pulumi-aws 7.11.1__py3-none-any.whl → 7.12.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (122) hide show
  1. pulumi_aws/__init__.py +57 -0
  2. pulumi_aws/acm/certificate.py +20 -20
  3. pulumi_aws/acmpca/certificate.py +8 -8
  4. pulumi_aws/apigateway/account.py +0 -4
  5. pulumi_aws/appflow/_inputs.py +33 -0
  6. pulumi_aws/appflow/outputs.py +22 -0
  7. pulumi_aws/appsync/graph_ql_api.py +84 -0
  8. pulumi_aws/bedrock/_inputs.py +97 -21
  9. pulumi_aws/bedrock/agent_agent_alias.py +94 -0
  10. pulumi_aws/bedrock/agentcore_agent_runtime.py +4 -4
  11. pulumi_aws/bedrock/agentcore_browser.py +42 -0
  12. pulumi_aws/bedrock/agentcore_gateway_target.py +217 -7
  13. pulumi_aws/bedrock/agentcore_memory.py +37 -9
  14. pulumi_aws/bedrock/agentcore_oauth2_credential_provider.py +38 -0
  15. pulumi_aws/bedrock/outputs.py +64 -17
  16. pulumi_aws/cloudfront/_inputs.py +15 -14
  17. pulumi_aws/cloudfront/distribution.py +28 -0
  18. pulumi_aws/cloudfront/outputs.py +10 -9
  19. pulumi_aws/cloudhsmv2/cluster.py +64 -0
  20. pulumi_aws/cloudwatch/_inputs.py +9 -8
  21. pulumi_aws/cloudwatch/contributor_managed_insight_rule.py +20 -0
  22. pulumi_aws/cloudwatch/log_delivery_destination.py +53 -12
  23. pulumi_aws/cloudwatch/outputs.py +6 -5
  24. pulumi_aws/codebuild/webhook.py +16 -16
  25. pulumi_aws/codepipeline/webhook.py +16 -16
  26. pulumi_aws/connect/_inputs.py +50 -4
  27. pulumi_aws/connect/outputs.py +95 -4
  28. pulumi_aws/connect/routing_profile.py +42 -18
  29. pulumi_aws/datasync/location_fsx_ontap_file_system.py +34 -0
  30. pulumi_aws/datazone/project.py +24 -0
  31. pulumi_aws/detective/organization_configuration.py +20 -0
  32. pulumi_aws/dms/_inputs.py +3 -3
  33. pulumi_aws/dms/outputs.py +2 -2
  34. pulumi_aws/ec2/__init__.py +1 -0
  35. pulumi_aws/ec2/_inputs.py +182 -0
  36. pulumi_aws/ec2/allowed_images_settings.py +338 -0
  37. pulumi_aws/ec2/get_coip_pools.py +24 -0
  38. pulumi_aws/ec2/image_block_public_access.py +48 -1
  39. pulumi_aws/ec2/outputs.py +167 -0
  40. pulumi_aws/ec2/security_group.py +6 -6
  41. pulumi_aws/ec2/serial_console_access.py +50 -3
  42. pulumi_aws/ec2/vpc_endpoint.py +92 -0
  43. pulumi_aws/ec2clientvpn/authorization_rule.py +7 -7
  44. pulumi_aws/ec2clientvpn/route.py +7 -7
  45. pulumi_aws/ec2transitgateway/instance_connect_endpoint.py +47 -0
  46. pulumi_aws/ecrpublic/get_images.py +24 -0
  47. pulumi_aws/ecs/_inputs.py +172 -33
  48. pulumi_aws/ecs/get_service.py +318 -7
  49. pulumi_aws/ecs/outputs.py +957 -86
  50. pulumi_aws/ecs/service.py +76 -0
  51. pulumi_aws/eks/_inputs.py +195 -5
  52. pulumi_aws/eks/outputs.py +164 -4
  53. pulumi_aws/elasticache/_inputs.py +154 -0
  54. pulumi_aws/elasticache/get_replication_group.py +23 -9
  55. pulumi_aws/elasticache/outputs.py +204 -0
  56. pulumi_aws/elasticache/replication_group.py +115 -0
  57. pulumi_aws/elasticache/reserved_cache_node.py +28 -0
  58. pulumi_aws/finspace/kx_cluster.py +76 -0
  59. pulumi_aws/fis/__init__.py +1 -0
  60. pulumi_aws/fis/target_account_configuration.py +401 -0
  61. pulumi_aws/glue/job.py +7 -7
  62. pulumi_aws/guardduty/malware_protection_plan.py +50 -0
  63. pulumi_aws/guardduty/member_detector_feature.py +42 -0
  64. pulumi_aws/invoicing/__init__.py +11 -0
  65. pulumi_aws/invoicing/_inputs.py +128 -0
