diff --git a/samtranslator/schema/schema.json b/samtranslator/schema/schema.json index 2275ab86c..089dbf13d 100644 --- a/samtranslator/schema/schema.json +++ b/samtranslator/schema/schema.json @@ -7104,7 +7104,7 @@ "additionalProperties": false, "properties": { "ApiId": { - "markdownDescription": "The identifier of the API.", + "markdownDescription": "The API identifier.", "title": "ApiId", "type": "string" }, @@ -7665,13 +7665,9 @@ "additionalProperties": false, "properties": { "Destination": { - "markdownDescription": "Specifies the location of the response to modify, and how to modify it. To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .", - "title": "Destination", "type": "string" }, "Source": { - "markdownDescription": "Specifies the data to update the parameter with. To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .", - "title": "Source", "type": "string" } }, @@ -7688,8 +7684,6 @@ "items": { "$ref": "#/definitions/AWS::ApiGatewayV2::Integration.ResponseParameter" }, - "markdownDescription": "Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. Response parameters are a key-value map. The key must match the pattern `:
.` or `overwrite.statuscode` . The action can be `append` , `overwrite` or `remove` . The value can be a static value, or map to response data, stage variables, or context variables that are evaluated at runtime. To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .", - "title": "ResponseParameters", "type": "array" } }, @@ -30021,7 +30015,7 @@ "type": "string" }, "ImageId": { - "markdownDescription": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. To choose an AMI for the instance, you must specify a valid AMI alias or a valid AWS Systems Manager path.\n\nFrom November 20, 2023, you will be required to include the `imageId` parameter for the `CreateEnvironmentEC2` action. This change will be reflected across all direct methods of communicating with the API, such as AWS SDK, AWS CLI and AWS CloudFormation. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nFrom January 22, 2024, Amazon Linux (AL1) will be removed from the list of available image IDs for Cloud9. This is necessary as AL1 will reach the end of maintenance support in December 2023, and as a result will no longer receive security updates. We recommend using Amazon Linux 2 as the new AMI to create your environment as it is fully supported. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nSince Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04.\n\n*AMI aliases*\n\n- Amazon Linux: `amazonlinux-1-x86_64`\n- Amazon Linux 2: `amazonlinux-2-x86_64`\n- Ubuntu 18.04: `ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `ubuntu-22.04-x86_64`\n\n*SSM paths*\n\n- Amazon Linux: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-1-x86_64`\n- Amazon Linux 2: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n- Ubuntu 18.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`", + "markdownDescription": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. To choose an AMI for the instance, you must specify a valid AMI alias or a valid AWS Systems Manager path.\n\nFrom December 04, 2023, you will be required to include the `imageId` parameter for the `CreateEnvironmentEC2` action. This change will be reflected across all direct methods of communicating with the API, such as AWS SDK, AWS CLI and AWS CloudFormation. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nFrom January 22, 2024, Amazon Linux (AL1) will be removed from the list of available image IDs for Cloud9. This is necessary as AL1 will reach the end of maintenance support in December 2023, and as a result will no longer receive security updates. We recommend using Amazon Linux 2 as the new AMI to create your environment as it is fully supported. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nSince Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04.\n\n*AMI aliases*\n\n- Amazon Linux (default): `amazonlinux-1-x86_64`\n- Amazon Linux 2: `amazonlinux-2-x86_64`\n- Ubuntu 18.04: `ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `ubuntu-22.04-x86_64`\n\n*SSM paths*\n\n- Amazon Linux (default): `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-1-x86_64`\n- Amazon Linux 2: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n- Ubuntu 18.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`", "title": "ImageId", "type": "string" }, @@ -34847,7 +34841,7 @@ "type": "boolean" }, "RetentionPeriod": { - "markdownDescription": "The retention period of the event data store, in days. You can set a retention period of up to 2557 days, the equivalent of seven years.", + "markdownDescription": "The retention period of the event data store, in days. If `BillingMode` is set to `EXTENDABLE_RETENTION_PRICING` , you can set a retention period of up to 3653 days, the equivalent of 10 years. If `BillingMode` is set to `FIXED_RETENTION_PRICING` , you can set a retention period of up to 2557 days, the equivalent of seven years.