnResource(self, "ResourceB", resource_props)
 
@@ -914,18 +883,17 @@ a property of the creationPolicy on the resource options. Setting it to true wil
 resources that depend on the fleet resource.
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
-fleet = CfnFleet(stack, "Fleet",
+fleet = appstream.CfnFleet(self, "Fleet",
     instance_type="stream.standard.small",
     name="Fleet",
-    compute_capacity={
-        "desired_instances": 1
-    },
+    compute_capacity=appstream.CfnFleet.ComputeCapacityProperty(
+        desired_instances=1
+    ),
     image_name="AppStream-AmazonLinux2-09-21-2022"
 )
-fleet.cfn_options.creation_policy = {
-    "start_fleet": True
-}
+fleet.cfn_options.creation_policy = CfnCreationPolicy(
+    start_fleet=True
+)
 ```
 
 The properties passed to the level 2 constructs `AutoScalingGroup` and `Instance` from the
@@ -938,11 +906,15 @@ The format of the timeout is `PT#H#M#S`. In the example below AWS Cloudformation
 `CREATE_COMPLETE`.
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
-resource.cfn_options.resource_signal = {
-    "count": 3,
-    "timeout": "PR15M"
-}
+# resource: CfnResource
+
+
+resource.cfn_options.creation_policy = CfnCreationPolicy(
+    resource_signal=CfnResourceSignal(
+        count=3,
+        timeout="PR15M"
+    )
+)
 ```
 
 ### Intrinsic Functions and Condition Expressions
@@ -952,7 +924,6 @@ can be accessed from the `Fn` class, which provides type-safe methods for each
 intrinsic function as well as condition expressions:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 # my_object_or_array: Any
 # my_array: Any
 
@@ -982,7 +953,6 @@ needs to be expressed with un-resolved values, it is necessary to use
 CloudFormation conditions by means of the `CfnCondition` class:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 environment_parameter = CfnParameter(self, "Environment")
 is_prod = CfnCondition(self, "IsProduction",
     expression=Fn.condition_equals("Production", environment_parameter)
@@ -1004,7 +974,6 @@ CloudFormation [mappings](https://docs.aws.amazon.com/AWSCloudFormation/latest/U
 `CfnMappings` class:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 region_table = CfnMapping(self, "RegionTable",
     mapping={
         "us-east-1": {
@@ -1040,7 +1009,6 @@ call to `findInMap` will be able to resolve the value during synthesis and simpl
 `'US East (Ohio)'`.
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 region_table = CfnMapping(self, "RegionTable",
     mapping={
         "us-east-1": {
@@ -1061,7 +1029,6 @@ since the top-level key is an unresolved token. The call to `findInMap` will ret
 `{ "Fn::FindInMap": [ "RegionTable", { "Ref": "AWS::Region" }, "regionName" ] }`.
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 # region_table: CfnMapping
 
 
@@ -1075,7 +1042,6 @@ for SSM parameters (including secure strings) and Secrets Manager. Encoding such
 references is done using the `CfnDynamicReference` class:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 CfnDynamicReference(CfnDynamicReferenceService.SECRETS_MANAGER, "secret-id:secret-string:json-key:version-stage:version-id")
 ```
 
@@ -1086,7 +1052,6 @@ CloudFormation templates support a number of options, including which Macros or
 configured using the `stack.templateOptions` property:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 stack = Stack(app, "StackName")
 
 stack.template_options.description = "This will appear in the AWS console"
@@ -1102,7 +1067,6 @@ The `CfnResource` class allows emitting arbitrary entries in the
 [Resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/resources-section-structure.html) section of the CloudFormation template.
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 CfnResource(self, "ResourceId",
     type="AWS::S3::Bucket",
     properties={
@@ -1122,7 +1086,6 @@ include fragments of an existing template verbatim in the synthesized template.
 This can be achieved using the `CfnInclude` class.
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 CfnInclude(self, "ID",
     template={
         "Resources": {
@@ -1147,7 +1110,6 @@ nested stacks belonging to that stack as well. You can enable termination protec
 on a stack by setting the `terminationProtection` prop to `true`.
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 stack = Stack(app, "StackName",
     termination_protection=True
 )
@@ -1160,7 +1122,6 @@ By default, termination protection is disabled.
 You can add a description of the stack in the same way as `StackProps`.
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 stack = Stack(app, "StackName",
     description="This is a description."
 )
@@ -1180,7 +1141,6 @@ The following example defines an IAM role which can only be assumed by
 principals that are tagged with a specific tag.
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 tag_param = CfnParameter(self, "TagName")
 
 string_equals = CfnJson(self, "ConditionJson",
@@ -1231,7 +1191,6 @@ top take precedence over those below).
 ### Examples of setting context
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 App(
     context={
         "@aws-cdk/core:newStyleStackSynthesis": True
@@ -1240,13 +1199,11 @@ App(
 ```
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 app = App()
 app.node.set_context("@aws-cdk/core:newStyleStackSynthesis", True)
 ```
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 App(
     post_cli_context={
         "@aws-cdk/core:newStyleStackSynthesis": True
@@ -1293,10 +1250,6 @@ to all roles within a specific construct scope. The most common use case would
 be to apply a permissions boundary at the `Stage` level.
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
-# app: App
-
-
 prod_stage = Stage(app, "ProdStage",
     permissions_boundary=PermissionsBoundary.from_name("cdk-${Qualifier}-PermissionsBoundary")
 )
@@ -1329,11 +1282,10 @@ To use one or more validation plugins in your application, use the
 `policyValidationBeta1` property of `Stage`:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 # globally for the entire app (an app is a stage)
 app = App(
     policy_validation_beta1=[
-        # These hypothetical classes implement IValidationPlugin:
+        # These hypothetical classes implement IPolicyValidationPluginBeta1:
         ThirdPartyPluginX(),
         ThirdPartyPluginY()
     ]
@@ -1341,7 +1293,9 @@ app = App(
 
 # only apply to a particular stage
 prod_stage = Stage(app, "ProdStage",
-    policy_validation_beta1=[...]
+    policy_validation_beta1=[
+        ThirdPartyPluginX()
+    ]
 )
 ```
 
