diff --git a/samtranslator/schema/schema.json b/samtranslator/schema/schema.json index 4af084896..e702462ad 100644 --- a/samtranslator/schema/schema.json +++ b/samtranslator/schema/schema.json @@ -16235,6 +16235,8 @@ "title": "IngressConfiguration" }, "IpAddressType": { + "markdownDescription": "App Runner provides you with the option to choose between *Internet Protocol version 4 (IPv4)* and *dual stack* (IPv4 and IPv6) for your incoming public network configuration. This is an optional parameter. If you do not specify an `IpAddressType` , it defaults to select IPv4.\n\n> Currently, App Runner supports dual stack for only Public endpoint. Only IPv4 is supported for Private endpoint. If you update a service that's using dual-stack Public endpoint to a Private endpoint, your App Runner service will default to support only IPv4 for Private endpoint and fail to receive traffic originating from IPv6 endpoint.", + "title": "IpAddressType", "type": "string" } }, @@ -18053,6 +18055,8 @@ "type": "string" }, "MaximumLength": { + "markdownDescription": "", + "title": "MaximumLength", "type": "number" }, "Permission": { @@ -49739,6 +49743,8 @@ "items": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Script" }, + "markdownDescription": "", + "title": "Scripts", "type": "array" }, "Times": { @@ -50181,24 +50187,36 @@ "additionalProperties": false, "properties": { "ExecuteOperationOnScriptFailure": { + "markdownDescription": "", + "title": "ExecuteOperationOnScriptFailure", "type": "boolean" }, "ExecutionHandler": { + "markdownDescription": "", + "title": "ExecutionHandler", "type": "string" }, "ExecutionHandlerService": { + "markdownDescription": "", + "title": "ExecutionHandlerService", "type": "string" }, "ExecutionTimeout": { + "markdownDescription": "", + "title": "ExecutionTimeout", "type": "number" }, "MaximumRetryCount": { + "markdownDescription": "", + "title": "MaximumRetryCount", "type": "number" }, "Stages": { "items": { "type": "string" }, + "markdownDescription": "", + "title": "Stages", "type": "array" } }, @@ -68843,6 +68861,8 @@ "type": "boolean" }, "Ipv4NetmaskLength": { + "markdownDescription": "", + "title": "Ipv4NetmaskLength", "type": "number" }, "Ipv6CidrBlock": { @@ -68856,6 +68876,8 @@ "type": "boolean" }, "Ipv6NetmaskLength": { + "markdownDescription": "", + "title": "Ipv6NetmaskLength", "type": "number" }, "MapPublicIpOnLaunch": { @@ -79774,7 +79796,9 @@ "title": "MaximumCapacity" }, "MonitoringConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.MonitoringConfiguration" + "$ref": "#/definitions/AWS::EMRServerless::Application.MonitoringConfiguration", + "markdownDescription": "A configuration specification to be used when provisioning an application. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file.", + "title": "MonitoringConfiguration" }, "Name": { "markdownDescription": "The name of the application.", @@ -79787,7 +79811,7 @@ "title": "NetworkConfiguration" }, "ReleaseLabel": { - "markdownDescription": "The Amazon EMR release associated with the application.", + "markdownDescription": "The EMR release associated with the application.", "title": "ReleaseLabel", "type": "string" }, @@ -79795,6 +79819,8 @@ "items": { "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" }, + "markdownDescription": "The [Configuration](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_Configuration.html) specifications of an application. Each configuration consists of a classification and properties. You use this parameter when creating or updating an application. To see the runtimeConfiguration object of an application, run the [GetApplication](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_GetApplication.html) API operation.", + "title": "RuntimeConfiguration", "type": "array" }, "Tags": { @@ -79880,12 +79906,16 @@ "additionalProperties": false, "properties": { "Classification": { + "markdownDescription": "", + "title": "Classification", "type": "string" }, "Configurations": { "items": { "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" }, + "markdownDescription": "", + "title": "Configurations", "type": "array" }, "Properties": { @@ -79958,9 +79988,13 @@ "additionalProperties": false, "properties": { "Enabled": { + "markdownDescription": "Enables managed logging and defaults to true. If set to false, managed logging will be turned off.", + "title": "Enabled", "type": "boolean" }, "EncryptionKeyArn": { + "markdownDescription": "The KMS key ARN to encrypt the logs stored in managed log persistence.", + "title": "EncryptionKeyArn", "type": "string" } }, @@ -79995,10 +80029,14 @@ "additionalProperties": false, "properties": { "ManagedPersistenceMonitoringConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration" + "$ref": "#/definitions/AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration", + "markdownDescription": "The managed log persistence configuration for a job run.", + "title": "ManagedPersistenceMonitoringConfiguration" }, "S3MonitoringConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.S3MonitoringConfiguration" + "$ref": "#/definitions/AWS::EMRServerless::Application.S3MonitoringConfiguration", + "markdownDescription": "The Amazon S3 configuration for monitoring log publishing.", + "title": "S3MonitoringConfiguration" } }, "type": "object" @@ -80029,9 +80067,13 @@ "additionalProperties": false, "properties": { "EncryptionKeyArn": { + "markdownDescription": "The KMS key ARN to encrypt the logs published to the given Amazon S3 destination.", + "title": "EncryptionKeyArn", "type": "string" }, "LogUri": { + "markdownDescription": "The Amazon S3 destination URI for log publishing.", + "title": "LogUri", "type": "string" } }, @@ -106819,7 +106861,7 @@ "properties": { "S3Config": { "$ref": "#/definitions/AWS::InternetMonitor::Monitor.S3Config", - "markdownDescription": "The configuration for publishing Amazon CloudWatch Internet Monitor internet measurements to Amazon S3.", + "markdownDescription": "The configuration information for publishing Internet Monitor internet measurements to Amazon S3. The configuration includes the bucket name and (optionally) prefix for the S3 bucket to store the measurements, and the delivery status. The delivery status is `ENABLED` or `DISABLED` , depending on whether you choose to deliver internet measurements to S3 logs.", "title": "S3Config" } }, @@ -106850,17 +106892,17 @@ "additionalProperties": false, "properties": { "BucketName": { - "markdownDescription": "The Amazon S3 bucket name for internet measurements publishing.", + "markdownDescription": "The Amazon S3 bucket name.", "title": "BucketName", "type": "string" }, "BucketPrefix": { - "markdownDescription": "An optional Amazon S3 bucket prefix for internet measurements publishing.", + "markdownDescription": "The Amazon S3 bucket prefix.", "title": "BucketPrefix", "type": "string" }, "LogDeliveryStatus": { - "markdownDescription": "The status of publishing Internet Monitor internet measurements to an Amazon S3 bucket. The delivery status is `ENABLED` if you choose to deliver internet measurements to an S3 bucket, and `DISABLED` otherwise.", + "markdownDescription": "The status of publishing Internet Monitor internet measurements to an Amazon S3 bucket.", "title": "LogDeliveryStatus", "type": "string" } @@ -138777,7 +138819,7 @@ "type": "object" }, "AirflowVersion": { - "markdownDescription": "The version of Apache Airflow to use for the environment. If no value is specified, defaults to the latest version.