  66. pulumi_aws/invoicing/invoice_unit.py +620 -0
  67. pulumi_aws/invoicing/outputs.py +99 -0
  68. pulumi_aws/iot/ca_certificate.py +32 -32
  69. pulumi_aws/iot/get_registration_code.py +8 -8
  70. pulumi_aws/ivschat/logging_configuration.py +28 -0
  71. pulumi_aws/kinesis/get_stream.py +15 -1
  72. pulumi_aws/kinesis/stream.py +47 -0
  73. pulumi_aws/kms/key.py +7 -7
  74. pulumi_aws/licensemanager/license_grant.py +36 -0
  75. pulumi_aws/m2/environment.py +150 -0
  76. pulumi_aws/networkfirewall/tls_inspection_configuration.py +84 -0
  77. pulumi_aws/networkflowmonitor/__init__.py +12 -0
  78. pulumi_aws/networkflowmonitor/_inputs.py +412 -0
  79. pulumi_aws/networkflowmonitor/monitor.py +568 -0
  80. pulumi_aws/networkflowmonitor/outputs.py +302 -0
  81. pulumi_aws/networkflowmonitor/scope.py +443 -0
  82. pulumi_aws/observabilityadmin/__init__.py +11 -0
  83. pulumi_aws/observabilityadmin/_inputs.py +506 -0
  84. pulumi_aws/observabilityadmin/centralization_rule_for_organization.py +637 -0
  85. pulumi_aws/observabilityadmin/outputs.py +415 -0
  86. pulumi_aws/opensearch/_inputs.py +92 -133
  87. pulumi_aws/opensearch/authorize_vpc_endpoint_access.py +4 -4
  88. pulumi_aws/opensearch/domain.py +60 -0
  89. pulumi_aws/opensearch/get_domain.py +16 -9
  90. pulumi_aws/opensearch/outputs.py +131 -2
  91. pulumi_aws/organizations/get_policies.py +2 -2
  92. pulumi_aws/organizations/get_policies_for_target.py +2 -2
  93. pulumi_aws/organizations/get_policy.py +1 -1
  94. pulumi_aws/organizations/organization.py +7 -7
  95. pulumi_aws/organizations/policy.py +35 -7
  96. pulumi_aws/pulumi-plugin.json +1 -1
  97. pulumi_aws/quicksight/analysis.py +108 -0
  98. pulumi_aws/quicksight/dashboard.py +110 -0
  99. pulumi_aws/quicksight/template.py +126 -0
  100. pulumi_aws/redshift/cluster_snapshot.py +28 -0
  101. pulumi_aws/redshift/get_cluster.py +52 -0
  102. pulumi_aws/redshift/snapshot_copy_grant.py +22 -0
  103. pulumi_aws/route53/profiles_association.py +30 -0
  104. pulumi_aws/route53/profiles_resource_association.py +34 -0
  105. pulumi_aws/s3control/multi_region_access_point_policy.py +76 -0
  106. pulumi_aws/s3tables/table.py +76 -1
  107. pulumi_aws/s3tables/table_bucket.py +78 -3
  108. pulumi_aws/sagemaker/_inputs.py +225 -232
  109. pulumi_aws/sagemaker/endpoint_configuration.py +111 -64
  110. pulumi_aws/sagemaker/outputs.py +154 -158
  111. pulumi_aws/ssmincidents/get_response_plan.py +14 -0
  112. pulumi_aws/ssoadmin/account_assignment.py +4 -4
  113. pulumi_aws/transfer/profile.py +20 -0
  114. pulumi_aws/transfer/server.py +7 -0
  115. pulumi_aws/transfer/ssh_key.py +6 -6
  116. pulumi_aws/wafv2/rule_group.py +440 -0
  117. pulumi_aws/workspacesweb/session_logger_association.py +80 -0
  118. pulumi_aws/workspacesweb/trust_store_association.py +24 -0
  119. {pulumi_aws-7.11.1.dist-info → pulumi_aws-7.12.0.dist-info}/METADATA +1 -1
  120. {pulumi_aws-7.11.1.dist-info → pulumi_aws-7.12.0.dist-info}/RECORD +122 -107
  121. {pulumi_aws-7.11.1.dist-info → pulumi_aws-7.12.0.dist-info}/WHEEL +0 -0
  122. {pulumi_aws-7.11.1.dist-info → pulumi_aws-7.12.0.dist-info}/top_level.txt +0 -0
pulumi_aws/ssmincidents/get_response_plan.py CHANGED
@@ -172,6 +172,13 @@ def get_response_plan(arn: Optional[_builtins.str] = None,
172
172
 