@@ -1361,7 +1315,6 @@ report in JSON format, enable it using the `@aws-cdk/core:validationReportJson`
 context passing it directly to the application:
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
 app = App(
     context={"@aws-cdk/core:validationReportJson": True}
 )
@@ -1379,36 +1332,38 @@ the standard output.
 ### For plugin authors
 
 The communication protocol between the CDK core module and your policy tool is
-defined by the `IValidationPluginBeta1` interface. To create a new plugin you must
+defined by the `IPolicyValidationPluginBeta1` interface. To create a new plugin you must
 write a class that implements this interface. There are two things you need to
 implement: the plugin name (by overriding the `name` property), and the
 `validate()` method.
 
-The framework will call `validate()`, passing an `IValidationContextBeta1` object.
+The framework will call `validate()`, passing an `IPolicyValidationContextBeta1` object.
 The location of the templates to be validated is given by `templatePaths`. The
-plugin should return an instance of `ValidationPluginReportBeta1`. This object
+plugin should return an instance of `PolicyValidationPluginReportBeta1`. This object
 represents the report that the user wil receive at the end of the synthesis.
 
 ```python
-# Example automatically generated from non-compiling source. May contain errors.
-validate(context, ValidationContextBeta1)ValidationReportBeta1
-    # First read the templates using context.templatePaths...
-
-    # ...then perform the validation, and then compose and return the report.
-    # Using hard-coded values here for better clarity:
-    return {
-        "success": False,
-        "violations": [{
-            "rule_name": "CKV_AWS_117",
-            "recommendation": "Ensure that AWS Lambda function is configured inside a VPC",
-            "fix": "https://docs.bridgecrew.io/docs/ensure-that-aws-lambda-function-is-configured-inside-a-vpc-1",
-            "violating_resources": [{
-                "resource_name": "MyFunction3BAA72D1",
-                "template_path": "/home/johndoe/myapp/cdk.out/MyService.template.json",
-                "locations": "Properties/VpcConfig"
-            }]
-        }]
-    }
+@jsii.implements(IPolicyValidationPluginBeta1)
+class MyPlugin:
+
+    def validate(self, context):
+        # First read the templates using context.templatePaths...
+
+        # ...then perform the validation, and then compose and return the report.
+        # Using hard-coded values here for better clarity:
+        return PolicyValidationPluginReportBeta1(
+            success=False,
+            violations=[PolicyViolationBeta1(
+                rule_name="CKV_AWS_117",
+                description="Ensure that AWS Lambda function is configured inside a VPC",
+                fix="https://docs.bridgecrew.io/docs/ensure-that-aws-lambda-function-is-configured-inside-a-vpc-1",
+                violating_resources=[PolicyViolatingResourceBeta1(
+                    resource_logical_id="MyFunction3BAA72D1",
+                    template_path="/home/johndoe/myapp/cdk.out/MyService.template.json",
+                    locations=["Properties/VpcConfig"]
+                )]
+            )]
+        )
 ```
 