\n\nIf you specify a newer version number for an existing environment, the version update requires some service interruption before taking effect.\n\n*Allowed Values* : `2.0.2` | `1.10.12` | `2.2.2` | `2.4.3` | `2.5.1` | `2.6.3` (latest)", + "markdownDescription": "The version of Apache Airflow to use for the environment. If no value is specified, defaults to the latest version.\n\nIf you specify a newer version number for an existing environment, the version update requires some service interruption before taking effect.\n\n*Allowed Values* : `1.10.12` | `2.0.2` | `2.2.2` | `2.4.3` | `2.5.1` | `2.6.3` | `2.7.2` (latest)", "title": "AirflowVersion", "type": "string" }, @@ -219130,7 +219172,9 @@ "title": "DetailedStatusCodesMetrics" }, "StorageLensGroupLevel": { - "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupLevel" + "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupLevel", + "markdownDescription": "", + "title": "StorageLensGroupLevel" } }, "required": [ @@ -219457,7 +219501,9 @@ "additionalProperties": false, "properties": { "StorageLensGroupSelectionCriteria": { - "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupSelectionCriteria" + "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupSelectionCriteria", + "markdownDescription": "", + "title": "StorageLensGroupSelectionCriteria" } }, "type": "object" @@ -219469,12 +219515,16 @@ "items": { "type": "string" }, + "markdownDescription": "", + "title": "Exclude", "type": "array" }, "Include": { "items": { "type": "string" }, + "markdownDescription": "", + "title": "Include", "type": "array" } }, @@ -234991,7 +235041,7 @@ "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to attach to the secret. Each tag is a key and value pair of strings in a JSON text string, for example:\n\n`[{\"Key\":\"CostCenter\",\"Value\":\"12345\"},{\"Key\":\"environment\",\"Value\":\"production\"}]`\n\nSecrets Manager tag key names are case sensitive. A tag with the key \"ABC\" is a different tag from one with key \"abc\".\n\nIf you check tags in permissions policies as part of your security strategy, then adding or removing a tag can change permissions. If the completion of this operation would result in you losing your permissions for this secret, then Secrets Manager blocks the operation and returns an `Access Denied` error. For more information, see [Control access to secrets using tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac) and [Limit access to identities with tags that match secrets' tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#auth-and-access_tags2) .\n\nFor information about how to format a JSON parameter for the various command line tool environments, see [Using JSON for Parameters](https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) . If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text.\n\nThe following restrictions apply to tags:\n\n- Maximum number of tags per secret: 50\n- Maximum key length: 127 Unicode characters in UTF-8\n- Maximum value length: 255 Unicode characters in UTF-8\n- Tag keys and values are case sensitive.\n- Do not use the `aws:` prefix in your tag names or values because AWS reserves it for AWS use. You can't edit or delete tag names or values with this prefix. Tags with this prefix do not count against your tags per secret limit.\n- If you use your tagging schema across multiple services and resources, other services might have restrictions on allowed characters. Generally allowed characters: letters, spaces, and numbers representable in UTF-8, plus the following special characters: + - = . _ : / @.", + "markdownDescription": "A list of tags to attach to the secret. Each tag is a key and value pair of strings in a JSON text string, for example:\n\n`[{\"Key\":\"CostCenter\",\"Value\":\"12345\"},{\"Key\":\"environment\",\"Value\":\"production\"}]`\n\nSecrets Manager tag key names are case sensitive. A tag with the key \"ABC\" is a different tag from one with key \"abc\".\n\nStack-level tags, tags you apply to the CloudFormation stack, are also attached to the secret.\n\nIf you check tags in permissions policies as part of your security strategy, then adding or removing a tag can change permissions. If the completion of this operation would result in you losing your permissions for this secret, then Secrets Manager blocks the operation and returns an `Access Denied` error. For more information, see [Control access to secrets using tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac) and [Limit access to identities with tags that match secrets' tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#auth-and-access_tags2) .\n\nFor information about how to format a JSON parameter for the various command line tool environments, see [Using JSON for Parameters](https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) . If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text.\n\nThe following restrictions apply to tags:\n\n- Maximum number of tags per secret: 50\n- Maximum key length: 127 Unicode characters in UTF-8\n- Maximum value length: 255 Unicode characters in UTF-8\n- Tag keys and values are case sensitive.\n- Do not use the `aws:` prefix in your tag names or values because AWS reserves it for AWS use. You can't edit or delete tag names or values with this prefix. Tags with this prefix do not count against your tags per secret limit.