\n\nCloudTrail Lake determines whether to retain an event by checking if the `eventTime` of the event is within the specified retention period. For example, if you set a retention period of 90 days, CloudTrail will remove events when the `eventTime` is older than 90 days.\n\n> If you plan to copy trail events to this event data store, we recommend that you consider both the age of the events that you want to copy as well as how long you want to keep the copied events in your event data store. For example, if you copy trail events that are 5 years old and specify a retention period of 7 years, the event data store will retain those events for two years.", "title": "RetentionPeriod", "type": "number" }, @@ -50195,12 +50189,12 @@ "type": "boolean" }, "ExecutionHandler": { - "markdownDescription": "The SSM document that includes the pre and/or post scripts to run.\n\n- If you are automating VSS backups, specify `AWS_VSS_BACKUP` . In this case, Amazon Data Lifecycle Manager automatically uses the `AWSEC2-CreateVssSnapshot` SSM document.\n- If you are using a custom SSM document that you own, specify either the name or ARN of the SSM document. If you are using a custom SSM document that is shared with you, specify the ARN of the SSM document.", + "markdownDescription": "The SSM document that includes the pre and/or post scripts to run.\n\n- If you are automating VSS backups, specify `AWS_VSS_BACKUP` . In this case, Amazon Data Lifecycle Manager automatically uses the `AWSEC2-CreateVssSnapshot` SSM document.\n- If you are automating application-consistent snapshots for SAP HANA workloads, specify `AWSSystemsManagerSAP-CreateDLMSnapshotForSAPHANA` .\n- If you are using a custom SSM document that you own, specify either the name or ARN of the SSM document. If you are using a custom SSM document that is shared with you, specify the ARN of the SSM document.", "title": "ExecutionHandler", "type": "string" }, "ExecutionHandlerService": { - "markdownDescription": "Indicates the service used to execute the pre and/or post scripts.\n\n- If you are using custom SSM documents, specify `AWS_SYSTEMS_MANAGER` .\n- If you are automating VSS Backups, omit this parameter.\n\nDefault: AWS_SYSTEMS_MANAGER", + "markdownDescription": "Indicates the service used to execute the pre and/or post scripts.\n\n- If you are using custom SSM documents or automating application-consistent snapshots of SAP HANA workloads, specify `AWS_SYSTEMS_MANAGER` .\n- If you are automating VSS Backups, omit this parameter.\n\nDefault: AWS_SYSTEMS_MANAGER", "title": "ExecutionHandlerService", "type": "string" }, @@ -61847,7 +61841,7 @@ "type": "array" }, "Tier": { - "markdownDescription": "", + "markdownDescription": "IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see the [VPC IPAM product pricing page](https://docs.aws.amazon.com//vpc/pricing/) .", "title": "Tier", "type": "string" } @@ -86272,7 +86266,7 @@ "type": "string" }, "State": { - "markdownDescription": "The state of the rule.", + "markdownDescription": "The state of the rule.\n\nValid values include:\n\n- `DISABLED` : The rule is disabled. EventBridge does not match any events against the rule.\n- `ENABLED` : The rule is enabled. EventBridge matches events against the rule, *except* for AWS management events delivered through CloudTrail.\n- `ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS` : The rule is enabled for all events, including AWS management events delivered through CloudTrail.\n\nManagement events provide visibility into management operations that are performed on resources in your AWS account. These are also known as control plane operations. For more information, see [Logging management events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html#logging-management-events) in the *CloudTrail User Guide* , and [Filtering management events from AWS services](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-cloudtrail) in the *Amazon EventBridge User Guide* .