 Note that plugins are not allowed to modify anything in the cloud assembly. Any
@@ -1617,7 +1572,6 @@ class AppProps:
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
             app = App(
                 context={"@aws-cdk/core:validationReportJson": True}
             )
@@ -1754,7 +1708,6 @@ class AppProps:
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
             # context from the CLI and from `cdk.json` are stored in the
             # CDK_CONTEXT env variable
             cli_context = JSON.parse(process.env.CDK_CONTEXT)
@@ -4384,7 +4337,6 @@ class CfnConditionProps:
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
             raw_bucket = s3.CfnBucket(self, "Bucket")
             # -or-
             raw_bucket_alt = my_bucket.node.default_child
@@ -4694,7 +4646,6 @@ class CfnDynamicReferenceService(enum.Enum):
 
     Example::
 
-        # Example automatically generated from non-compiling source. May contain errors.
         CfnDynamicReference(CfnDynamicReferenceService.SECRETS_MANAGER, "secret-id:secret-string:json-key:version-stage:version-id")
     '''
 
@@ -5296,7 +5247,6 @@ class CfnJsonProps:
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
             tag_param = CfnParameter(self, "TagName")
             
             string_equals = CfnJson(self, "ConditionJson",
@@ -5488,7 +5438,6 @@ class CfnMappingProps:
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
             region_table = CfnMapping(self, "RegionTable",
                 mapping={
                     "us-east-1": {
@@ -6353,7 +6302,6 @@ class CfnParameterProps:
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
             CfnParameter(self, "MyParameter",
                 type="Number",
                 default=1337
@@ -6805,12 +6753,19 @@ class CfnResource(
 
     Example::
 
-        # Example automatically generated from non-compiling source. May contain errors.
-        # bucket: s3.Bucket
+        @jsii.implements(ITaggable)
+        class MyConstruct(Resource):
         
+            def __init__(self, scope, id):
+                super().__init__(scope, id)
         
-        cfn_bucket = bucket.node.find_child("Resource")
-        cfn_bucket.apply_removal_policy(RemovalPolicy.DESTROY)
+                CfnResource(self, "Resource",
+                    type="Whatever::The::Type",
+                    properties={
+                        # ...
+                        "Tags": self.tags.rendered_tags
+                    }
+                )
     '''
 
     def __init__(
@@ -6929,7 +6884,6 @@ class CfnResource(
 
         For example::
 
-           # Example automatically generated from non-compiling source. May contain errors.
            cfn_resource.add_override("Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes", ["myattribute"])
            cfn_resource.add_override("Properties.GlobalSecondaryIndexes.1.ProjectionType", "INCLUDE")
 
@@ -7382,11 +7336,19 @@ class CfnResourceProps:
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
-            resource_a = CfnResource(self, "ResourceA", resource_props)
-            resource_b = CfnResource(self, "ResourceB", resource_props)
+            @jsii.implements(ITaggable)
+            class MyConstruct(Resource):
+            
+                def __init__(self, scope, id):
+                    super().__init__(scope, id)
             
-            resource_b.add_dependency(resource_a)
+                    CfnResource(self, "Resource",
+                        type="Whatever::The::Type",
+                        properties={
+                            # ...
+                            "Tags": self.tags.rendered_tags
+                        }
+                    )
         '''
         if __debug__:
             type_hints = typing.get_type_hints(_typecheckingstub__4d1b62b09ffbab6ff0f59d664e89ba6054339a477f55c26bf979a6779e45c976)
@@ -7443,17 +7405,18 @@ class CfnResourceSignal:
         :param count: The number of success signals AWS CloudFormation must receive before it sets the resource status as CREATE_COMPLETE. If the resource receives a failure signal or doesn't receive the specified number of signals before the timeout period expires, the resource creation fails and AWS CloudFormation rolls the stack back.
         :param timeout: The length of time that AWS CloudFormation waits for the number of signals that was specified in the Count property. The timeout period starts after AWS CloudFormation starts creating the resource, and the timeout expires no sooner than the time you specify but can occur shortly thereafter. The maximum time that you can specify is 12 hours.
 