173
173
  ### Basic Usage
174
174
 
175
+ ```python
176
+ import pulumi
177
+ import pulumi_aws as aws
178
+
179
+ example = aws.ssmincidents.ResponsePlan("example", arn="exampleARN")
180
+ ```
181
+
175
182
 
176
183
  :param _builtins.str arn: The Amazon Resource Name (ARN) of the response plan.
177
184
  :param _builtins.str region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
@@ -207,6 +214,13 @@ def get_response_plan_output(arn: Optional[pulumi.Input[_builtins.str]] = None,
207
214
 
208
215
  ### Basic Usage
209
216
 
217
+ ```python
218
+ import pulumi
219
+ import pulumi_aws as aws
220
+
221
+ example = aws.ssmincidents.ResponsePlan("example", arn="exampleARN")
222
+ ```
223
+
210
224
 
211
225
  :param _builtins.str arn: The Amazon Resource Name (ARN) of the response plan.
212
226
  :param _builtins.str region: Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
pulumi_aws/ssoadmin/account_assignment.py CHANGED
@@ -311,7 +311,7 @@ class AccountAssignment(pulumi.CustomResource):
311
311
  identity_store_id=example.identity_store_ids[0],
312
312
  display_name="Admin",
313
313
  description="Admin Group")
314
- account_assignment = aws.ssoadmin.AccountAssignment("account_assignment",
314
+ example_account_assignment = aws.ssoadmin.AccountAssignment("example",
315
315
  instance_arn=example.arns[0],
316
316
  permission_set_arn=example_permission_set.arn,
317
317
  principal_id=example_group.group_id,
@@ -322,7 +322,7 @@ class AccountAssignment(pulumi.CustomResource):
322
322
  instance_arn=example.arns[0],
323
323
  managed_policy_arn="arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup",
324
324
  permission_set_arn=example_permission_set.arn,
325
- opts = pulumi.ResourceOptions(depends_on=[example_aws_ssoadmin_account_assignment]))
325
+ opts = pulumi.ResourceOptions(depends_on=[example_account_assignment]))
326
326
  ```
327
327
 
328
328
  ## Import
@@ -395,7 +395,7 @@ class AccountAssignment(pulumi.CustomResource):
395
395
  identity_store_id=example.identity_store_ids[0],
396
396
  display_name="Admin",
397
397
  description="Admin Group")
398
- account_assignment = aws.ssoadmin.AccountAssignment("account_assignment",
398
+ example_account_assignment = aws.ssoadmin.AccountAssignment("example",
399
399
  instance_arn=example.arns[0],
400
400
  permission_set_arn=example_permission_set.arn,
401
401
  principal_id=example_group.group_id,
@@ -406,7 +406,7 @@ class AccountAssignment(pulumi.CustomResource):
406
406
  instance_arn=example.arns[0],
407
407
  managed_policy_arn="arn:aws:iam::aws:policy/AlexaForBusinessDeviceSetup",
408
408
  permission_set_arn=example_permission_set.arn,
409
- opts = pulumi.ResourceOptions(depends_on=[example_aws_ssoadmin_account_assignment]))
409
+ opts = pulumi.ResourceOptions(depends_on=[example_account_assignment]))
410
410
  ```
411
411
 
412
412
  ## Import
pulumi_aws/transfer/profile.py CHANGED
@@ -253,6 +253,16 @@ class Profile(pulumi.CustomResource):
253
253
 
254
254
  ### Basic
255
255
 
256
+ ```python
257
+ import pulumi
258
+ import pulumi_aws as aws
259
+
260
+ example = aws.transfer.Profile("example",
261
+ as2_id="example",
262
+ certificate_ids=[example_aws_transfer_certificate["certificateId"]],
263
+ usage="LOCAL")
264
+ ```
265
+
256
266
  ## Import
257
267
 