\n\nThis value is only valid for rules on the [default](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is-how-it-works-concepts.html#eb-bus-concepts-buses) event bus or [custom event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-event-bus.html) . It does not apply to [partner event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-saas.html) .", "title": "State", "type": "string" }, @@ -93006,18 +93000,26 @@ "additionalProperties": false, "properties": { "Name": { + "markdownDescription": "A descriptive label that is associated with a script. Script names do not need to be unique.", + "title": "Name", "type": "string" }, "StorageLocation": { - "$ref": "#/definitions/AWS::GameLift::Script.S3Location" + "$ref": "#/definitions/AWS::GameLift::Script.S3Location", + "markdownDescription": "The location of the Amazon S3 bucket where a zipped file containing your Realtime scripts is stored. The storage location must specify the Amazon S3 bucket name, the zip file name (the \"key\"), and a role ARN that allows Amazon GameLift to access the Amazon S3 storage location. The S3 bucket must be in the same Region where you want to create a new script. By default, Amazon GameLift uploads the latest version of the zip file; if you have S3 object versioning turned on, you can use the `ObjectVersion` parameter to specify an earlier version.", + "title": "StorageLocation" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, + "markdownDescription": "A list of labels to assign to the new script resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", + "title": "Tags", "type": "array" }, "Version": { + "markdownDescription": "The version that is associated with a build or script. Version strings do not need to be unique.", + "title": "Version", "type": "string" } }, @@ -93051,15 +93053,23 @@ "additionalProperties": false, "properties": { "Bucket": { + "markdownDescription": "An Amazon S3 bucket identifier. Thename of the S3 bucket.\n\n> Amazon GameLift doesn't support uploading from Amazon S3 buckets with names that contain a dot (.).", + "title": "Bucket", "type": "string" }, "Key": { + "markdownDescription": "The name of the zip file that contains the build files or script files.", + "title": "Key", "type": "string" }, "ObjectVersion": { + "markdownDescription": "The version of the file, if object versioning is turned on for the bucket. Amazon GameLift uses this information when retrieving files from an S3 bucket that you own. Use this parameter to specify a specific version of the file. If not set, the latest version of the file is retrieved.", + "title": "ObjectVersion", "type": "string" }, "RoleArn": { + "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) for an IAM role that allows Amazon GameLift to access the S3 bucket.", + "title": "RoleArn", "type": "string" } }, @@ -101335,12 +101345,12 @@ "additionalProperties": false, "properties": { "Key": { - "markdownDescription": "", + "markdownDescription": "The tag value.", "title": "Key", "type": "string" }, "Value": { - "markdownDescription": "", + "markdownDescription": "The tag key.", "title": "Value", "type": "string" } @@ -107225,13 +107235,9 @@ "additionalProperties": false, "properties": { "CallbackOverrides": { - "markdownDescription": "An optional AWS Lambda function to invoke instead of the default AWS Lambda function provided by the placement template.", - "title": "CallbackOverrides", "type": "object" }, "DeviceType": { - "markdownDescription": "The device type, which currently must be `\"button\"` .", - "title": "DeviceType", "type": "string" } }, @@ -242937,7 +242943,7 @@ "type": "string" }, "Target": { - "markdownDescription": "Represents the map target that is used in a `HomeDirectorymapEntry` .", + "markdownDescription": "Represents the map target that is used in a `HomeDirectoryMapEntry` .", "title": "Target", "type": "string" } diff --git a/schema_source/cloudformation-docs.json b/schema_source/cloudformation-docs.json index d80f352ae..355b5ebb2 100644 --- a/schema_source/cloudformation-docs.json +++ b/schema_source/cloudformation-docs.json @@ -1043,7 +1043,7 @@ "StageVariables": "A map that defines the stage variables for a `Stage` . Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+." }, "AWS::ApiGatewayV2::ApiMapping": { - "ApiId": "The identifier of the API.", + "ApiId": "The API identifier.", "ApiMappingKey": "The API mapping key.", "DomainName": "The domain name.", "Stage": "The API stage." @@ -1107,13 +1107,6 @@ "TimeoutInMillis": "Custom timeout between 50 and 29,000 milliseconds for WebSocket APIs and between 50 and 30,000 milliseconds for HTTP APIs. The default timeout is 29 seconds for WebSocket APIs and 30 seconds for HTTP APIs.", "TlsConfig": "The TLS configuration for a private integration. If you specify a TLS configuration, private integration traffic uses the HTTPS protocol. Supported only for HTTP APIs." }, - "AWS::ApiGatewayV2::Integration ResponseParameter": { - "Destination": "Specifies the location of the response to modify, and how to modify it. To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .", - "Source": "Specifies the data to update the parameter with. To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) ." - }, - "AWS::ApiGatewayV2::Integration ResponseParameterList": { - "ResponseParameters": "Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. Response parameters are a key-value map. The key must match the pattern `:
.` or `overwrite.statuscode` . The action can be `append` , `overwrite` or `remove` . The value can be a static value, or map to response data, stage variables, or context variables that are evaluated at runtime. To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) ." - }, "AWS::ApiGatewayV2::Integration TlsConfig": { "ServerNameToVerify": "If you specify a server name, API Gateway uses it to verify the hostname on the integration's certificate. The server name is also included in the TLS handshake to support Server Name Indication (SNI) or virtual hosting." }, @@ -4694,7 +4687,7 @@ "AutomaticStopTimeMinutes": "The number of minutes until the running instance is shut down after the environment was last used.", "ConnectionType": "The connection type used for connecting to an Amazon EC2 environment. Valid values are `CONNECT_SSH` (default) and `CONNECT_SSM` (connected through AWS Systems Manager ).", "Description": "The description of the environment to create.", - "ImageId": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. To choose an AMI for the instance, you must specify a valid AMI alias or a valid AWS Systems Manager path.\n\nFrom November 20, 2023, you will be required to include the `imageId` parameter for the `CreateEnvironmentEC2` action. This change will be reflected across all direct methods of communicating with the API, such as AWS SDK, AWS CLI and AWS CloudFormation. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nFrom January 22, 2024, Amazon Linux (AL1) will be removed from the list of available image IDs for Cloud9. This is necessary as AL1 will reach the end of maintenance support in December 2023, and as a result will no longer receive security updates. We recommend using Amazon Linux 2 as the new AMI to create your environment as it is fully supported. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nSince Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04.\n\n*AMI aliases*\n\n- Amazon Linux: `amazonlinux-1-x86_64`\n- Amazon Linux 2: `amazonlinux-2-x86_64`\n- Ubuntu 18.04: `ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `ubuntu-22.04-x86_64`\n\n*SSM paths*\n\n- Amazon Linux: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-1-x86_64`\n- Amazon Linux 2: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n- Ubuntu 18.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`", + "ImageId": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. To choose an AMI for the instance, you must specify a valid AMI alias or a valid AWS Systems Manager path.\n\nFrom December 04, 2023, you will be required to include the `imageId` parameter for the `CreateEnvironmentEC2` action. This change will be reflected across all direct methods of communicating with the API, such as AWS SDK, AWS CLI and AWS CloudFormation. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nFrom January 22, 2024, Amazon Linux (AL1) will be removed from the list of available image IDs for Cloud9. This is necessary as AL1 will reach the end of maintenance support in December 2023, and as a result will no longer receive security updates. We recommend using Amazon Linux 2 as the new AMI to create your environment as it is fully supported. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nSince Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04.\n\n*AMI aliases*\n\n- Amazon Linux (default): `amazonlinux-1-x86_64`\n- Amazon Linux 2: `amazonlinux-2-x86_64`\n- Ubuntu 18.04: `ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `ubuntu-22.04-x86_64`\n\n*SSM paths*\n\n- Amazon Linux (default): `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-1-x86_64`\n- Amazon Linux 2: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n- Ubuntu 18.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`", "InstanceType": "The type of instance to connect to the environment (for example, `t2.micro` ).", "Name": "The name of the environment.", "OwnerArn": "The Amazon Resource Name (ARN) of the environment owner. This ARN can be the ARN of any AWS Identity and Access Management principal. If this value is not specified, the ARN defaults to this environment's creator.", @@ -5358,6 +5351,7 @@ }, "AWS::CloudTrail::EventDataStore": { "AdvancedEventSelectors": "The advanced event selectors to use to select the events for the data store. You can configure up to five advanced event selectors for each event data store.