-        :exampleMetadata: fixture=_generated
+        :exampleMetadata: infused
 
         Example::
 
-            # The code below shows an example of how to instantiate this type.
-            # The values are placeholders you should change.
-            import aws_cdk as cdk
+            # resource: CfnResource
             
-            cfn_resource_signal = cdk.CfnResourceSignal(
-                count=123,
-                timeout="timeout"
+            
+            resource.cfn_options.creation_policy = CfnCreationPolicy(
+                resource_signal=CfnResourceSignal(
+                    count=3,
+                    timeout="PR15M"
+                )
             )
         '''
         if __debug__:
@@ -9724,14 +9687,15 @@ class CustomResourceProps:
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
-            provider = customresources.Provider(self, "MyProvider",
-                on_event_handler=on_event_handler,
-                is_complete_handler=is_complete_handler
+            service_token = CustomResourceProvider.get_or_create(self, "Custom::MyCustomResourceType",
+                code_directory=f"{__dirname}/my-handler",
+                runtime=CustomResourceProviderRuntime.NODEJS_14_X,
+                description="Lambda function created by the custom resource provider"
             )
             
             CustomResource(self, "MyResource",
-                service_token=provider.service_token
+                resource_type="Custom::MyCustomResourceType",
+                service_token=service_token
             )
         '''
         if __debug__:
@@ -9764,7 +9728,6 @@ class CustomResourceProps:
 
         Provider framework::
 
-           # Example automatically generated from non-compiling source. May contain errors.
            # use the provider framework from aws-cdk/custom-resources:
            provider = customresources.Provider(self, "ResourceProvider",
                on_event_handler=on_event_handler,
@@ -9778,7 +9741,6 @@ class CustomResourceProps:
         AWS Lambda function (not recommended to use AWS Lambda Functions directly,
         see the module README)::
 
-           # Example automatically generated from non-compiling source. May contain errors.
            # invoke an AWS Lambda function when a lifecycle event occurs:
            CustomResource(self, "MyResource",
                service_token=my_function.function_arn
@@ -9787,7 +9749,6 @@ class CustomResourceProps:
         SNS topic (not recommended to use AWS Lambda Functions directly, see the
         module README)::
 
-           # Example automatically generated from non-compiling source. May contain errors.
            # publish lifecycle events to an SNS topic:
            CustomResource(self, "MyResource",
                service_token=my_topic.topic_arn
@@ -9892,7 +9853,6 @@ class CustomResourceProvider(
 
     Example::
 
-        # Example automatically generated from non-compiling source. May contain errors.
         provider = CustomResourceProvider.get_or_create_provider(self, "Custom::MyCustomResourceType",
             code_directory=f"{__dirname}/my-handler",
             runtime=CustomResourceProviderRuntime.NODEJS_14_X
@@ -10051,7 +10011,6 @@ class CustomResourceProvider(
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
             # my_provider: CustomResourceProvider
             
             
@@ -10089,7 +10048,6 @@ class CustomResourceProvider(
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
             # my_provider: CustomResourceProvider
             
             
@@ -10143,7 +10101,6 @@ class CustomResourceProviderProps:
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
             provider = CustomResourceProvider.get_or_create_provider(self, "Custom::MyCustomResourceType",
                 code_directory=f"{__dirname}/my-handler",
                 runtime=CustomResourceProviderRuntime.NODEJS_14_X
@@ -10239,7 +10196,6 @@ class CustomResourceProviderProps:
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
             provider = CustomResourceProvider.get_or_create_provider(self, "Custom::MyCustomResourceType",
                 code_directory=f"{__dirname}/my-handler",
                 runtime=CustomResourceProviderRuntime.NODEJS_14_X,
@@ -10286,7 +10242,6 @@ class CustomResourceProviderRuntime(enum.Enum):
 
     Example::
 
-        # Example automatically generated from non-compiling source. May contain errors.
         provider = CustomResourceProvider.get_or_create_provider(self, "Custom::MyCustomResourceType",
             code_directory=f"{__dirname}/my-handler",
             runtime=CustomResourceProviderRuntime.NODEJS_14_X
@@ -10375,7 +10330,6 @@ class DefaultStackSynthesizerProps:
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
             MyStack(app, "MyStack",
                 synthesizer=DefaultStackSynthesizer(
                     file_assets_bucket_name="my-orgs-asset-bucket"
@@ -10859,7 +10813,6 @@ class DockerCacheOption:
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
             "registry"
         '''
         result = self._values.get("type")
@@ -10876,8 +10829,13 @@ class DockerCacheOption:
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
-            ref: `12345678.dkr.ecr.us-west-2.amazonaws.com/cache:${branch}`, mode"max"
+            # branch: str
+            
+            
+            params = {
+                "ref": f"12345678.dkr.ecr.us-west-2.amazonaws.com/cache:{branch}",
+                "mode": "max"
+            }
         '''
         result = self._values.get("params")
         return typing.cast(typing.Optional[typing.Mapping[builtins.str, builtins.str]], result)
@@ -11737,23 +11695,26 @@ class Duration(metaclass=jsii.JSIIMeta, jsii_type="aws-cdk-lib.Duration"):
     Example::
 