\n- If you use your tagging schema across multiple services and resources, other services might have restrictions on allowed characters. Generally allowed characters: letters, spaces, and numbers representable in UTF-8, plus the following special characters: + - = . _ : / @.", "title": "Tags", "type": "array" } diff --git a/schema_source/cloudformation-docs.json b/schema_source/cloudformation-docs.json index 32a66718d..4418e5a61 100644 --- a/schema_source/cloudformation-docs.json +++ b/schema_source/cloudformation-docs.json @@ -2624,7 +2624,8 @@ }, "AWS::AppRunner::Service NetworkConfiguration": { "EgressConfiguration": "Network configuration settings for outbound message traffic.", - "IngressConfiguration": "Network configuration settings for inbound message traffic." + "IngressConfiguration": "Network configuration settings for inbound message traffic.", + "IpAddressType": "App Runner provides you with the option to choose between *Internet Protocol version 4 (IPv4)* and *dual stack* (IPv4 and IPv6) for your incoming public network configuration. This is an optional parameter. If you do not specify an `IpAddressType` , it defaults to select IPv4.\n\n> Currently, App Runner supports dual stack for only Public endpoint. Only IPv4 is supported for Private endpoint. If you update a service that's using dual-stack Public endpoint to a Private endpoint, your App Runner service will default to support only IPv4 for Private endpoint and fail to receive traffic originating from IPv6 endpoint." }, "AWS::AppRunner::Service ServiceObservabilityConfiguration": { "ObservabilityConfigurationArn": "The Amazon Resource Name (ARN) of the observability configuration that is associated with the service. Specified only when `ObservabilityEnabled` is `true` .\n\nSpecify an ARN with a name and a revision number to associate that revision. For example: `arn:aws:apprunner:us-east-1:123456789012:observabilityconfiguration/xray-tracing/3`\n\nSpecify just the name to associate the latest revision. For example: `arn:aws:apprunner:us-east-1:123456789012:observabilityconfiguration/xray-tracing`", @@ -2892,6 +2893,7 @@ }, "AWS::AppStream::Stack UserSetting": { "Action": "The action that is enabled or disabled.", + "MaximumLength": "", "Permission": "Indicates whether the action is enabled or disabled." }, "AWS::AppStream::StackFleetAssociation": { @@ -7550,6 +7552,7 @@ "Interval": "The interval between snapshots. The supported values are 1, 2, 3, 4, 6, 8, 12, and 24.", "IntervalUnit": "The interval unit.", "Location": "*[Snapshot policies only]* Specifies the destination for snapshots created by the policy. To create snapshots in the same Region as the source resource, specify `CLOUD` . To create snapshots on the same Outpost as the source resource, specify `OUTPOST_LOCAL` . If you omit this parameter, `CLOUD` is used by default.\n\nIf the policy targets resources in an AWS Region , then you must create snapshots in the same Region as the source resource. If the policy targets resources on an Outpost, then you can create snapshots on the same Outpost as the source resource, or in the Region of that Outpost.", + "Scripts": "", "Times": "The time, in UTC, to start the operation. The supported format is hh:mm.\n\nThe operation occurs within a one-hour window following the specified time. If you do not specify a time, Amazon Data Lifecycle Manager selects a time within the next 24 hours." }, "AWS::DLM::LifecyclePolicy CrossRegionCopyAction": { @@ -7636,6 +7639,14 @@ "TagsToAdd": "The tags to apply to policy-created resources. These user-defined tags are in addition to the AWS -added lifecycle tags.", "VariableTags": "*[AMI policies and snapshot policies that target instances only]* A collection of key/value pairs with values determined dynamically when the policy is executed. Keys may be any valid Amazon EC2 tag key. Values must be in one of the two following formats: `$(instance-id)` or `$(timestamp)` . Variable tags are only valid for EBS Snapshot Management \u2013 Instance policies." }, + "AWS::DLM::LifecyclePolicy Script": { + "ExecuteOperationOnScriptFailure": "", + "ExecutionHandler": "", + "ExecutionHandlerService": "", + "ExecutionTimeout": "", + "MaximumRetryCount": "", + "Stages": "" + }, "AWS::DLM::LifecyclePolicy ShareRule": { "TargetAccounts": "The IDs of the AWS accounts with which to share the snapshots.", "UnshareInterval": "The period after which snapshots that are shared with other AWS accounts are automatically unshared.", @@ -10719,8 +10730,10 @@ "AvailabilityZoneId": "The AZ ID of the subnet.", "CidrBlock": "The IPv4 CIDR block assigned to the subnet.\n\nIf you update this property, we create a new subnet, and then delete the existing one.", "EnableDns64": "Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations. For more information, see [DNS64 and NAT64](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-nat64-dns64) in the *Amazon Virtual Private Cloud User Guide* .", + "Ipv4NetmaskLength": "", "Ipv6CidrBlock": "The IPv6 CIDR block.\n\nIf you specify `AssignIpv6AddressOnCreation` , you must also specify `Ipv6CidrBlock` .", "Ipv6Native": "Indicates whether this is an IPv6 only subnet. For more information, see [Subnet basics](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html#subnet-basics) in the *Amazon Virtual Private Cloud User Guide* .", + "Ipv6NetmaskLength": "", "MapPublicIpOnLaunch": "Indicates whether instances launched in this subnet receive a public IPv4 address. The default value is `false` .", "OutpostArn": "The Amazon Resource Name (ARN) of the Outpost.", "PrivateDnsNameOptionsOnLaunch": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries to the instances should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .\n\nAvailable options:\n\n- EnableResourceNameDnsAAAARecord (true | false)\n- EnableResourceNameDnsARecord (true | false)\n- HostnameType (ip-name | resource-name)", @@ -12286,9 +12299,11 @@ "ImageConfiguration": "The image configuration applied to all worker types.", "InitialCapacity": "The initial capacity of the application.", "MaximumCapacity": "The maximum capacity of the application. This is cumulative across all workers at any given point in time during the lifespan of the application is created. No new resources will be created once any one of the defined limits is hit.", + "MonitoringConfiguration": "A configuration specification to be used when provisioning an application. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file.", "Name": "The name of the application.", "NetworkConfiguration": "The network configuration for customer VPC connectivity for the application.", - "ReleaseLabel": "The Amazon EMR release associated with the application.", + "ReleaseLabel": "The EMR release associated with the application.", + "RuntimeConfiguration": "The [Configuration](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_Configuration.html) specifications of an application. Each configuration consists of a classification and properties. You use this parameter when creating or updating an application. To see the runtimeConfiguration object of an application, run the [GetApplication](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_GetApplication.html) API operation.", "Tags": "The tags assigned to the application.", "Type": "The type of application, such as Spark or Hive.", "WorkerTypeSpecifications": "The specification applied to each worker type." @@ -12300,6 +12315,11 @@ "Enabled": "", "IdleTimeoutMinutes": "" }, + "AWS::EMRServerless::Application ConfigurationObject": { + "Classification": "", + "Configurations": "", + "SensitivePropertiesMap": "" + }, "AWS::EMRServerless::Application ImageConfigurationInput": { "ImageUri": "The URI of an image in the Amazon ECR registry. This field is required when you create a new application. If you leave this field blank in an update, Amazon EMR will remove the image configuration." }, @@ -12311,15 +12331,27 @@ "Key": "", "Value": "" }, + "AWS::EMRServerless::Application ManagedPersistenceMonitoringConfiguration": { + "Enabled": "Enables managed logging and defaults to true. If set to false, managed logging will be turned off.", + "EncryptionKeyArn": "The KMS key ARN to encrypt the logs stored in managed log persistence." + }, "AWS::EMRServerless::Application MaximumAllowedResources": { "Cpu": "The maximum allowed CPU for an application.", "Disk": "The maximum allowed disk for an application.", "Memory": "The maximum allowed resources for an application." }, + "AWS::EMRServerless::Application MonitoringConfiguration": { + "ManagedPersistenceMonitoringConfiguration": "The managed log persistence configuration for a job run.", + "S3MonitoringConfiguration": "The Amazon S3 configuration for monitoring log publishing." + }, "AWS::EMRServerless::Application NetworkConfiguration": { "SecurityGroupIds": "The array of security group Ids for customer VPC connectivity.", "SubnetIds": "The array of subnet Ids for customer VPC connectivity." }, + "AWS::EMRServerless::Application S3MonitoringConfiguration": { + "EncryptionKeyArn": "The KMS key ARN to encrypt the logs published to the given Amazon S3 destination.", + "LogUri": "The Amazon S3 destination URI for log publishing." + }, "AWS::EMRServerless::Application Tag": { "Key": "", "Value": "" @@ -16266,7 +16298,7 @@ "PerformanceScoreThreshold": "The health event threshold percentage set for performance scores. When the overall performance score is at or below this percentage, Internet Monitor creates a health event." }, "AWS::InternetMonitor::Monitor InternetMeasurementsLogDelivery": { - "S3Config": "The configuration for publishing Amazon CloudWatch Internet Monitor internet measurements to Amazon S3." + "S3Config": "The configuration information for publishing Internet Monitor internet measurements to Amazon S3. The configuration includes the bucket name and (optionally) prefix for the S3 bucket to store the measurements, and the delivery status. The delivery status is `ENABLED` or `DISABLED` , depending on whether you choose to deliver internet measurements to S3 logs." }, "AWS::InternetMonitor::Monitor LocalHealthEventsConfig": { "HealthScoreThreshold": "The health event threshold percentage set for a local health score.", @@ -16274,9 +16306,9 @@ "Status": "The status of whether Internet Monitor creates a health event based on a threshold percentage set for a local health score. The status can be `ENABLED` or `DISABLED` ." }, "AWS::InternetMonitor::Monitor S3Config": { - "BucketName": "The Amazon S3 bucket name for internet measurements publishing.", - "BucketPrefix": "An optional Amazon S3 bucket prefix for internet measurements publishing.", - "LogDeliveryStatus": "The status of publishing Internet Monitor internet measurements to an Amazon S3 bucket. The delivery status is `ENABLED` if you choose to deliver internet measurements to an S3 bucket, and `DISABLED` otherwise." + "BucketName": "The Amazon S3 bucket name.", + "BucketPrefix": "The Amazon S3 bucket prefix.", + "LogDeliveryStatus": "The status of publishing Internet Monitor internet measurements to an Amazon S3 bucket." }, "AWS::InternetMonitor::Monitor Tag": { "Key": "", @@ -21381,7 +21413,7 @@ }, "AWS::MWAA::Environment": { "AirflowConfigurationOptions": "A list of key-value pairs containing the Airflow configuration options for your environment. For example, `core.default_timezone: utc` . To learn more, see [Apache Airflow configuration options](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-env-variables.html) .", - "AirflowVersion": "The version of Apache Airflow to use for the environment. If no value is specified, defaults to the latest version.\n\nIf you specify a newer version number for an existing environment, the version update requires some service interruption before taking effect.\n\n*Allowed Values* : `2.0.2` | `1.10.12` | `2.2.2` | `2.4.3` | `2.5.1` | `2.6.3` (latest)", + "AirflowVersion": "The version of Apache Airflow to use for the environment. If no value is specified, defaults to the latest version.\n\nIf you specify a newer version number for an existing environment, the version update requires some service interruption before taking effect.\n\n*Allowed Values* : `1.10.12` | `2.0.2` | `2.2.2` | `2.4.3` | `2.5.1` | `2.6.3` | `2.7.2` (latest)", "DagS3Path": "The relative path to the DAGs folder on your Amazon S3 bucket. For example, `dags` . To learn more, see [Adding or updating DAGs](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-folder.html) .", "EnvironmentClass": "The environment class type. Valid values: `mw1.small` , `mw1.medium` , `mw1.large` . To learn more, see [Amazon MWAA environment class](https://docs.aws.amazon.com/mwaa/latest/userguide/environment-class.html) .", "ExecutionRoleArn": "The Amazon Resource Name (ARN) of the execution role in IAM that allows MWAA to access AWS resources in your environment. For example, `arn:aws:iam::123456789:role/my-execution-role` . To learn more, see [Amazon MWAA Execution role](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-create-role.html) .", @@ -34186,6 +34218,7 @@ "Domain": "Indicates the directory ID of the Active Directory to create the DB cluster.\n\nFor Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB cluster.\n\nFor more information, see [Kerberos authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", "DomainIAMRoleName": "Specifies the name of the IAM role to use when making API calls to the Directory Service.