diff --git a/samtranslator/schema/schema.json b/samtranslator/schema/schema.json index 993af5265..524e5150a 100644 --- a/samtranslator/schema/schema.json +++ b/samtranslator/schema/schema.json @@ -26586,6 +26586,9 @@ "AWS::BillingConductor::BillingGroup.AccountGrouping": { "additionalProperties": false, "properties": { + "AutoAssociate": { + "type": "boolean" + }, "LinkedAccountIds": { "items": { "type": "string" @@ -42390,6 +42393,9 @@ "Properties": { "additionalProperties": false, "properties": { + "Compliance": { + "$ref": "#/definitions/AWS::Config::ConfigRule.Compliance" + }, "ConfigRuleName": { "markdownDescription": "A name for the AWS Config rule. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the rule name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .", "title": "ConfigRuleName", @@ -42400,6 +42406,12 @@ "title": "Description", "type": "string" }, + "EvaluationModes": { + "items": { + "$ref": "#/definitions/AWS::Config::ConfigRule.EvaluationModeConfiguration" + }, + "type": "array" + }, "InputParameters": { "markdownDescription": "A string, in JSON format, that is passed to the AWS Config rule Lambda function.", "title": "InputParameters", @@ -42447,6 +42459,15 @@ ], "type": "object" }, + "AWS::Config::ConfigRule.Compliance": { + "additionalProperties": false, + "properties": { + "Type": { + "type": "string" + } + }, + "type": "object" + }, "AWS::Config::ConfigRule.CustomPolicyDetails": { "additionalProperties": false, "properties": { @@ -42468,6 +42489,15 @@ }, "type": "object" }, + "AWS::Config::ConfigRule.EvaluationModeConfiguration": { + "additionalProperties": false, + "properties": { + "Mode": { + "type": "string" + } + }, + "type": "object" + }, "AWS::Config::ConfigRule.Scope": { "additionalProperties": false, "properties": { @@ -50370,6 +50400,139 @@ ], "type": "object" }, + "AWS::DMS::ReplicationConfig": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ComputeConfig": { + "$ref": "#/definitions/AWS::DMS::ReplicationConfig.ComputeConfig" + }, + "ReplicationConfigArn": { + "type": "string" + }, + "ReplicationConfigIdentifier": { + "type": "string" + }, + "ReplicationSettings": { + "type": "object" + }, + "ReplicationType": { + "type": "string" + }, + "ResourceIdentifier": { + "type": "string" + }, + "SourceEndpointArn": { + "type": "string" + }, + "SupplementalSettings": { + "type": "object" + }, + "TableMappings": { + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, + "TargetEndpointArn": { + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DMS::ReplicationConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::DMS::ReplicationConfig.ComputeConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "DnsNameServers": { + "type": "string" + }, + "KmsKeyId": { + "type": "string" + }, + "MaxCapacityUnits": { + "type": "number" + }, + "MinCapacityUnits": { + "type": "number" + }, + "MultiAZ": { + "type": "boolean" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ReplicationSubnetGroupId": { + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "MaxCapacityUnits" + ], + "type": "object" + }, "AWS::DMS::ReplicationInstance": { "additionalProperties": false, "properties": { @@ -59771,6 +59934,9 @@ "Properties": { "additionalProperties": false, "properties": { + "AssetId": { + "type": "string" + }, "AutoPlacement": { "markdownDescription": "Indicates whether the host accepts any untargeted instance launches that match its instance type configuration, or if it only accepts Host tenancy instance launches that specify its unique host ID. For more information, see [Understanding auto-placement and affinity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-understanding) in the *Amazon EC2 User Guide* .\n\nDefault: `on`", "title": "AutoPlacement", @@ -90375,11 +90541,20 @@ "title": "AllowSingleColumn", "type": "boolean" }, + "ContainsCustomDatatype": { + "items": { + "type": "string" + }, + "type": "array" + }, "ContainsHeader": { "markdownDescription": "Indicates whether the CSV file contains a header.\n\nA value of `UNKNOWN` specifies that the classifier will detect whether the CSV file contains headings.\n\nA value of `PRESENT` specifies that the CSV file contains headings.\n\nA value of `ABSENT` specifies that the CSV file does not contain headings.", "title": "ContainsHeader", "type": "string" }, + "CustomDatatypeConfigured": { + "type": "boolean" + }, "Delimiter": { "markdownDescription": "A custom symbol to denote what separates each column entry in the row.", "title": "Delimiter", @@ -90829,6 +91004,30 @@ }, "type": "object" }, + "AWS::Glue::Crawler.IcebergTarget": { + "additionalProperties": false, + "properties": { + "ConnectionName": { + "type": "string" + }, + "Exclusions": { + "items": { + "type": "string" + }, + "type": "array" + }, + "MaximumTraversalDepth": { + "type": "number" + }, + "Paths": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, "AWS::Glue::Crawler.JdbcTarget": { "additionalProperties": false, "properties": { @@ -90973,6 +91172,12 @@ "title": "DynamoDBTargets", "type": "array" }, + "IcebergTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.IcebergTarget" + }, + "type": "array" + }, "JdbcTargets": { "items": { "$ref": "#/definitions/AWS::Glue::Crawler.JdbcTarget" @@ -91321,6 +91526,9 @@ "markdownDescription": "The name of the catalog database.", "title": "DatabaseName", "type": "string" + }, + "Region": { + "type": "string" } }, "type": "object" @@ -92938,6 +93146,9 @@ "title": "DatabaseName", "type": "string" }, + "OpenTableFormatInput": { + "$ref": "#/definitions/AWS::Glue::Table.OpenTableFormatInput" + }, "TableInput": { "$ref": "#/definitions/AWS::Glue::Table.TableInput", "markdownDescription": "A structure used to define a table.", @@ -92996,6 +93207,32 @@ ], "type": "object" }, + "AWS::Glue::Table.IcebergInput": { + "additionalProperties": false, + "properties": { + "MetadataOperation": { + "$ref": "#/definitions/AWS::Glue::Table.MetadataOperation" + }, + "Version": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Table.MetadataOperation": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::Glue::Table.OpenTableFormatInput": { + "additionalProperties": false, + "properties": { + "IcebergInput": { + "$ref": "#/definitions/AWS::Glue::Table.IcebergInput" + } + }, + "type": "object" + }, "AWS::Glue::Table.Order": { "additionalProperties": false, "properties": { @@ -93203,6 +93440,9 @@ "markdownDescription": "The name of the target table.", "title": "Name", "type": "string" + }, + "Region": { + "type": "string" } }, "type": "object" @@ -116589,6 +116829,9 @@ "title": "MultiRegion", "type": "boolean" }, + "Origin": { + "type": "string" + }, "PendingWindowInDays": { "markdownDescription": "Specifies the number of days in the waiting period before AWS KMS deletes a KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n\nWhen you remove a KMS key from a CloudFormation stack, AWS KMS schedules the KMS key for deletion and starts the mandatory waiting period. The `PendingWindowInDays` property determines the length of waiting period. During the waiting period, the key state of KMS key is `Pending Deletion` or `Pending Replica Deletion` , which prevents the KMS key from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the KMS key.\n\nAWS KMS will not delete a [multi-Region primary key](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) that has replica keys. If you remove a multi-Region primary key from a CloudFormation stack, its key state changes to `PendingReplicaDeletion` so it cannot be replicated or used in cryptographic operations. This state can persist indefinitely. When the last of its replica keys is deleted, the key state of the primary key changes to `PendingDeletion` and the waiting period specified by `PendingWindowInDays` begins. When this waiting period expires, AWS KMS deletes the primary key. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* .\n\nYou cannot use a CloudFormation template to cancel deletion of the KMS key after you remove it from the stack, regardless of the waiting period. If you specify a KMS key in your template, even one with the same name, CloudFormation creates a new KMS key. To cancel deletion of a KMS key, use the AWS KMS console or the [CancelKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_CancelKeyDeletion.html) operation.\n\nFor information about the `Pending Deletion` and `Pending Replica Deletion` key states, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* . For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *AWS Key Management Service API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *AWS Key Management Service Developer Guide* .\n\n*Minimum* : 7\n\n*Maximum* : 30", "title": "PendingWindowInDays", @@ -145248,6 +145491,9 @@ "title": "DBInstanceParameterGroupName", "type": "string" }, + "DBPort": { + "type": "number" + }, "DBSubnetGroupName": { "markdownDescription": "Specifies information on the subnet group associated with the DB cluster, including the name, description, and subnets in the subnet group.", "title": "DBSubnetGroupName", @@ -150034,6 +150280,9 @@ "title": "MaxDuration", "type": "number" }, + "MaxGpus": { + "type": "number" + }, "MaxRuns": { "markdownDescription": "The group's maximum concurrent run setting.", "title": "MaxRuns", @@ -150352,6 +150601,9 @@ "Properties": { "additionalProperties": false, "properties": { + "Accelerators": { + "type": "string" + }, "DefinitionUri": { "markdownDescription": "The URI of a definition for the workflow.", "title": "DefinitionUri", @@ -213990,6 +214242,75 @@ ], "type": "object" }, + "AWS::SQS::QueueInlinePolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "PolicyDocument": { + "type": "object" + }, + "Queue": { + "type": "string" + } + }, + "required": [ + "PolicyDocument", + "Queue" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SQS::QueueInlinePolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, "AWS::SQS::QueuePolicy": { "additionalProperties": false, "properties": { @@ -219819,15 +220140,45 @@ "Properties": { "additionalProperties": false, "properties": { + "Alias": { + "type": "string" + }, + "Aliases": { + "items": { + "type": "string" + }, + "type": "array" + }, "BaseImage": { "markdownDescription": "The container image that the SageMaker image version is based on.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 255.\n\n*Pattern* : `.*`", "title": "BaseImage", "type": "string" }, + "Horovod": { + "type": "boolean" + }, "ImageName": { "markdownDescription": "The name of the parent image.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 63.