         # Example automatically generated from non-compiling source. May contain errors.
-        import aws_cdk.aws_cloudwatch as cloudwatch
+        import aws_cdk.aws_ecs as ecs
+        # cluster: ecs.ICluster
+        # task_definition: ecs.TaskDefinition
         
         
-        table = dynamodb.Table(self, "Table",
-            partition_key=dynamodb.Attribute(name="id", type=dynamodb.AttributeType.STRING)
+        rule = events.Rule(self, "Rule",
+            schedule=events.Schedule.rate(cdk.Duration.hours(1))
         )
         
-        metric = table.metric_throttled_requests_for_operations(
-            operations=[dynamodb.Operation.PUT_ITEM],
-            period=Duration.minutes(1)
-        )
-        
-        cloudwatch.Alarm(stack, "Alarm",
-            metric=metric,
-            evaluation_periods=1,
-            threshold=1
-        )
+        rule.add_target(
+            targets.EcsTask(
+                cluster=cluster,
+                task_definition=task_definition,
+                propagate_tags=ecs.PropagatedTagSource.TASK_DEFINITION,
+                tags=[targets.Tag(
+                    key="my-tag",
+                    value="my-tag-value"
+                )
+                ]
+            ))
     '''
 
     @jsii.member(jsii_name="days")
@@ -13028,20 +12989,13 @@ class Fn(metaclass=jsii.JSIIMeta, jsii_type="aws-cdk-lib.Fn"):
 
     Example::
 
-        import aws_cdk as cdk
-        
-        # destination_bucket: s3.Bucket
-        
+        # cfn_template: cfn_inc.CfnInclude
         
-        my_bucket_deployment = s3deploy.BucketDeployment(self, "DeployMeWithoutExtractingFilesOnDestination",
-            sources=[s3deploy.Source.asset(path.join(__dirname, "my-website"))],
-            destination_bucket=destination_bucket,
-            extract=False
-        )
+        # mutating the rule
+        # my_parameter: core.CfnParameter
         
-        cdk.CfnOutput(self, "ObjectKey",
-            value=cdk.Fn.select(0, my_bucket_deployment.object_keys)
-        )
+        rule = cfn_template.get_rule("MyRule")
+        rule.add_assertion(core.Fn.condition_contains(["m1.small"], my_parameter.value_as_string), "MyParameter has to be m1.small")
     '''
 
     @jsii.member(jsii_name="base64")
@@ -14591,29 +14545,27 @@ class IPolicyValidationPluginBeta1(typing_extensions.Protocol):
 
     Example::
 
-        # Example automatically generated from non-compiling source. May contain errors.
-        IValidationPlugin):
+        @jsii.implements(IPolicyValidationPluginBeta1)
+        class MyPlugin:
         
-        def is_ready(self):
-            # check if the plugin tool is installed
-            return True
+            def validate(self, context):
+                # First read the templates using context.templatePaths...
         
-        def validate(self, context):
-            template_paths = context.template_paths
-            # perform validation on the template
-            # if there are any failures report them
-            return {
-                "plugin_name": self.name,
-                "success": False,
-                "violations": [{
-                    "rule_name": "rule-name",
-                    "description": "description of the rule",
-                    "violating_resources": [{
-                        "resource_name": "FailingResource",
-                        "template_path": "/path/to/stack.template.json"
-                    }]
-                }]
-            }
+                # ...then perform the validation, and then compose and return the report.
+                # Using hard-coded values here for better clarity:
+                return PolicyValidationPluginReportBeta1(
+                    success=False,
+                    violations=[PolicyViolationBeta1(
+                        rule_name="CKV_AWS_117",
+                        description="Ensure that AWS Lambda function is configured inside a VPC",
+                        fix="https://docs.bridgecrew.io/docs/ensure-that-aws-lambda-function-is-configured-inside-a-vpc-1",
+                        violating_resources=[PolicyViolatingResourceBeta1(
+                            resource_logical_id="MyFunction3BAA72D1",
+                            template_path="/home/johndoe/myapp/cdk.out/MyService.template.json",
+                            locations=["Properties/VpcConfig"]
+                        )]
+                    )]
+                )
     '''
 
     @builtins.property
@@ -14622,6 +14574,18 @@ class IPolicyValidationPluginBeta1(typing_extensions.Protocol):
         '''The name of the plugin that will be displayed in the validation report.'''
         ...
 