\n\nValid for: Aurora DB clusters only", "EnableCloudwatchLogsExports": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Aurora User Guide* .\n\n*Aurora MySQL*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Aurora PostgreSQL*\n\nValid values: `postgresql`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", + "EnableGlobalWriteForwarding": "Specifies whether to enable this DB cluster to forward write operations to the primary cluster of a global cluster (Aurora global database). By default, write operations are not allowed on Aurora DB clusters that are secondary clusters in an Aurora global database.\n\nYou can set this value only on Aurora DB clusters that are members of an Aurora global database. With this parameter enabled, a secondary cluster can forward writes to the current primary cluster, and the resulting changes are replicated back to this cluster. For the primary DB cluster of an Aurora global database, this value is used immediately if the primary is demoted by a global cluster API operation, but it does nothing until then.\n\nValid for Cluster Type: Aurora DB clusters only", "EnableHttpEndpoint": "A value that indicates whether to enable the HTTP endpoint for an Aurora Serverless DB cluster. By default, the HTTP endpoint is disabled.\n\nWhen enabled, the HTTP endpoint provides a connectionless web service API for running SQL queries on the Aurora Serverless DB cluster. You can also query your database from inside the RDS console with the query editor.\n\nFor more information, see [Using the Data API for Aurora Serverless](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", "EnableIAMDatabaseAuthentication": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n\nFor more information, see [IAM Database Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon Aurora User Guide.*\n\nValid for: Aurora DB clusters only", "Engine": "The name of the database engine to be used for this DB cluster.\n\nValid Values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `mysql`\n- `postgres`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", @@ -34289,6 +34322,7 @@ "DBSnapshotIdentifier": "The name or Amazon Resource Name (ARN) of the DB snapshot that's used to restore the DB instance. If you're restoring from a shared manual DB snapshot, you must specify the ARN of the snapshot.\n\nBy specifying this property, you can create a DB instance from the specified DB snapshot. If the `DBSnapshotIdentifier` property is an empty string or the `AWS::RDS::DBInstance` declaration has no `DBSnapshotIdentifier` property, AWS CloudFormation creates a new database. If the property contains a value (other than an empty string), AWS CloudFormation creates a database from the specified snapshot. If a snapshot with the specified name doesn't exist, AWS CloudFormation can't create the database and it rolls back the stack.\n\nSome DB instance properties aren't valid when you restore from a snapshot, such as the `MasterUsername` and `MasterUserPassword` properties. For information about the properties that you can specify, see the `RestoreDBInstanceFromDBSnapshot` action in the *Amazon RDS API Reference* .\n\nAfter you restore a DB instance with a `DBSnapshotIdentifier` property, you must specify the same `DBSnapshotIdentifier` property for any future updates to the DB instance. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the `DBSnapshotIdentifier` property, an empty DB instance is created, and the original DB instance is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified `DBSnapshotIdentifier` property, and the original DB instance is deleted.\n\nIf you specify the `DBSnapshotIdentifier` property to restore a DB instance (as opposed to specifying it for DB instance updates), then don't specify the following properties:\n\n- `CharacterSetName`\n- `DBClusterIdentifier`\n- `DBName`\n- `DeleteAutomatedBackups`\n- `EnablePerformanceInsights`\n- `KmsKeyId`\n- `MasterUsername`\n- `MasterUserPassword`\n- `PerformanceInsightsKMSKeyId`\n- `PerformanceInsightsRetentionPeriod`\n- `PromotionTier`\n- `SourceDBInstanceIdentifier`\n- `SourceRegion`\n- `StorageEncrypted` (for an encrypted snapshot)\n- `Timezone`\n\n*Amazon Aurora*\n\nNot applicable. Snapshot restore is managed by the DB cluster.", "DBSubnetGroupName": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new VPC.\n\nIf there's no DB subnet group, then the DB instance isn't a VPC DB instance.\n\nFor more information about using Amazon RDS in a VPC, see [Using Amazon RDS with Amazon Virtual Private Cloud (VPC)](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide* .\n\n*Amazon Aurora*\n\nNot applicable. The DB subnet group is managed by the DB cluster. If specified, the setting must match the DB cluster setting.", "DBSystemId": "The Oracle system identifier (SID), which is the name of the Oracle database instance that manages your database files. In this context, the term \"Oracle database instance\" refers exclusively to the system global area (SGA) and Oracle background processes. If you don't specify a SID, the value defaults to `RDSCDB` . The Oracle SID is also the name of your CDB.", + "DedicatedLogVolume": "Indicates whether the DB instance has a dedicated log volume (DLV) enabled.", "DeleteAutomatedBackups": "A value that indicates whether to remove automated backups immediately after the DB instance is deleted. This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB instance is deleted.\n\n*Amazon Aurora*\n\nNot applicable. When you delete a DB cluster, all automated backups for that DB cluster are deleted and can't be recovered. Manual DB cluster snapshots of the DB cluster are not deleted.", "DeletionProtection": "A value that indicates whether the DB instance has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled. For more information, see [Deleting a DB Instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html) .\n\n*Amazon Aurora*\n\nNot applicable. You can enable or disable deletion protection for the DB cluster. For more information, see `CreateDBCluster` . DB instances in a DB cluster can be deleted even when deletion protection is enabled for the DB cluster.", "Domain": "The Active Directory directory ID to create the DB instance in. Currently, only Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.