\n\nFor more information about how to use advanced event selectors to log CloudTrail events, see [Log events by using advanced event selectors](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced) in the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include AWS Config configuration items in your event data store, see [Create an event data store for AWS Config configuration items](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-lake-cli.html#lake-cli-create-eds-config) in the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include non- AWS events in your event data store, see [Create an integration to log events from outside AWS](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-lake-cli.html#lake-cli-create-integration) in the CloudTrail User Guide.", + "BillingMode": "The billing mode for the event data store determines the cost for ingesting events and the default and maximum retention period for the event data store.\n\nThe following are the possible values:\n\n- `EXTENDABLE_RETENTION_PRICING` - This billing mode is generally recommended if you want a flexible retention period of up to 3653 days (about 10 years). The default retention period for this billing mode is 366 days.\n- `FIXED_RETENTION_PRICING` - This billing mode is recommended if you expect to ingest more than 25 TB of event data per month and need a retention period of up to 2557 days (about 7 years). The default retention period for this billing mode is 2557 days.\n\nThe default value is `EXTENDABLE_RETENTION_PRICING` .\n\nFor more information about CloudTrail pricing, see [AWS CloudTrail Pricing](https://docs.aws.amazon.com/cloudtrail/pricing/) and [Managing CloudTrail Lake costs](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-lake-manage-costs.html) .", "IngestionEnabled": "Specifies whether the event data store should start ingesting live events. The default is true.", "InsightSelectors": "A JSON string that contains the Insights types you want to log on an event data store. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", "InsightsDestination": "The ARN (or ID suffix of the ARN) of the destination event data store that logs Insights events. For more information, see [Create an event data store for CloudTrail Insights events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store-insights.html) .", @@ -5365,7 +5359,7 @@ "MultiRegionEnabled": "Specifies whether the event data store includes events from all Regions, or only from the Region in which the event data store is created.", "Name": "The name of the event data store.", "OrganizationEnabled": "Specifies whether an event data store collects events logged for an organization in AWS Organizations .", - "RetentionPeriod": "The retention period of the event data store, in days. You can set a retention period of up to 2557 days, the equivalent of seven years.", + "RetentionPeriod": "The retention period of the event data store, in days. If `BillingMode` is set to `EXTENDABLE_RETENTION_PRICING` , you can set a retention period of up to 3653 days, the equivalent of 10 years. If `BillingMode` is set to `FIXED_RETENTION_PRICING` , you can set a retention period of up to 2557 days, the equivalent of seven years.\n\nCloudTrail Lake determines whether to retain an event by checking if the `eventTime` of the event is within the specified retention period. For example, if you set a retention period of 90 days, CloudTrail will remove events when the `eventTime` is older than 90 days.\n\n> If you plan to copy trail events to this event data store, we recommend that you consider both the age of the events that you want to copy as well as how long you want to keep the copied events in your event data store. For example, if you copy trail events that are 5 years old and specify a retention period of 7 years, the event data store will retain those events for two years.", "Tags": "A list of tags.", "TerminationProtectionEnabled": "Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled." }, @@ -7651,8 +7645,8 @@ }, "AWS::DLM::LifecyclePolicy Script": { "ExecuteOperationOnScriptFailure": "Indicates whether Amazon Data Lifecycle Manager should default to crash-consistent snapshots if the pre script fails.\n\n- To default to crash consistent snapshot if the pre script fails, specify `true` .\n- To skip the instance for snapshot creation if the pre script fails, specify `false` .\n\nThis parameter is supported only if you run a pre script. If you run a post script only, omit this parameter.\n\nDefault: true", - "ExecutionHandler": "The SSM document that includes the pre and/or post scripts to run.