258
268
  Using `pulumi import`, import Transfer AS2 Profile using the `profile_id`. For example:
@@ -282,6 +292,16 @@ class Profile(pulumi.CustomResource):
282
292
 
283
293
  ### Basic
284
294
 
295
+ ```python
296
+ import pulumi
297
+ import pulumi_aws as aws
298
+
299
+ example = aws.transfer.Profile("example",
300
+ as2_id="example",
301
+ certificate_ids=[example_aws_transfer_certificate["certificateId"]],
302
+ usage="LOCAL")
303
+ ```
304
+
285
305
  ## Import
286
306
 
287
307
  Using `pulumi import`, import Transfer AS2 Profile using the `profile_id`. For example:
pulumi_aws/transfer/server.py CHANGED
@@ -85,6 +85,7 @@ class ServerArgs:
85
85
  * `TransferSecurityPolicy-Restricted-2020-06`
86
86
  * `TransferSecurityPolicy-Restricted-2024-06`
87
87
  * `TransferSecurityPolicy-SshAuditCompliant-2025-02`
88
+ * `TransferSecurityPolicy-AS2Restricted-2025-07`
88
89
 
89
90
  See [Security policies for AWS Transfer Family servers](https://docs.aws.amazon.com/transfer/latest/userguide/security-policies.html) for details.
90
91
  :param pulumi.Input[_builtins.str] sftp_authentication_methods: For SFTP-enabled servers with an `identity_provider_type` of `API_GATEWAY` or `AWS_LAMBDA`. Valid values are `PASSWORD`, `PUBLIC_KEY`, `PUBLIC_KEY_OR_PASSWORD` and `PUBLIC_KEY_AND_PASSWORD`. Default value is: `PUBLIC_KEY_OR_PASSWORD`.
@@ -370,6 +371,7 @@ class ServerArgs:
370
371
  * `TransferSecurityPolicy-Restricted-2020-06`
371
372
  * `TransferSecurityPolicy-Restricted-2024-06`
372
373
  * `TransferSecurityPolicy-SshAuditCompliant-2025-02`
374
+ * `TransferSecurityPolicy-AS2Restricted-2025-07`
373
375
 
374
376
  See [Security policies for AWS Transfer Family servers](https://docs.aws.amazon.com/transfer/latest/userguide/security-policies.html) for details.
375
377
  """
@@ -514,6 +516,7 @@ class _ServerState:
514
516
  * `TransferSecurityPolicy-Restricted-2020-06`
515
517
  * `TransferSecurityPolicy-Restricted-2024-06`
516
518
  * `TransferSecurityPolicy-SshAuditCompliant-2025-02`
519
+ * `TransferSecurityPolicy-AS2Restricted-2025-07`
517
520
 
518
521
  See [Security policies for AWS Transfer Family servers](https://docs.aws.amazon.com/transfer/latest/userguide/security-policies.html) for details.
519
522
  :param pulumi.Input[_builtins.str] sftp_authentication_methods: For SFTP-enabled servers with an `identity_provider_type` of `API_GATEWAY` or `AWS_LAMBDA`. Valid values are `PASSWORD`, `PUBLIC_KEY`, `PUBLIC_KEY_OR_PASSWORD` and `PUBLIC_KEY_AND_PASSWORD`. Default value is: `PUBLIC_KEY_OR_PASSWORD`.
@@ -844,6 +847,7 @@ class _ServerState:
844
847
  * `TransferSecurityPolicy-Restricted-2020-06`
845
848
  * `TransferSecurityPolicy-Restricted-2024-06`
846
849
  * `TransferSecurityPolicy-SshAuditCompliant-2025-02`
850
+ * `TransferSecurityPolicy-AS2Restricted-2025-07`
847
851
 
848
852
  See [Security policies for AWS Transfer Family servers](https://docs.aws.amazon.com/transfer/latest/userguide/security-policies.html) for details.
849
853
  """
@@ -1121,6 +1125,7 @@ class Server(pulumi.CustomResource):
1121
1125
  * `TransferSecurityPolicy-Restricted-2020-06`
1122
1126
  * `TransferSecurityPolicy-Restricted-2024-06`
1123
1127
  * `TransferSecurityPolicy-SshAuditCompliant-2025-02`
1128
+ * `TransferSecurityPolicy-AS2Restricted-2025-07`
1124
1129
 