\n\nFor more information, see [Kerberos Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html) in the *Amazon RDS User Guide* .", @@ -35843,7 +35877,8 @@ "AdvancedCostOptimizationMetrics": "This property contains the details of account-level advanced cost optimization metrics for S3 Storage Lens.", "AdvancedDataProtectionMetrics": "This property contains the details of account-level advanced data protection metrics for S3 Storage Lens.", "BucketLevel": "This property contains the details of the account-level bucket-level configurations for Amazon S3 Storage Lens.", - "DetailedStatusCodesMetrics": "This property contains the details of account-level detailed status code metrics for S3 Storage Lens." + "DetailedStatusCodesMetrics": "This property contains the details of account-level detailed status code metrics for S3 Storage Lens.", + "StorageLensGroupLevel": "" }, "AWS::S3::StorageLens ActivityMetrics": { "IsEnabled": "A property that indicates whether the activity metrics is enabled." @@ -35915,6 +35950,13 @@ "IsEnabled": "This property contains the details of whether the Amazon S3 Storage Lens configuration is enabled.", "StorageLensArn": "This property contains the details of the ARN of the S3 Storage Lens configuration. This property is read-only." }, + "AWS::S3::StorageLens StorageLensGroupLevel": { + "StorageLensGroupSelectionCriteria": "" + }, + "AWS::S3::StorageLens StorageLensGroupSelectionCriteria": { + "Exclude": "", + "Include": "" + }, "AWS::S3::StorageLens Tag": { "Key": "Name of the object key.", "Value": "Value of the tag." @@ -38395,7 +38437,7 @@ "Name": "The name of the new secret.\n\nThe secret name can contain ASCII letters, numbers, and the following characters: /_+=.@-\n\nDo not end your secret name with a hyphen followed by six characters. If you do so, you risk confusion and unexpected results when searching for a secret by partial ARN. Secrets Manager automatically adds a hyphen and six random characters after the secret name at the end of the ARN.", "ReplicaRegions": "A custom type that specifies a `Region` and the `KmsKeyId` for a replica secret.", "SecretString": "The text to encrypt and store in the secret. We recommend you use a JSON structure of key/value pairs for your secret value. To generate a random password, use `GenerateSecretString` instead. If you omit both `GenerateSecretString` and `SecretString` , you create an empty secret. When you make a change to this property, a new secret version is created.", - "Tags": "A list of tags to attach to the secret. Each tag is a key and value pair of strings in a JSON text string, for example:\n\n`[{\"Key\":\"CostCenter\",\"Value\":\"12345\"},{\"Key\":\"environment\",\"Value\":\"production\"}]`\n\nSecrets Manager tag key names are case sensitive. A tag with the key \"ABC\" is a different tag from one with key \"abc\".\n\nIf you check tags in permissions policies as part of your security strategy, then adding or removing a tag can change permissions. If the completion of this operation would result in you losing your permissions for this secret, then Secrets Manager blocks the operation and returns an `Access Denied` error. For more information, see [Control access to secrets using tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac) and [Limit access to identities with tags that match secrets' tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#auth-and-access_tags2) .\n\nFor information about how to format a JSON parameter for the various command line tool environments, see [Using JSON for Parameters](https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) . If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text.\n\nThe following restrictions apply to tags:\n\n- Maximum number of tags per secret: 50\n- Maximum key length: 127 Unicode characters in UTF-8\n- Maximum value length: 255 Unicode characters in UTF-8\n- Tag keys and values are case sensitive.\n- Do not use the `aws:` prefix in your tag names or values because AWS reserves it for AWS use. You can't edit or delete tag names or values with this prefix. Tags with this prefix do not count against your tags per secret limit.\n- If you use your tagging schema across multiple services and resources, other services might have restrictions on allowed characters. Generally allowed characters: letters, spaces, and numbers representable in UTF-8, plus the following special characters: + - = . _ : / @." + "Tags": "A list of tags to attach to the secret. Each tag is a key and value pair of strings in a JSON text string, for example:\n\n`[{\"Key\":\"CostCenter\",\"Value\":\"12345\"},{\"Key\":\"environment\",\"Value\":\"production\"}]`\n\nSecrets Manager tag key names are case sensitive. A tag with the key \"ABC\" is a different tag from one with key \"abc\".\n\nStack-level tags, tags you apply to the CloudFormation stack, are also attached to the secret.\n\nIf you check tags in permissions policies as part of your security strategy, then adding or removing a tag can change permissions. If the completion of this operation would result in you losing your permissions for this secret, then Secrets Manager blocks the operation and returns an `Access Denied` error. For more information, see [Control access to secrets using tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac) and [Limit access to identities with tags that match secrets' tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#auth-and-access_tags2) .\n\nFor information about how to format a JSON parameter for the various command line tool environments, see [Using JSON for Parameters](https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) . If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text.\n\nThe following restrictions apply to tags:\n\n- Maximum number of tags per secret: 50\n- Maximum key length: 127 Unicode characters in UTF-8\n- Maximum value length: 255 Unicode characters in UTF-8\n- Tag keys and values are case sensitive.\n- Do not use the `aws:` prefix in your tag names or values because AWS reserves it for AWS use. You can't edit or delete tag names or values with this prefix. Tags with this prefix do not count against your tags per secret limit.\n- If you use your tagging schema across multiple services and resources, other services might have restrictions on allowed characters. Generally allowed characters: letters, spaces, and numbers representable in UTF-8, plus the following special characters: + - = . _ : / @." }, "AWS::SecretsManager::Secret GenerateSecretString": { "ExcludeCharacters": "A string of the characters that you don't want in the password.", diff --git a/schema_source/cloudformation.schema.json b/schema_source/cloudformation.schema.json index 9fb692b87..0f4da2cd4 100644 --- a/schema_source/cloudformation.schema.json +++ b/schema_source/cloudformation.schema.json @@ -16221,6 +16221,8 @@ "title": "IngressConfiguration" }, "IpAddressType": { + "markdownDescription": "App Runner provides you with the option to choose between *Internet Protocol version 4 (IPv4)* and *dual stack* (IPv4 and IPv6) for your incoming public network configuration. This is an optional parameter. If you do not specify an `IpAddressType` , it defaults to select IPv4.