\n\n*Pattern* : `^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$`", "title": "ImageName", "type": "string" + }, + "JobType": { + "type": "string" + }, + "MLFramework": { + "type": "string" + }, + "Processor": { + "type": "string" + }, + "ProgrammingLang": { + "type": "string" + }, + "ReleaseNotes": { + "type": "string" + }, + "VendorGuidance": { + "type": "string" } }, "required": [ @@ -232629,6 +232980,9 @@ "markdownDescription": "The retention duration for the memory store and magnetic store. This object has the following attributes:\n\n- *MemoryStoreRetentionPeriodInHours* : Retention duration for memory store, in hours.\n- *MagneticStoreRetentionPeriodInDays* : Retention duration for magnetic store, in days.\n\nBoth attributes are of type `string` . Both attributes are *required* when `RetentionProperties` is specified.\n\nSee the following examples:\n\n*JSON*\n\n`{ \"Type\" : AWS::Timestream::Table\", \"Properties\" : { \"DatabaseName\" : \"TestDatabase\", \"TableName\" : \"TestTable\", \"RetentionProperties\" : { \"MemoryStoreRetentionPeriodInHours\": \"24\", \"MagneticStoreRetentionPeriodInDays\": \"7\" } } }` \n\n*YAML*\n\n```\nType: AWS::Timestream::Table\nDependsOn: TestDatabase\nProperties: TableName: \"TestTable\" DatabaseName: \"TestDatabase\" RetentionProperties: MemoryStoreRetentionPeriodInHours: \"24\" MagneticStoreRetentionPeriodInDays: \"7\"\n```", "title": "RetentionProperties" }, + "Schema": { + "$ref": "#/definitions/AWS::Timestream::Table.Schema" + }, "TableName": { "markdownDescription": "The name of the Timestream table.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", "title": "TableName", @@ -232699,6 +233053,24 @@ ], "type": "object" }, + "AWS::Timestream::Table.PartitionKey": { + "additionalProperties": false, + "properties": { + "EnforcementInRecord": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "Type": { + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, "AWS::Timestream::Table.RetentionProperties": { "additionalProperties": false, "properties": { @@ -232745,6 +233117,18 @@ ], "type": "object" }, + "AWS::Timestream::Table.Schema": { + "additionalProperties": false, + "properties": { + "CompositePartitionKey": { + "items": { + "$ref": "#/definitions/AWS::Timestream::Table.PartitionKey" + }, + "type": "array" + } + }, + "type": "object" + }, "AWS::Transfer::Agreement": { "additionalProperties": false, "properties": { @@ -233010,6 +233394,9 @@ "title": "LoggingRole", "type": "string" }, + "SftpConfig": { + "$ref": "#/definitions/AWS::Transfer::Connector.SftpConfig" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -233026,7 +233413,6 @@ }, "required": [ "AccessRole", - "As2Config", "Url" ], "type": "object" @@ -233055,6 +233441,9 @@ "AWS::Transfer::Connector.As2Config": { "additionalProperties": false, "properties": { + "BasicAuthSecretId": { + "type": "string" + }, "Compression": { "markdownDescription": "Specifies whether the AS2 file is compressed.", "title": "Compression", @@ -233098,6 +233487,21 @@ }, "type": "object" }, + "AWS::Transfer::Connector.SftpConfig": { + "additionalProperties": false, + "properties": { + "TrustedHostKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "UserSecretId": { + "type": "string" + } + }, + "type": "object" + }, "AWS::Transfer::Profile": { "additionalProperties": false, "properties": { @@ -239031,6 +239435,12 @@ "title": "AggregateKeyType", "type": "string" }, + "CustomKeys": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey" + }, + "type": "array" + }, "ForwardedIPConfig": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nThis is required if you specify a forwarded IP in the rule's aggregate key settings.", @@ -239053,6 +239463,138 @@ ], "type": "object" }, + "AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey": { + "additionalProperties": false, + "properties": { + "Cookie": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitCookie" + }, + "ForwardedIP": { + "type": "object" + }, + "HTTPMethod": { + "type": "object" + }, + "Header": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitHeader" + }, + "IP": { + "type": "object" + }, + "LabelNamespace": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitLabelNamespace" + }, + "QueryArgument": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryArgument" + }, + "QueryString": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryString" + }, + "UriPath": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitUriPath" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitCookie": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitLabelNamespace": { + "additionalProperties": false, + "properties": { + "Namespace": { + "type": "string" + } + }, + "required": [ + "Namespace" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitQueryArgument": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitQueryString": { + "additionalProperties": false, + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitUriPath": { + "additionalProperties": false, + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, "AWS::WAFv2::RuleGroup.RegexMatchStatement": { "additionalProperties": false, "properties": { @@ -239567,9 +240109,38 @@ ], "type": "object" }, + "AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet": { + "additionalProperties": false, + "properties": { + "CreationPath": { + "type": "string" + }, + "EnableRegexInPath": { + "type": "boolean" + }, + "RegistrationPagePath": { + "type": "string" + }, + "RequestInspection": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestInspectionACFP" + }, + "ResponseInspection": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspection" + } + }, + "required": [ + "CreationPath", + "RegistrationPagePath", + "RequestInspection" + ], + "type": "object" + }, "AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet": { "additionalProperties": false, "properties": { + "EnableRegexInPath": { + "type": "boolean" + }, "LoginPath": { "markdownDescription": "The path of the login endpoint for your application. For example, for the URL `https://example.com/web/login` , you would provide the path `/web/login` .