1125
1130
  See [Security policies for AWS Transfer Family servers](https://docs.aws.amazon.com/transfer/latest/userguide/security-policies.html) for details.
1126
1131
  :param pulumi.Input[_builtins.str] sftp_authentication_methods: For SFTP-enabled servers with an `identity_provider_type` of `API_GATEWAY` or `AWS_LAMBDA`. Valid values are `PASSWORD`, `PUBLIC_KEY`, `PUBLIC_KEY_OR_PASSWORD` and `PUBLIC_KEY_AND_PASSWORD`. Default value is: `PUBLIC_KEY_OR_PASSWORD`.
@@ -1421,6 +1426,7 @@ class Server(pulumi.CustomResource):
1421
1426
  * `TransferSecurityPolicy-Restricted-2020-06`
1422
1427
  * `TransferSecurityPolicy-Restricted-2024-06`
1423
1428
  * `TransferSecurityPolicy-SshAuditCompliant-2025-02`
1429
+ * `TransferSecurityPolicy-AS2Restricted-2025-07`
1424
1430
 
1425
1431
  See [Security policies for AWS Transfer Family servers](https://docs.aws.amazon.com/transfer/latest/userguide/security-policies.html) for details.
1426
1432
  :param pulumi.Input[_builtins.str] sftp_authentication_methods: For SFTP-enabled servers with an `identity_provider_type` of `API_GATEWAY` or `AWS_LAMBDA`. Valid values are `PASSWORD`, `PUBLIC_KEY`, `PUBLIC_KEY_OR_PASSWORD` and `PUBLIC_KEY_AND_PASSWORD`. Default value is: `PUBLIC_KEY_OR_PASSWORD`.
@@ -1649,6 +1655,7 @@ class Server(pulumi.CustomResource):
1649
1655
  * `TransferSecurityPolicy-Restricted-2020-06`
1650
1656
  * `TransferSecurityPolicy-Restricted-2024-06`
1651
1657
  * `TransferSecurityPolicy-SshAuditCompliant-2025-02`
1658
+ * `TransferSecurityPolicy-AS2Restricted-2025-07`
1652
1659
 
1653
1660
  See [Security policies for AWS Transfer Family servers](https://docs.aws.amazon.com/transfer/latest/userguide/security-policies.html) for details.
1654
1661
  """
pulumi_aws/transfer/ssh_key.py CHANGED
@@ -191,8 +191,8 @@ class SshKey(pulumi.CustomResource):
191
191
  import pulumi_std as std
192
192
  import pulumi_tls as tls
193
193
 
194
- example_private_key = tls.index.PrivateKey("example",
195
- algorithm=RSA,
194
+ example_private_key = tls.PrivateKey("example",
195
+ algorithm="RSA",
196
196
  rsa_bits=4096)
197
197
  example_server = aws.transfer.Server("example",
198
198
  identity_provider_type="SERVICE_MANAGED",
@@ -220,7 +220,7 @@ class SshKey(pulumi.CustomResource):
220
220
  example_ssh_key = aws.transfer.SshKey("example",
221
221
  server_id=example_server.id,
222
222
  user_name=example_user.user_name,
223
- body=std.trimspace(input=example_private_key["publicKeyOpenssh"]).result)
223
+ body=std.trimspace_output(input=example_private_key.public_key_openssh).apply(lambda invoke: invoke.result))
224
224
  example = aws.iam.get_policy_document(statements=[{
225
225
  "sid": "AllowFullAccesstoS3",
226
226
  "effect": "Allow",
@@ -265,8 +265,8 @@ class SshKey(pulumi.CustomResource):
265
265
  import pulumi_std as std
266
266
  import pulumi_tls as tls
267
267
 
268
- example_private_key = tls.index.PrivateKey("example",
269
- algorithm=RSA,
268
+ example_private_key = tls.PrivateKey("example",
269
+ algorithm="RSA",
270
270
  rsa_bits=4096)
271
271
  example_server = aws.transfer.Server("example",
272
272
  identity_provider_type="SERVICE_MANAGED",
@@ -294,7 +294,7 @@ class SshKey(pulumi.CustomResource):
294
294
  example_ssh_key = aws.transfer.SshKey("example",
295
295
  server_id=example_server.id,
296
296
  user_name=example_user.user_name,
297
- body=std.trimspace(input=example_private_key["publicKeyOpenssh"]).result)
297
+ body=std.trimspace_output(input=example_private_key.public_key_openssh).apply(lambda invoke: invoke.result))
298
298
  example = aws.iam.get_policy_document(statements=[{
299
299
  "sid": "AllowFullAccesstoS3",
300
300
  "effect": "Allow",
pulumi_aws/wafv2/rule_group.py CHANGED
@@ -489,6 +489,226 @@ class RuleGroup(pulumi.CustomResource):
489
489
 