\n\n> Currently, App Runner supports dual stack for only Public endpoint. Only IPv4 is supported for Private endpoint. If you update a service that's using dual-stack Public endpoint to a Private endpoint, your App Runner service will default to support only IPv4 for Private endpoint and fail to receive traffic originating from IPv6 endpoint.", + "title": "IpAddressType", "type": "string" } }, @@ -18039,6 +18041,8 @@ "type": "string" }, "MaximumLength": { + "markdownDescription": "", + "title": "MaximumLength", "type": "number" }, "Permission": { @@ -49711,6 +49715,8 @@ "items": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Script" }, + "markdownDescription": "", + "title": "Scripts", "type": "array" }, "Times": { @@ -50153,24 +50159,36 @@ "additionalProperties": false, "properties": { "ExecuteOperationOnScriptFailure": { + "markdownDescription": "", + "title": "ExecuteOperationOnScriptFailure", "type": "boolean" }, "ExecutionHandler": { + "markdownDescription": "", + "title": "ExecutionHandler", "type": "string" }, "ExecutionHandlerService": { + "markdownDescription": "", + "title": "ExecutionHandlerService", "type": "string" }, "ExecutionTimeout": { + "markdownDescription": "", + "title": "ExecutionTimeout", "type": "number" }, "MaximumRetryCount": { + "markdownDescription": "", + "title": "MaximumRetryCount", "type": "number" }, "Stages": { "items": { "type": "string" }, + "markdownDescription": "", + "title": "Stages", "type": "array" } }, @@ -68808,6 +68826,8 @@ "type": "boolean" }, "Ipv4NetmaskLength": { + "markdownDescription": "", + "title": "Ipv4NetmaskLength", "type": "number" }, "Ipv6CidrBlock": { @@ -68821,6 +68841,8 @@ "type": "boolean" }, "Ipv6NetmaskLength": { + "markdownDescription": "", + "title": "Ipv6NetmaskLength", "type": "number" }, "MapPublicIpOnLaunch": { @@ -79739,7 +79761,9 @@ "title": "MaximumCapacity" }, "MonitoringConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.MonitoringConfiguration" + "$ref": "#/definitions/AWS::EMRServerless::Application.MonitoringConfiguration", + "markdownDescription": "A configuration specification to be used when provisioning an application. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file.", + "title": "MonitoringConfiguration" }, "Name": { "markdownDescription": "The name of the application.", @@ -79752,7 +79776,7 @@ "title": "NetworkConfiguration" }, "ReleaseLabel": { - "markdownDescription": "The Amazon EMR release associated with the application.", + "markdownDescription": "The EMR release associated with the application.", "title": "ReleaseLabel", "type": "string" }, @@ -79760,6 +79784,8 @@ "items": { "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" }, + "markdownDescription": "The [Configuration](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_Configuration.html) specifications of an application. Each configuration consists of a classification and properties. You use this parameter when creating or updating an application. To see the runtimeConfiguration object of an application, run the [GetApplication](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_GetApplication.html) API operation.", + "title": "RuntimeConfiguration", "type": "array" }, "Tags": { @@ -79845,12 +79871,16 @@ "additionalProperties": false, "properties": { "Classification": { + "markdownDescription": "", + "title": "Classification", "type": "string" }, "Configurations": { "items": { "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" }, + "markdownDescription": "", + "title": "Configurations", "type": "array" }, "Properties": { @@ -79923,9 +79953,13 @@ "additionalProperties": false, "properties": { "Enabled": { + "markdownDescription": "Enables managed logging and defaults to true. If set to false, managed logging will be turned off.", + "title": "Enabled", "type": "boolean" }, "EncryptionKeyArn": { + "markdownDescription": "The KMS key ARN to encrypt the logs stored in managed log persistence.", + "title": "EncryptionKeyArn", "type": "string" } }, @@ -79960,10 +79994,14 @@ "additionalProperties": false, "properties": { "ManagedPersistenceMonitoringConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration" + "$ref": "#/definitions/AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration", + "markdownDescription": "The managed log persistence configuration for a job run.", + "title": "ManagedPersistenceMonitoringConfiguration" }, "S3MonitoringConfiguration": { - "$ref": "#/definitions/AWS::EMRServerless::Application.S3MonitoringConfiguration" + "$ref": "#/definitions/AWS::EMRServerless::Application.S3MonitoringConfiguration", + "markdownDescription": "The Amazon S3 configuration for monitoring log publishing.", + "title": "S3MonitoringConfiguration" } }, "type": "object" @@ -79994,9 +80032,13 @@ "additionalProperties": false, "properties": { "EncryptionKeyArn": { + "markdownDescription": "The KMS key ARN to encrypt the logs published to the given Amazon S3 destination.", + "title": "EncryptionKeyArn", "type": "string" }, "LogUri": { + "markdownDescription": "The Amazon S3 destination URI for log publishing.", + "title": "LogUri", "type": "string" } }, @@ -106777,7 +106819,7 @@ "properties": { "S3Config": { "$ref": "#/definitions/AWS::InternetMonitor::Monitor.S3Config", - "markdownDescription": "The configuration for publishing Amazon CloudWatch Internet Monitor internet measurements to Amazon S3.", + "markdownDescription": "The configuration information for publishing Internet Monitor internet measurements to Amazon S3. The configuration includes the bucket name and (optionally) prefix for the S3 bucket to store the measurements, and the delivery status. The delivery status is `ENABLED` or `DISABLED` , depending on whether you choose to deliver internet measurements to S3 logs.", "title": "S3Config" } }, @@ -106808,17 +106850,17 @@ "additionalProperties": false, "properties": { "BucketName": { - "markdownDescription": "The Amazon S3 bucket name for internet measurements publishing.", + "markdownDescription": "The Amazon S3 bucket name.", "title": "BucketName", "type": "string" }, "BucketPrefix": { - "markdownDescription": "An optional Amazon S3 bucket prefix for internet measurements publishing.", + "markdownDescription": "The Amazon S3 bucket prefix.", "title": "BucketPrefix", "type": "string" }, "LogDeliveryStatus": { - "markdownDescription": "The status of publishing Internet Monitor internet measurements to an Amazon S3 bucket. The delivery status is `ENABLED` if you choose to deliver internet measurements to an S3 bucket, and `DISABLED` otherwise.", + "markdownDescription": "The status of publishing Internet Monitor internet measurements to an Amazon S3 bucket.", "title": "LogDeliveryStatus", "type": "string" } @@ -138728,7 +138770,7 @@ "type": "object" }, "AirflowVersion": { - "markdownDescription": "The version of Apache Airflow to use for the environment. If no value is specified, defaults to the latest version.