\n\nThe rule group inspects only HTTP `POST` requests to your specified login endpoint.", "title": "LoginPath", @@ -240240,6 +240811,9 @@ "AWS::WAFv2::WebACL.ManagedRuleGroupConfig": { "additionalProperties": false, "properties": { + "AWSManagedRulesACFPRuleSet": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet" + }, "AWSManagedRulesATPRuleSet": { "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet", "markdownDescription": "Additional configuration for using the account takeover prevention (ATP) managed rule group, `AWSManagedRulesATPRuleSet` . Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests.\n\nThis configuration replaces the individual configuration fields in `ManagedRuleGroupConfig` and provides additional feature configuration.\n\nFor information about using the ATP managed rule group, see [AWS WAF Fraud Control account takeover prevention (ATP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-atp.html) and [AWS WAF Fraud Control account takeover prevention (ATP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html) in the *AWS WAF Developer Guide* .", @@ -240382,6 +240956,12 @@ "title": "AggregateKeyType", "type": "string" }, + "CustomKeys": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateBasedStatementCustomKey" + }, + "type": "array" + }, "ForwardedIPConfig": { "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nThis is required if you specify a forwarded IP in the rule's aggregate key settings.", @@ -240404,6 +240984,138 @@ ], "type": "object" }, + "AWS::WAFv2::WebACL.RateBasedStatementCustomKey": { + "additionalProperties": false, + "properties": { + "Cookie": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitCookie" + }, + "ForwardedIP": { + "type": "object" + }, + "HTTPMethod": { + "type": "object" + }, + "Header": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitHeader" + }, + "IP": { + "type": "object" + }, + "LabelNamespace": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitLabelNamespace" + }, + "QueryArgument": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryArgument" + }, + "QueryString": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryString" + }, + "UriPath": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitUriPath" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.RateLimitCookie": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RateLimitHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RateLimitLabelNamespace": { + "additionalProperties": false, + "properties": { + "Namespace": { + "type": "string" + } + }, + "required": [ + "Namespace" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RateLimitQueryArgument": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RateLimitQueryString": { + "additionalProperties": false, + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RateLimitUriPath": { + "additionalProperties": false, + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, "AWS::WAFv2::WebACL.RegexMatchStatement": { "additionalProperties": false, "properties": { @@ -240502,6 +241214,39 @@ ], "type": "object" }, + "AWS::WAFv2::WebACL.RequestInspectionACFP": { + "additionalProperties": false, + "properties": { + "AddressFields": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" + }, + "type": "array" + }, + "EmailField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" + }, + "PasswordField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" + }, + "PayloadType": { + "type": "string" + }, + "PhoneNumberFields": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" + }, + "type": "array" + }, + "UsernameField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" + } + }, + "required": [ + "PayloadType" + ], + "type": "object" + }, "AWS::WAFv2::WebACL.ResponseInspection": { "additionalProperties": false, "properties": { @@ -250514,6 +251259,9 @@ { "$ref": "#/definitions/AWS::DMS::EventSubscription" }, + { + "$ref": "#/definitions/AWS::DMS::ReplicationConfig" + }, { "$ref": "#/definitions/AWS::DMS::ReplicationInstance" }, @@ -252593,6 +253341,9 @@ { "$ref": "#/definitions/AWS::SQS::Queue" }, + { + "$ref": "#/definitions/AWS::SQS::QueueInlinePolicy" + }, { "$ref": "#/definitions/AWS::SQS::QueuePolicy" }, diff --git a/schema_source/cloudformation.schema.json b/schema_source/cloudformation.schema.json index 263aa6314..e2b472296 100644 --- a/schema_source/cloudformation.schema.json +++ b/schema_source/cloudformation.schema.json @@ -26558,6 +26558,9 @@ "AWS::BillingConductor::BillingGroup.AccountGrouping": { "additionalProperties": false, "properties": { + "AutoAssociate": { + "type": "boolean" + }, "LinkedAccountIds": { "items": { "type": "string" @@ -42362,6 +42365,9 @@ "Properties": { "additionalProperties": false, "properties": { + "Compliance": { + "$ref": "#/definitions/AWS::Config::ConfigRule.Compliance" + }, "ConfigRuleName": { "markdownDescription": "A name for the AWS Config rule. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the rule name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .", "title": "ConfigRuleName", @@ -42372,6 +42378,12 @@ "title": "Description", "type": "string" }, + "EvaluationModes": { + "items": { + "$ref": "#/definitions/AWS::Config::ConfigRule.EvaluationModeConfiguration" + }, + "type": "array" + }, "InputParameters": { "markdownDescription": "A string, in JSON format, that is passed to the AWS Config rule Lambda function.", "title": "InputParameters", @@ -42419,6 +42431,15 @@ ], "type": "object" }, + "AWS::Config::ConfigRule.Compliance": { + "additionalProperties": false, + "properties": { + "Type": { + "type": "string" + } + }, + "type": "object" + }, "AWS::Config::ConfigRule.CustomPolicyDetails": { "additionalProperties": false, "properties": { @@ -42440,6 +42461,15 @@ }, "type": "object" }, + "AWS::Config::ConfigRule.EvaluationModeConfiguration": { + "additionalProperties": false, + "properties": { + "Mode": { + "type": "string" + } + }, + "type": "object" + }, "AWS::Config::ConfigRule.Scope": { "additionalProperties": false, "properties": { @@ -50342,6 +50372,139 @@ ], "type": "object" }, + "AWS::DMS::ReplicationConfig": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "ComputeConfig": { + "$ref": "#/definitions/AWS::DMS::ReplicationConfig.ComputeConfig" + }, + "ReplicationConfigArn": { + "type": "string" + }, + "ReplicationConfigIdentifier": { + "type": "string" + }, + "ReplicationSettings": { + "type": "object" + }, + "ReplicationType": { + "type": "string" + }, + "ResourceIdentifier": { + "type": "string" + }, + "SourceEndpointArn": { + "type": "string" + }, + "SupplementalSettings": { + "type": "object" + }, + "TableMappings": { + "type": "object" + }, + "Tags": { + "items": { + "$ref": "#/definitions/Tag" + }, + "type": "array" + }, + "TargetEndpointArn": { + "type": "string" + } + }, + "type": "object" + }, + "Type": { + "enum": [ + "AWS::DMS::ReplicationConfig" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, + "AWS::DMS::ReplicationConfig.ComputeConfig": { + "additionalProperties": false, + "properties": { + "AvailabilityZone": { + "type": "string" + }, + "DnsNameServers": { + "type": "string" + }, + "KmsKeyId": { + "type": "string" + }, + "MaxCapacityUnits": { + "type": "number" + }, + "MinCapacityUnits": { + "type": "number" + }, + "MultiAZ": { + "type": "boolean" + }, + "PreferredMaintenanceWindow": { + "type": "string" + }, + "ReplicationSubnetGroupId": { + "type": "string" + }, + "VpcSecurityGroupIds": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "MaxCapacityUnits" + ], + "type": "object" + }, "AWS::DMS::ReplicationInstance": { "additionalProperties": false, "properties": { @@ -59736,6 +59899,9 @@ "Properties": { "additionalProperties": false, "properties": { + "AssetId": { + "type": "string" + }, "AutoPlacement": { "markdownDescription": "Indicates whether the host accepts any untargeted instance launches that match its instance type configuration, or if it only accepts Host tenancy instance launches that specify its unique host ID. For more information, see [Understanding auto-placement and affinity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-understanding) in the *Amazon EC2 User Guide* .\n\nDefault: `on`", "title": "AutoPlacement", @@ -90333,11 +90499,20 @@ "title": "AllowSingleColumn", "type": "boolean" }, + "ContainsCustomDatatype": { + "items": { + "type": "string" + }, + "type": "array" + }, "ContainsHeader": { "markdownDescription": "Indicates whether the CSV file contains a header.\n\nA value of `UNKNOWN` specifies that the classifier will detect whether the CSV file contains headings.\n\nA value of `PRESENT` specifies that the CSV file contains headings.\n\nA value of `ABSENT` specifies that the CSV file does not contain headings.", "title": "ContainsHeader", "type": "string" }, + "CustomDatatypeConfigured": { + "type": "boolean" + }, "Delimiter": { "markdownDescription": "A custom symbol to denote what separates each column entry in the row.", "title": "Delimiter", @@ -90787,6 +90962,30 @@ }, "type": "object" }, + "AWS::Glue::Crawler.IcebergTarget": { + "additionalProperties": false, + "properties": { + "ConnectionName": { + "type": "string" + }, + "Exclusions": { + "items": { + "type": "string" + }, + "type": "array" + }, + "MaximumTraversalDepth": { + "type": "number" + }, + "Paths": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "type": "object" + }, "AWS::Glue::Crawler.JdbcTarget": { "additionalProperties": false, "properties": { @@ -90931,6 +91130,12 @@ "title": "DynamoDBTargets", "type": "array" }, + "IcebergTargets": { + "items": { + "$ref": "#/definitions/AWS::Glue::Crawler.IcebergTarget" + }, + "type": "array" + }, "JdbcTargets": { "items": { "$ref": "#/definitions/AWS::Glue::Crawler.JdbcTarget" @@ -91279,6 +91484,9 @@ "markdownDescription": "The name of the catalog database.", "title": "DatabaseName", "type": "string" + }, + "Region": { + "type": "string" } }, "type": "object" @@ -92896,6 +93104,9 @@ "title": "DatabaseName", "type": "string" }, + "OpenTableFormatInput": { + "$ref": "#/definitions/AWS::Glue::Table.OpenTableFormatInput" + }, "TableInput": { "$ref": "#/definitions/AWS::Glue::Table.TableInput", "markdownDescription": "A structure used to define a table.", @@ -92954,6 +93165,32 @@ ], "type": "object" }, + "AWS::Glue::Table.IcebergInput": { + "additionalProperties": false, + "properties": { + "MetadataOperation": { + "$ref": "#/definitions/AWS::Glue::Table.MetadataOperation" + }, + "Version": { + "type": "string" + } + }, + "type": "object" + }, + "AWS::Glue::Table.MetadataOperation": { + "additionalProperties": false, + "properties": {}, + "type": "object" + }, + "AWS::Glue::Table.OpenTableFormatInput": { + "additionalProperties": false, + "properties": { + "IcebergInput": { + "$ref": "#/definitions/AWS::Glue::Table.IcebergInput" + } + }, + "type": "object" + }, "AWS::Glue::Table.Order": { "additionalProperties": false, "properties": { @@ -93161,6 +93398,9 @@ "markdownDescription": "The name of the target table.", "title": "Name", "type": "string" + }, + "Region": { + "type": "string" } }, "type": "object" @@ -116547,6 +116787,9 @@ "title": "MultiRegion", "type": "boolean" }, + "Origin": { + "type": "string" + }, "PendingWindowInDays": { "markdownDescription": "Specifies the number of days in the waiting period before AWS KMS deletes a KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n\nWhen you remove a KMS key from a CloudFormation stack, AWS KMS schedules the KMS key for deletion and starts the mandatory waiting period. The `PendingWindowInDays` property determines the length of waiting period. During the waiting period, the key state of KMS key is `Pending Deletion` or `Pending Replica Deletion` , which prevents the KMS key from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the KMS key.\n\nAWS KMS will not delete a [multi-Region primary key](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) that has replica keys. If you remove a multi-Region primary key from a CloudFormation stack, its key state changes to `PendingReplicaDeletion` so it cannot be replicated or used in cryptographic operations. This state can persist indefinitely. When the last of its replica keys is deleted, the key state of the primary key changes to `PendingDeletion` and the waiting period specified by `PendingWindowInDays` begins. When this waiting period expires, AWS KMS deletes the primary key. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* .\n\nYou cannot use a CloudFormation template to cancel deletion of the KMS key after you remove it from the stack, regardless of the waiting period. If you specify a KMS key in your template, even one with the same name, CloudFormation creates a new KMS key. To cancel deletion of a KMS key, use the AWS KMS console or the [CancelKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_CancelKeyDeletion.html) operation.\n\nFor information about the `Pending Deletion` and `Pending Replica Deletion` key states, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* . For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *AWS Key Management Service API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *AWS Key Management Service Developer Guide* .\n\n*Minimum* : 7\n\n*Maximum* : 30", "title": "PendingWindowInDays", @@ -145199,6 +145442,9 @@ "title": "DBInstanceParameterGroupName", "type": "string" }, + "DBPort": { + "type": "number" + }, "DBSubnetGroupName": { "markdownDescription": "Specifies information on the subnet group associated with the DB cluster, including the name, description, and subnets in the subnet group.", "title": "DBSubnetGroupName", @@ -149985,6 +150231,9 @@ "title": "MaxDuration", "type": "number" }, + "MaxGpus": { + "type": "number" + }, "MaxRuns": { "markdownDescription": "The group's maximum concurrent run setting.", "title": "MaxRuns", @@ -150303,6 +150552,9 @@ "Properties": { "additionalProperties": false, "properties": { + "Accelerators": { + "type": "string" + }, "DefinitionUri": { "markdownDescription": "The URI of a definition for the workflow.", "title": "DefinitionUri", @@ -213920,6 +214172,75 @@ ], "type": "object" }, + "AWS::SQS::QueueInlinePolicy": { + "additionalProperties": false, + "properties": { + "Condition": { + "type": "string" + }, + "DeletionPolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + }, + "DependsOn": { + "anyOf": [ + { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + { + "items": { + "pattern": "^[a-zA-Z0-9]+$", + "type": "string" + }, + "type": "array" + } + ] + }, + "Metadata": { + "type": "object" + }, + "Properties": { + "additionalProperties": false, + "properties": { + "PolicyDocument": { + "type": "object" + }, + "Queue": { + "type": "string" + } + }, + "required": [ + "PolicyDocument", + "Queue" + ], + "type": "object" + }, + "Type": { + "enum": [ + "AWS::SQS::QueueInlinePolicy" + ], + "type": "string" + }, + "UpdateReplacePolicy": { + "enum": [ + "Delete", + "Retain", + "Snapshot" + ], + "type": "string" + } + }, + "required": [ + "Type", + "Properties" + ], + "type": "object" + }, "AWS::SQS::QueuePolicy": { "additionalProperties": false, "properties": { @@ -219749,15 +220070,45 @@ "Properties": { "additionalProperties": false, "properties": { + "Alias": { + "type": "string" + }, + "Aliases": { + "items": { + "type": "string" + }, + "type": "array" + }, "BaseImage": { "markdownDescription": "The container image that the SageMaker image version is based on.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 255.\n\n*Pattern* : `.*`", "title": "BaseImage", "type": "string" }, + "Horovod": { + "type": "boolean" + }, "ImageName": { "markdownDescription": "The name of the parent image.