+    @builtins.property
+    @jsii.member(jsii_name="ruleIds")
+    def rule_ids(self) -> typing.Optional[typing.List[builtins.str]]:
+        '''The list of rule IDs that the plugin will evaluate.
+
+        Used for analytics
+        purposes.
+
+        :default: - No rule is reported
+        '''
+        ...
+
     @builtins.property
     @jsii.member(jsii_name="version")
     def version(self) -> typing.Optional[builtins.str]:
@@ -14648,29 +14612,27 @@ class _IPolicyValidationPluginBeta1Proxy:
 
     Example::
 
-        # Example automatically generated from non-compiling source. May contain errors.
-        IValidationPlugin):
+        @jsii.implements(IPolicyValidationPluginBeta1)
+        class MyPlugin:
         
-        def is_ready(self):
-            # check if the plugin tool is installed
-            return True
+            def validate(self, context):
+                # First read the templates using context.templatePaths...
         
-        def validate(self, context):
-            template_paths = context.template_paths
-            # perform validation on the template
-            # if there are any failures report them
-            return {
-                "plugin_name": self.name,
-                "success": False,
-                "violations": [{
-                    "rule_name": "rule-name",
-                    "description": "description of the rule",
-                    "violating_resources": [{
-                        "resource_name": "FailingResource",
-                        "template_path": "/path/to/stack.template.json"
-                    }]
-                }]
-            }
+                # ...then perform the validation, and then compose and return the report.
+                # Using hard-coded values here for better clarity:
+                return PolicyValidationPluginReportBeta1(
+                    success=False,
+                    violations=[PolicyViolationBeta1(
+                        rule_name="CKV_AWS_117",
+                        description="Ensure that AWS Lambda function is configured inside a VPC",
+                        fix="https://docs.bridgecrew.io/docs/ensure-that-aws-lambda-function-is-configured-inside-a-vpc-1",
+                        violating_resources=[PolicyViolatingResourceBeta1(
+                            resource_logical_id="MyFunction3BAA72D1",
+                            template_path="/home/johndoe/myapp/cdk.out/MyService.template.json",
+                            locations=["Properties/VpcConfig"]
+                        )]
+                    )]
+                )
     '''
 
     __jsii_type__: typing.ClassVar[str] = "aws-cdk-lib.IPolicyValidationPluginBeta1"
@@ -14681,6 +14643,18 @@ class _IPolicyValidationPluginBeta1Proxy:
         '''The name of the plugin that will be displayed in the validation report.'''
         return typing.cast(builtins.str, jsii.get(self, "name"))
 
+    @builtins.property
+    @jsii.member(jsii_name="ruleIds")
+    def rule_ids(self) -> typing.Optional[typing.List[builtins.str]]:
+        '''The list of rule IDs that the plugin will evaluate.
+
+        Used for analytics
+        purposes.
+
+        :default: - No rule is reported
+        '''
+        return typing.cast(typing.Optional[typing.List[builtins.str]], jsii.get(self, "ruleIds"))
+
     @builtins.property
     @jsii.member(jsii_name="version")
     def version(self) -> typing.Optional[builtins.str]:
@@ -16927,7 +16901,6 @@ class PermissionsBoundary(
 
     Example::
 
-        # Example automatically generated from non-compiling source. May contain errors.
         # no permissions boundary for dev stage
         Stage(app, "DevStage")
         
@@ -16964,9 +16937,6 @@ class PermissionsBoundary(
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
-            # app: App
-            
             Stage(app, "ProdStage",
                 permissions_boundary=PermissionsBoundary.from_arn("arn:aws:iam::${AWS::AccountId}:policy/my-custom-permissions-boundary")
             )
@@ -16995,9 +16965,6 @@ class PermissionsBoundary(
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
-            # app: App
-            
             Stage(app, "ProdStage",
                 permissions_boundary=PermissionsBoundary.from_name("my-custom-permissions-boundary")
             )
@@ -17496,7 +17463,6 @@ class RemovalPolicy(enum.Enum):
     argument, you can always configure it by using the escape hatch mechanism,
     as shown in the following example::
 
-       # Example automatically generated from non-compiling source. May contain errors.
        # bucket: s3.Bucket
 
 
@@ -17903,7 +17869,26 @@ class Resource(
     metaclass=jsii.JSIIAbstractClass,
     jsii_type="aws-cdk-lib.Resource",
 ):
-    '''A construct which represents an AWS resource.'''
+    '''A construct which represents an AWS resource.
+
+    :exampleMetadata: infused
+
+    Example::
+
+        @jsii.implements(ITaggable)
+        class MyConstruct(Resource):
+        
+            def __init__(self, scope, id):
+                super().__init__(scope, id)
+        
+                CfnResource(self, "Resource",
+                    type="Whatever::The::Type",
+                    properties={
+                        # ...
+                        "Tags": self.tags.rendered_tags
+                    }
+                )
+    '''
 
     def __init__(
         self,
@@ -18503,13 +18488,16 @@ class SecretValue(
 
     Example::
 