\n\nIf you specify a newer version number for an existing environment, the version update requires some service interruption before taking effect.\n\n*Allowed Values* : `2.0.2` | `1.10.12` | `2.2.2` | `2.4.3` | `2.5.1` | `2.6.3` (latest)", + "markdownDescription": "The version of Apache Airflow to use for the environment. If no value is specified, defaults to the latest version.\n\nIf you specify a newer version number for an existing environment, the version update requires some service interruption before taking effect.\n\n*Allowed Values* : `1.10.12` | `2.0.2` | `2.2.2` | `2.4.3` | `2.5.1` | `2.6.3` | `2.7.2` (latest)", "title": "AirflowVersion", "type": "string" }, @@ -219074,7 +219116,9 @@ "title": "DetailedStatusCodesMetrics" }, "StorageLensGroupLevel": { - "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupLevel" + "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupLevel", + "markdownDescription": "", + "title": "StorageLensGroupLevel" } }, "required": [ @@ -219401,7 +219445,9 @@ "additionalProperties": false, "properties": { "StorageLensGroupSelectionCriteria": { - "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupSelectionCriteria" + "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupSelectionCriteria", + "markdownDescription": "", + "title": "StorageLensGroupSelectionCriteria" } }, "type": "object" @@ -219413,12 +219459,16 @@ "items": { "type": "string" }, + "markdownDescription": "", + "title": "Exclude", "type": "array" }, "Include": { "items": { "type": "string" }, + "markdownDescription": "", + "title": "Include", "type": "array" } }, @@ -234921,7 +234971,7 @@ "items": { "$ref": "#/definitions/Tag" }, - "markdownDescription": "A list of tags to attach to the secret. Each tag is a key and value pair of strings in a JSON text string, for example:\n\n`[{\"Key\":\"CostCenter\",\"Value\":\"12345\"},{\"Key\":\"environment\",\"Value\":\"production\"}]`\n\nSecrets Manager tag key names are case sensitive. A tag with the key \"ABC\" is a different tag from one with key \"abc\".\n\nIf you check tags in permissions policies as part of your security strategy, then adding or removing a tag can change permissions. If the completion of this operation would result in you losing your permissions for this secret, then Secrets Manager blocks the operation and returns an `Access Denied` error. For more information, see [Control access to secrets using tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac) and [Limit access to identities with tags that match secrets' tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#auth-and-access_tags2) .\n\nFor information about how to format a JSON parameter for the various command line tool environments, see [Using JSON for Parameters](https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) . If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text.\n\nThe following restrictions apply to tags:\n\n- Maximum number of tags per secret: 50\n- Maximum key length: 127 Unicode characters in UTF-8\n- Maximum value length: 255 Unicode characters in UTF-8\n- Tag keys and values are case sensitive.\n- Do not use the `aws:` prefix in your tag names or values because AWS reserves it for AWS use. You can't edit or delete tag names or values with this prefix. Tags with this prefix do not count against your tags per secret limit.\n- If you use your tagging schema across multiple services and resources, other services might have restrictions on allowed characters. Generally allowed characters: letters, spaces, and numbers representable in UTF-8, plus the following special characters: + - = . _ : / @.", + "markdownDescription": "A list of tags to attach to the secret. Each tag is a key and value pair of strings in a JSON text string, for example:\n\n`[{\"Key\":\"CostCenter\",\"Value\":\"12345\"},{\"Key\":\"environment\",\"Value\":\"production\"}]`\n\nSecrets Manager tag key names are case sensitive. A tag with the key \"ABC\" is a different tag from one with key \"abc\".\n\nStack-level tags, tags you apply to the CloudFormation stack, are also attached to the secret.\n\nIf you check tags in permissions policies as part of your security strategy, then adding or removing a tag can change permissions. If the completion of this operation would result in you losing your permissions for this secret, then Secrets Manager blocks the operation and returns an `Access Denied` error. For more information, see [Control access to secrets using tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac) and [Limit access to identities with tags that match secrets' tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#auth-and-access_tags2) .\n\nFor information about how to format a JSON parameter for the various command line tool environments, see [Using JSON for Parameters](https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) . If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text.\n\nThe following restrictions apply to tags:\n\n- Maximum number of tags per secret: 50\n- Maximum key length: 127 Unicode characters in UTF-8\n- Maximum value length: 255 Unicode characters in UTF-8\n- Tag keys and values are case sensitive.\n- Do not use the `aws:` prefix in your tag names or values because AWS reserves it for AWS use. You can't edit or delete tag names or values with this prefix. Tags with this prefix do not count against your tags per secret limit.\n- If you use your tagging schema across multiple services and resources, other services might have restrictions on allowed characters. Generally allowed characters: letters, spaces, and numbers representable in UTF-8, plus the following special characters: + - = . _ : / @.", "title": "Tags", "type": "array" }