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 63.\n\n*Pattern* : `^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$`", "title": "ImageName", "type": "string" + }, + "JobType": { + "type": "string" + }, + "MLFramework": { + "type": "string" + }, + "Processor": { + "type": "string" + }, + "ProgrammingLang": { + "type": "string" + }, + "ReleaseNotes": { + "type": "string" + }, + "VendorGuidance": { + "type": "string" } }, "required": [ @@ -232552,6 +232903,9 @@ "markdownDescription": "The retention duration for the memory store and magnetic store. This object has the following attributes:\n\n- *MemoryStoreRetentionPeriodInHours* : Retention duration for memory store, in hours.\n- *MagneticStoreRetentionPeriodInDays* : Retention duration for magnetic store, in days.\n\nBoth attributes are of type `string` . Both attributes are *required* when `RetentionProperties` is specified.\n\nSee the following examples:\n\n*JSON*\n\n`{ \"Type\" : AWS::Timestream::Table\", \"Properties\" : { \"DatabaseName\" : \"TestDatabase\", \"TableName\" : \"TestTable\", \"RetentionProperties\" : { \"MemoryStoreRetentionPeriodInHours\": \"24\", \"MagneticStoreRetentionPeriodInDays\": \"7\" } } }` \n\n*YAML*\n\n```\nType: AWS::Timestream::Table\nDependsOn: TestDatabase\nProperties: TableName: \"TestTable\" DatabaseName: \"TestDatabase\" RetentionProperties: MemoryStoreRetentionPeriodInHours: \"24\" MagneticStoreRetentionPeriodInDays: \"7\"\n```", "title": "RetentionProperties" }, + "Schema": { + "$ref": "#/definitions/AWS::Timestream::Table.Schema" + }, "TableName": { "markdownDescription": "The name of the Timestream table.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", "title": "TableName", @@ -232622,6 +232976,24 @@ ], "type": "object" }, + "AWS::Timestream::Table.PartitionKey": { + "additionalProperties": false, + "properties": { + "EnforcementInRecord": { + "type": "string" + }, + "Name": { + "type": "string" + }, + "Type": { + "type": "string" + } + }, + "required": [ + "Type" + ], + "type": "object" + }, "AWS::Timestream::Table.RetentionProperties": { "additionalProperties": false, "properties": { @@ -232668,6 +233040,18 @@ ], "type": "object" }, + "AWS::Timestream::Table.Schema": { + "additionalProperties": false, + "properties": { + "CompositePartitionKey": { + "items": { + "$ref": "#/definitions/AWS::Timestream::Table.PartitionKey" + }, + "type": "array" + } + }, + "type": "object" + }, "AWS::Transfer::Agreement": { "additionalProperties": false, "properties": { @@ -232933,6 +233317,9 @@ "title": "LoggingRole", "type": "string" }, + "SftpConfig": { + "$ref": "#/definitions/AWS::Transfer::Connector.SftpConfig" + }, "Tags": { "items": { "$ref": "#/definitions/Tag" @@ -232949,7 +233336,6 @@ }, "required": [ "AccessRole", - "As2Config", "Url" ], "type": "object" @@ -232978,6 +233364,9 @@ "AWS::Transfer::Connector.As2Config": { "additionalProperties": false, "properties": { + "BasicAuthSecretId": { + "type": "string" + }, "Compression": { "markdownDescription": "Specifies whether the AS2 file is compressed.", "title": "Compression", @@ -233021,6 +233410,21 @@ }, "type": "object" }, + "AWS::Transfer::Connector.SftpConfig": { + "additionalProperties": false, + "properties": { + "TrustedHostKeys": { + "items": { + "type": "string" + }, + "type": "array" + }, + "UserSecretId": { + "type": "string" + } + }, + "type": "object" + }, "AWS::Transfer::Profile": { "additionalProperties": false, "properties": { @@ -238954,6 +239358,12 @@ "title": "AggregateKeyType", "type": "string" }, + "CustomKeys": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey" + }, + "type": "array" + }, "ForwardedIPConfig": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nThis is required if you specify a forwarded IP in the rule's aggregate key settings.", @@ -238976,6 +239386,138 @@ ], "type": "object" }, + "AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey": { + "additionalProperties": false, + "properties": { + "Cookie": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitCookie" + }, + "ForwardedIP": { + "type": "object" + }, + "HTTPMethod": { + "type": "object" + }, + "Header": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitHeader" + }, + "IP": { + "type": "object" + }, + "LabelNamespace": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitLabelNamespace" + }, + "QueryArgument": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryArgument" + }, + "QueryString": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryString" + }, + "UriPath": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitUriPath" + } + }, + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitCookie": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitLabelNamespace": { + "additionalProperties": false, + "properties": { + "Namespace": { + "type": "string" + } + }, + "required": [ + "Namespace" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitQueryArgument": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitQueryString": { + "additionalProperties": false, + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::RuleGroup.RateLimitUriPath": { + "additionalProperties": false, + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, "AWS::WAFv2::RuleGroup.RegexMatchStatement": { "additionalProperties": false, "properties": { @@ -239490,9 +240032,38 @@ ], "type": "object" }, + "AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet": { + "additionalProperties": false, + "properties": { + "CreationPath": { + "type": "string" + }, + "EnableRegexInPath": { + "type": "boolean" + }, + "RegistrationPagePath": { + "type": "string" + }, + "RequestInspection": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestInspectionACFP" + }, + "ResponseInspection": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspection" + } + }, + "required": [ + "CreationPath", + "RegistrationPagePath", + "RequestInspection" + ], + "type": "object" + }, "AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet": { "additionalProperties": false, "properties": { + "EnableRegexInPath": { + "type": "boolean" + }, "LoginPath": { "markdownDescription": "The path of the login endpoint for your application. For example, for the URL `https://example.com/web/login` , you would provide the path `/web/login` .\n\nThe rule group inspects only HTTP `POST` requests to your specified login endpoint.", "title": "LoginPath", @@ -240163,6 +240734,9 @@ "AWS::WAFv2::WebACL.ManagedRuleGroupConfig": { "additionalProperties": false, "properties": { + "AWSManagedRulesACFPRuleSet": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet" + }, "AWSManagedRulesATPRuleSet": { "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet", "markdownDescription": "Additional configuration for using the account takeover prevention (ATP) managed rule group, `AWSManagedRulesATPRuleSet` . Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests.\n\nThis configuration replaces the individual configuration fields in `ManagedRuleGroupConfig` and provides additional feature configuration.\n\nFor information about using the ATP managed rule group, see [AWS WAF Fraud Control account takeover prevention (ATP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-atp.html) and [AWS WAF Fraud Control account takeover prevention (ATP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html) in the *AWS WAF Developer Guide* .", @@ -240305,6 +240879,12 @@ "title": "AggregateKeyType", "type": "string" }, + "CustomKeys": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateBasedStatementCustomKey" + }, + "type": "array" + }, "ForwardedIPConfig": { "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nThis is required if you specify a forwarded IP in the rule's aggregate key settings.", @@ -240327,6 +240907,138 @@ ], "type": "object" }, + "AWS::WAFv2::WebACL.RateBasedStatementCustomKey": { + "additionalProperties": false, + "properties": { + "Cookie": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitCookie" + }, + "ForwardedIP": { + "type": "object" + }, + "HTTPMethod": { + "type": "object" + }, + "Header": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitHeader" + }, + "IP": { + "type": "object" + }, + "LabelNamespace": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitLabelNamespace" + }, + "QueryArgument": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryArgument" + }, + "QueryString": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryString" + }, + "UriPath": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitUriPath" + } + }, + "type": "object" + }, + "AWS::WAFv2::WebACL.RateLimitCookie": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RateLimitHeader": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RateLimitLabelNamespace": { + "additionalProperties": false, + "properties": { + "Namespace": { + "type": "string" + } + }, + "required": [ + "Namespace" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RateLimitQueryArgument": { + "additionalProperties": false, + "properties": { + "Name": { + "type": "string" + }, + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "Name", + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RateLimitQueryString": { + "additionalProperties": false, + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, + "AWS::WAFv2::WebACL.RateLimitUriPath": { + "additionalProperties": false, + "properties": { + "TextTransformations": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" + }, + "type": "array" + } + }, + "required": [ + "TextTransformations" + ], + "type": "object" + }, "AWS::WAFv2::WebACL.RegexMatchStatement": { "additionalProperties": false, "properties": { @@ -240425,6 +241137,39 @@ ], "type": "object" }, + "AWS::WAFv2::WebACL.RequestInspectionACFP": { + "additionalProperties": false, + "properties": { + "AddressFields": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" + }, + "type": "array" + }, + "EmailField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" + }, + "PasswordField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" + }, + "PayloadType": { + "type": "string" + }, + "PhoneNumberFields": { + "items": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" + }, + "type": "array" + }, + "UsernameField": { + "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" + } + }, + "required": [ + "PayloadType" + ], + "type": "object" + }, "AWS::WAFv2::WebACL.ResponseInspection": { "additionalProperties": false, "properties": { @@ -243075,6 +243820,9 @@ { "$ref": "#/definitions/AWS::DMS::EventSubscription" }, + { + "$ref": "#/definitions/AWS::DMS::ReplicationConfig" + }, { "$ref": "#/definitions/AWS::DMS::ReplicationInstance" }, @@ -245154,6 +245902,9 @@ { "$ref": "#/definitions/AWS::SQS::Queue" }, + { + "$ref": "#/definitions/AWS::SQS::QueueInlinePolicy" + }, { "$ref": "#/definitions/AWS::SQS::QueuePolicy" },