-        amplify_app = amplify.App(self, "MyApp",
-            source_code_provider=amplify.GitHubSourceCodeProvider(
-                owner="<user>",
-                repository="<repo>",
-                oauth_token=SecretValue.secrets_manager("my-github-token")
-            ),
-            basic_auth=amplify.BasicAuth.from_credentials("username", SecretValue.secrets_manager("my-github-token"))
+        # my_hosted_zone: route53.IPublicHostedZone
+        
+        
+        ses.EmailIdentity(self, "Identity",
+            identity=ses.Identity.public_hosted_zone(my_hosted_zone),
+            dkim_identity=ses.DkimIdentity.byo_dkim(
+                private_key=SecretValue.secrets_manager("dkim-private-key"),
+                public_key="...base64-encoded-public-key...",
+                selector="selector"
+            )
         )
     '''
 
@@ -18681,7 +18669,6 @@ class SecretValue(
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
             # secret: SecretValue
             
             json_secret = {
@@ -19067,7 +19054,6 @@ class SizeConversionOptions:
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
             Size.mebibytes(2).to_kibibytes() # yields 2048
             Size.kibibytes(2050).to_mebibytes(rounding=SizeRoundingBehavior.FLOOR)
         '''
@@ -19107,7 +19093,6 @@ class SizeRoundingBehavior(enum.Enum):
 
     Example::
 
-        # Example automatically generated from non-compiling source. May contain errors.
         Size.mebibytes(2).to_kibibytes() # yields 2048
         Size.kibibytes(2050).to_mebibytes(rounding=SizeRoundingBehavior.FLOOR)
     '''
@@ -19281,7 +19266,6 @@ class Stack(
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
             # stack: Stack
             
             
@@ -19765,7 +19749,6 @@ class Stack(
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
             # After resolving, looks like
             "arn:aws:cloudformation:us-west-2:123456789012:stack/teststack/51af3dc0-da77-11e4-872e-1234567db123"
         '''
@@ -19886,7 +19869,6 @@ class StackProps:
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
             stack1 = Stack(app, "Stack1",
                 env=Environment(
                     region="us-east-1"
@@ -20010,7 +19992,6 @@ class StackProps:
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
             # Use a concrete account and region to deploy this stack to:
             # `.account` and `.region` will simply return these values.
             Stack(app, "Stack1",
@@ -20601,7 +20582,6 @@ class Stage(
 
     Example::
 
-        # Example automatically generated from non-compiling source. May contain errors.
         # pipeline: pipelines.CodePipeline
         
         preprod = MyApplicationStage(self, "PreProd")
@@ -20864,7 +20844,6 @@ class StageProps:
 
         Example::
 
-            # Example automatically generated from non-compiling source. May contain errors.
             # Use a concrete account and region to deploy this Stage to
             Stage(app, "Stage1",
                 env=Environment(account="123456789012", region="us-east-1")
@@ -21393,23 +21372,19 @@ class TagManager(metaclass=jsii.JSIIMeta, jsii_type="aws-cdk-lib.TagManager"):
 
     Example::
 
-        import * as cdk from '@aws-cdk/core';
-        
-        class MyConstruct extends cdk.Resource implements cdk.ITaggable {
-          public readonly tags = new cdk.TagManager(cdk.TagType.KEY_VALUE, 'Whatever::The::Type');
+        @jsii.implements(ITaggable)
+        class MyConstruct(Resource):
         
-          constructor(scope: cdk.Construct, id: string) {
-            super(scope, id);
+            def __init__(self, scope, id):
+                super().__init__(scope, id)
         
-            new cdk.CfnResource(this, 'Resource', {
-              type: 'Whatever::The::Type',
-              properties: {
-                // ...
-                Tags: this.tags.renderedTags,
-              },
-            });
-          }
-        }
+                CfnResource(self, "Resource",
+                    type="Whatever::The::Type",
+                    properties={
+                        # ...
+                        "Tags": self.tags.rendered_tags
+                    }
+                )
     '''
 
     def __init__(
@@ -21728,6 +21703,26 @@ class TagProps:
 