490
490
  ### Complex
491
491
 
492
+ ```python
493
+ import pulumi
494
+ import pulumi_aws as aws
495
+
496
+ test = aws.wafv2.IpSet("test",
497
+ name="test",
498
+ scope="REGIONAL",
499
+ ip_address_version="IPV4",
500
+ addresses=[
501
+ "1.1.1.1/32",
502
+ "2.2.2.2/32",
503
+ ])
504
+ test_regex_pattern_set = aws.wafv2.RegexPatternSet("test",
505
+ name="test",
506
+ scope="REGIONAL",
507
+ regular_expressions=[{
508
+ "regex_string": "one",
509
+ }])
510
+ example = aws.wafv2.RuleGroup("example",
511
+ name="complex-example",
512
+ description="An rule group containing all statements",
513
+ scope="REGIONAL",
514
+ capacity=500,
515
+ rules=[
516
+ {
517
+ "name": "rule-1",
518
+ "priority": 1,
519
+ "action": {
520
+ "block": {},
521
+ },
522
+ "statement": {
523
+ "not_statement": {
524
+ "statements": [{
525
+ "and_statement": {
526
+ "statements": [
527
+ {
528
+ "geo_match_statement": {
529
+ "country_codes": ["US"],
530
+ },
531
+ },
532
+ {
533
+ "byte_match_statement": {
534
+ "positional_constraint": "CONTAINS",
535
+ "search_string": "word",
536
+ "field_to_match": {
537
+ "all_query_arguments": {},
538
+ },
539
+ "text_transformations": [
540
+ {
541
+ "priority": 5,
542
+ "type": "CMD_LINE",
543
+ },
544
+ {
545
+ "priority": 2,
546
+ "type": "LOWERCASE",
547
+ },
548
+ ],
549
+ },
550
+ },
551
+ ],
552
+ },
553
+ }],
554
+ },
555
+ },
556
+ "visibility_config": {
557
+ "cloudwatch_metrics_enabled": False,
558
+ "metric_name": "rule-1",
559
+ "sampled_requests_enabled": False,
560
+ },
561
+ },
562
+ {
563
+ "name": "rule-2",
564
+ "priority": 2,
565
+ "action": {
566
+ "count": {},
567
+ },
568
+ "statement": {
569
+ "or_statement": {
570
+ "statements": [
571
+ {
572
+ "regex_match_statement": {
573
+ "regex_string": "a-z?",
574
+ "field_to_match": {
575
+ "single_header": {
576
+ "name": "user-agent",
577
+ },
578
+ },
579
+ "text_transformations": [{
580
+ "priority": 6,
581
+ "type": "NONE",
582
+ }],
583
+ },
584
+ },
585
+ {
586
+ "sqli_match_statement": {
587
+ "field_to_match": {
588
+ "body": {},
589
+ },
590
+ "text_transformations": [
591
+ {
592
+ "priority": 5,
593
+ "type": "URL_DECODE",
594
+ },
595
+ {
596
+ "priority": 4,
597
+ "type": "HTML_ENTITY_DECODE",
598
+ },
599
+ {
600
+ "priority": 3,
601
+ "type": "COMPRESS_WHITE_SPACE",
602
+ },
603
+ ],
604
+ },
605
+ },
606
+ {
607
+ "xss_match_statement": {
608
+ "field_to_match": {
609
+ "method": {},
610
+ },
611
+ "text_transformations": [{
612
+ "priority": 2,
613
+ "type": "NONE",
614
+ }],
615
+ },
616
+ },
617
+ ],
618
+ },
619
+ },
620
+ "visibility_config": {
621
+ "cloudwatch_metrics_enabled": False,
622
+ "metric_name": "rule-2",
623
+ "sampled_requests_enabled": False,
624
+ },
625
+ "captcha_config": {
626
+ "immunity_time_property": {
627
+ "immunity_time": 240,
628
+ },
629
+ },
630
+ },
631
+ {
632
+ "name": "rule-3",
633
+ "priority": 3,
634
+ "action": {
635
+ "block": {},
636
+ },
637
+ "statement": {
638
+ "size_constraint_statement": {
639
+ "comparison_operator": "GT",
640
+ "size": 100,
641
+ "field_to_match": {
642
+ "single_query_argument": {
643
+ "name": "username",
644
+ },
645
+ },
646
+ "text_transformations": [{
647
+ "priority": 5,
648
+ "type": "NONE",
649
+ }],
650
+ },
651
+ },
652
+ "visibility_config": {
653
+ "cloudwatch_metrics_enabled": False,
654
+ "metric_name": "rule-3",
655
+ "sampled_requests_enabled": False,
656
+ },
657
+ },
658
+ {
659
+ "name": "rule-4",
660
+ "priority": 4,
661
+ "action": {
662
+ "block": {},
663
+ },
664
+ "statement": {
665
+ "or_statement": {
666
+ "statements": [
667
+ {
668
+ "ip_set_reference_statement": {
669
+ "arn": test.arn,
670
+ },
671
+ },
672
+ {
673
+ "regex_pattern_set_reference_statement": {
674
+ "arn": test_regex_pattern_set.arn,
675
+ "field_to_match": {
676
+ "single_header": {
677
+ "name": "referer",
678
+ },
679
+ },
680
+ "text_transformations": [{
681
+ "priority": 2,
682
+ "type": "NONE",
683
+ }],
684
+ },
685
+ },
686
+ ],
687
+ },
688
+ },
689
+ "visibility_config": {
690
+ "cloudwatch_metrics_enabled": False,
691
+ "metric_name": "rule-4",
692
+ "sampled_requests_enabled": False,
693
+ },
694
+ },
695
+ ],
696
+ visibility_config={
697
+ "cloudwatch_metrics_enabled": False,
698
+ "metric_name": "friendly-metric-name",
699
+ "sampled_requests_enabled": False,
700
+ },
701
+ captcha_config=[{
702
+ "immunityTimeProperty": [{
703
+ "immunityTime": 120,
704
+ }],
705
+ }],
706
+ tags={
707
+ "Name": "example-and-statement",
708
+ "Code": "123456",
709
+ })
710
+ ```
711
+
492
712
  ### Using rules_json
493
713
 