 @jsii.enum(jsii_type="aws-cdk-lib.TagType")
 class TagType(enum.Enum):
+    '''
+    :exampleMetadata: infused
+
+    Example::
+
+        @jsii.implements(ITaggable)
+        class MyConstruct(Resource):
+        
+            def __init__(self, scope, id):
+                super().__init__(scope, id)
+        
+                CfnResource(self, "Resource",
+                    type="Whatever::The::Type",
+                    properties={
+                        # ...
+                        "Tags": self.tags.rendered_tags
+                    }
+                )
+    '''
+
     STANDARD = "STANDARD"
     AUTOSCALING_GROUP = "AUTOSCALING_GROUP"
     MAP = "MAP"
@@ -21742,7 +21737,6 @@ class Tags(metaclass=jsii.JSIIMeta, jsii_type="aws-cdk-lib.Tags"):
 
     Example::
 
-        # Example automatically generated from non-compiling source. May contain errors.
         # mesh: appmesh.Mesh
         # service: cloudmap.Service
         
@@ -21754,13 +21748,13 @@ class Tags(metaclass=jsii.JSIIMeta, jsii_type="aws-cdk-lib.Tags"):
                 port=8080,
                 health_check=appmesh.HealthCheck.http(
                     healthy_threshold=3,
-                    interval=cdk.Duration.seconds(5),
+                    interval=Duration.seconds(5),
                     path="/ping",
-                    timeout=cdk.Duration.seconds(2),
+                    timeout=Duration.seconds(2),
                     unhealthy_threshold=2
                 ),
                 timeout=appmesh.HttpTimeout(
-                    idle=cdk.Duration.seconds(5)
+                    idle=Duration.seconds(5)
                 )
             )],
             backend_defaults=appmesh.BackendDefaults(
@@ -26408,7 +26402,6 @@ class CfnDynamicReference(
 
     Example::
 
-        # Example automatically generated from non-compiling source. May contain errors.
         CfnDynamicReference(CfnDynamicReferenceService.SECRETS_MANAGER, "secret-id:secret-string:json-key:version-stage:version-id")
     '''
 
@@ -27090,7 +27083,6 @@ class CfnJson(
 
     Example::
 
-        # Example automatically generated from non-compiling source. May contain errors.
         tag_param = CfnParameter(self, "TagName")
         
         string_equals = CfnJson(self, "ConditionJson",
@@ -27354,7 +27346,6 @@ class CfnMapping(
 
     Example::
 
-        # Example automatically generated from non-compiling source. May contain errors.
         region_table = CfnMapping(self, "RegionTable",
             mapping={
                 "us-east-1": {
@@ -30664,16 +30655,15 @@ class CustomResource(
 
     Example::
 
-        # Example automatically generated from non-compiling source. May contain errors.
-        # my_provider: CustomResourceProvider
-        
+        service_token = CustomResourceProvider.get_or_create(self, "Custom::MyCustomResourceType",
+            code_directory=f"{__dirname}/my-handler",
+            runtime=CustomResourceProviderRuntime.NODEJS_14_X,
+            description="Lambda function created by the custom resource provider"
+        )
         
-        CustomResource(self, "MyCustomResource",
-            service_token=my_provider.service_token,
-            properties={
-                "my_property_one": "one",
-                "my_property_two": "two"
-            }
+        CustomResource(self, "MyResource",
+            resource_type="Custom::MyCustomResourceType",
+            service_token=service_token
         )
     '''
 
@@ -31073,7 +31063,6 @@ class ICfnConditionExpression(IResolvable, typing_extensions.Protocol):
     You can use ``toString`` when you wish to embed a condition expression
     in a property value that accepts a ``string``. For example::
 
-       # Example automatically generated from non-compiling source. May contain errors.
        sqs.Queue(self, "MyQueue",
            queue_name=Fn.condition_if("Condition", "Hello", "World").to_string()
        )
@@ -31111,7 +31100,6 @@ class _ICfnConditionExpressionProxy(
     You can use ``toString`` when you wish to embed a condition expression
     in a property value that accepts a ``string``. For example::
 
-       # Example automatically generated from non-compiling source. May contain errors.
        sqs.Queue(self, "MyQueue",
            queue_name=Fn.condition_if("Condition", "Hello", "World").to_string()
        )
@@ -31767,7 +31755,6 @@ class CfnCondition(
 
     Example::
 
-        # Example automatically generated from non-compiling source. May contain errors.
         raw_bucket = s3.CfnBucket(self, "Bucket")
         # -or-
         raw_bucket_alt = my_bucket.node.default_child
@@ -32054,7 +32041,6 @@ class DefaultStackSynthesizer(
 
     Example::
 
-        # Example automatically generated from non-compiling source. May contain errors.
         MyStack(app, "MyStack",
             synthesizer=DefaultStackSynthesizer(
                 file_assets_bucket_name="my-orgs-asset-bucket"