494
714
  ```python
@@ -604,6 +824,226 @@ class RuleGroup(pulumi.CustomResource):
604
824
 
605
825
  ### Complex
606
826
 
827
+ ```python
828
+ import pulumi
829
+ import pulumi_aws as aws
830
+
831
+ test = aws.wafv2.IpSet("test",
832
+ name="test",
833
+ scope="REGIONAL",
834
+ ip_address_version="IPV4",
835
+ addresses=[
836
+ "1.1.1.1/32",
837
+ "2.2.2.2/32",
838
+ ])
839
+ test_regex_pattern_set = aws.wafv2.RegexPatternSet("test",
840
+ name="test",
841
+ scope="REGIONAL",
842
+ regular_expressions=[{
843
+ "regex_string": "one",
844
+ }])
845
+ example = aws.wafv2.RuleGroup("example",
846
+ name="complex-example",
847
+ description="An rule group containing all statements",
848
+ scope="REGIONAL",
849
+ capacity=500,
850
+ rules=[
851
+ {
852
+ "name": "rule-1",
853
+ "priority": 1,
854
+ "action": {
855
+ "block": {},
856
+ },
857
+ "statement": {
858
+ "not_statement": {
859
+ "statements": [{
860
+ "and_statement": {
861
+ "statements": [
862
+ {
863
+ "geo_match_statement": {
864
+ "country_codes": ["US"],
865
+ },
866
+ },
867
+ {
868
+ "byte_match_statement": {
869
+ "positional_constraint": "CONTAINS",
870
+ "search_string": "word",
871
+ "field_to_match": {
872
+ "all_query_arguments": {},
873
+ },
874
+ "text_transformations": [
875
+ {
876
+ "priority": 5,
877
+ "type": "CMD_LINE",
878
+ },
879
+ {
880
+ "priority": 2,
881
+ "type": "LOWERCASE",
882
+ },
883
+ ],
884
+ },
885
+ },
886
+ ],
887
+ },
888
+ }],
889
+ },
890
+ },
891
+ "visibility_config": {
892
+ "cloudwatch_metrics_enabled": False,
893
+ "metric_name": "rule-1",
894
+ "sampled_requests_enabled": False,
895
+ },
896
+ },
897
+ {
898
+ "name": "rule-2",
899
+ "priority": 2,
900
+ "action": {
901
+ "count": {},
902
+ },
903
+ "statement": {
904
+ "or_statement": {
905
+ "statements": [
906
+ {
907
+ "regex_match_statement": {
908
+ "regex_string": "a-z?",
909
+ "field_to_match": {
910
+ "single_header": {
911
+ "name": "user-agent",
912
+ },
913
+ },
914
+ "text_transformations": [{
915
+ "priority": 6,
916
+ "type": "NONE",
917
+ }],
918
+ },
919
+ },
920
+ {
921
+ "sqli_match_statement": {
922
+ "field_to_match": {
923
+ "body": {},
924
+ },
925
+ "text_transformations": [
926
+ {
927
+ "priority": 5,
928
+ "type": "URL_DECODE",
929
+ },
930
+ {
931
+ "priority": 4,
932
+ "type": "HTML_ENTITY_DECODE",
933
+ },
934
+ {
935
+ "priority": 3,
936
+ "type": "COMPRESS_WHITE_SPACE",
937
+ },
938
+ ],
939
+ },
940
+ },
941
+ {
942
+ "xss_match_statement": {
943
+ "field_to_match": {
944
+ "method": {},
945
+ },
946
+ "text_transformations": [{
947
+ "priority": 2,
948
+ "type": "NONE",
949
+ }],
950
+ },
951
+ },
952
+ ],
953
+ },
954
+ },
955
+ "visibility_config": {
956
+ "cloudwatch_metrics_enabled": False,
957
+ "metric_name": "rule-2",
958
+ "sampled_requests_enabled": False,
959
+ },
960
+ "captcha_config": {
961
+ "immunity_time_property": {
962
+ "immunity_time": 240,
963
+ },
964
+ },
965
+ },
966
+ {
967
+ "name": "rule-3",
968
+ "priority": 3,
969
+ "action": {
970
+ "block": {},
971
+ },
972
+ "statement": {
973
+ "size_constraint_statement": {
974
+ "comparison_operator": "GT",
975
+ "size": 100,
976
+ "field_to_match": {
977
+ "single_query_argument": {
978
+ "name": "username",
979
+ },
980
+ },
981
+ "text_transformations": [{
982
+ "priority": 5,
983
+ "type": "NONE",
984
+ }],
985
+ },
986
+ },
987
+ "visibility_config": {
988
+ "cloudwatch_metrics_enabled": False,
989
+ "metric_name": "rule-3",
990
+ "sampled_requests_enabled": False,
991
+ },
992
+ },
993
+ {
994
+ "name": "rule-4",
995
+ "priority": 4,
996
+ "action": {
997
+ "block": {},
998
+ },
999
+ "statement": {
1000
+ "or_statement": {
1001
+ "statements": [
1002
+ {
1003
+ "ip_set_reference_statement": {
1004
+ "arn": test.arn,
1005
+ },
1006
+ },
1007
+ {
1008
+ "regex_pattern_set_reference_statement": {
1009
+ "arn": test_regex_pattern_set.arn,
1010
+ "field_to_match": {
1011
+ "single_header": {
1012
+ "name": "referer",
1013
+ },
1014
+ },
1015
+ "text_transformations": [{
1016
+ "priority": 2,
1017
+ "type": "NONE",
1018
+ }],
1019
+ },
1020
+ },
1021
+ ],
1022
+ },
1023
+ },
1024
+ "visibility_config": {
1025
+ "cloudwatch_metrics_enabled": False,
1026
+ "metric_name": "rule-4",
1027
+ "sampled_requests_enabled": False,
1028
+ },
1029
+ },
1030
+ ],
1031
+ visibility_config={
1032
+ "cloudwatch_metrics_enabled": False,
1033
+ "metric_name": "friendly-metric-name",
1034
+ "sampled_requests_enabled": False,
1035
+ },
1036
+ captcha_config=[{
1037
+ "immunityTimeProperty": [{
1038
+ "immunityTime": 120,
1039
+ }],
1040
+ }],
1041
+ tags={
1042
+ "Name": "example-and-statement",
1043
+ "Code": "123456",
1044
+ })
1045
+ ```
1046
+
607
1047
  ### Using rules_json
608
1048
 
609
1049
  ```python