\n\n- If you are automating VSS backups, specify `AWS_VSS_BACKUP` . In this case, Amazon Data Lifecycle Manager automatically uses the `AWSEC2-CreateVssSnapshot` SSM document.\n- If you are using a custom SSM document that you own, specify either the name or ARN of the SSM document. If you are using a custom SSM document that is shared with you, specify the ARN of the SSM document.", - "ExecutionHandlerService": "Indicates the service used to execute the pre and/or post scripts.\n\n- If you are using custom SSM documents, specify `AWS_SYSTEMS_MANAGER` .\n- If you are automating VSS Backups, omit this parameter.\n\nDefault: AWS_SYSTEMS_MANAGER", + "ExecutionHandler": "The SSM document that includes the pre and/or post scripts to run.\n\n- If you are automating VSS backups, specify `AWS_VSS_BACKUP` . In this case, Amazon Data Lifecycle Manager automatically uses the `AWSEC2-CreateVssSnapshot` SSM document.\n- If you are automating application-consistent snapshots for SAP HANA workloads, specify `AWSSystemsManagerSAP-CreateDLMSnapshotForSAPHANA` .\n- If you are using a custom SSM document that you own, specify either the name or ARN of the SSM document. If you are using a custom SSM document that is shared with you, specify the ARN of the SSM document.", + "ExecutionHandlerService": "Indicates the service used to execute the pre and/or post scripts.\n\n- If you are using custom SSM documents or automating application-consistent snapshots of SAP HANA workloads, specify `AWS_SYSTEMS_MANAGER` .\n- If you are automating VSS Backups, omit this parameter.\n\nDefault: AWS_SYSTEMS_MANAGER", "ExecutionTimeout": "Specifies a timeout period, in seconds, after which Amazon Data Lifecycle Manager fails the script run attempt if it has not completed. If a script does not complete within its timeout period, Amazon Data Lifecycle Manager fails the attempt. The timeout period applies to the pre and post scripts individually.\n\nIf you are automating VSS Backups, omit this parameter.\n\nDefault: 10", "MaximumRetryCount": "Specifies the number of times Amazon Data Lifecycle Manager should retry scripts that fail.\n\n- If the pre script fails, Amazon Data Lifecycle Manager retries the entire snapshot creation process, including running the pre and post scripts.\n- If the post script fails, Amazon Data Lifecycle Manager retries the post script only; in this case, the pre script will have completed and the snapshot might have been created.\n\nIf you do not want Amazon Data Lifecycle Manager to retry failed scripts, specify `0` .\n\nDefault: 0", "Stages": "Indicate which scripts Amazon Data Lifecycle Manager should run on target instances. Pre scripts run before Amazon Data Lifecycle Manager initiates snapshot creation. Post scripts run after Amazon Data Lifecycle Manager initiates snapshot creation.\n\n- To run a pre script only, specify `PRE` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `pre-script` parameter before initiating snapshot creation.\n- To run a post script only, specify `POST` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `post-script` parameter after initiating snapshot creation.\n- To run both pre and post scripts, specify both `PRE` and `POST` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `pre-script` parameter before initiating snapshot creation, and then it calls the SSM document again with the `post-script` parameter after initiating snapshot creation.\n\nIf you are automating VSS Backups, omit this parameter.\n\nDefault: PRE and POST" @@ -9602,7 +9596,7 @@ "Description": "The description for the IPAM.", "OperatingRegions": "The operating Regions for an IPAM. Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the AWS Regions you select as operating Regions.\n\nFor more information about operating Regions, see [Create an IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/create-ipam.html) in the *Amazon VPC IPAM User Guide* .", "Tags": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", - "Tier": "" + "Tier": "IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see the [VPC IPAM product pricing page](https://docs.aws.amazon.com//vpc/pricing/) ." }, "AWS::EC2::IPAM IpamOperatingRegion": { "RegionName": "The name of the operating Region." @@ -11777,7 +11771,6 @@ "Value": "The optional part of a key-value pair that make up a tag. A `value` acts as a descriptor within a tag category (key)." }, "AWS::EKS::Cluster": { - "AccessConfig": "", "EncryptionConfig": "The encryption configuration for the cluster.", "KubernetesNetworkConfig": "The Kubernetes network configuration for the cluster.", "Logging": "The logging configuration for your cluster.", @@ -11788,10 +11781,6 @@ "Tags": "The metadata that you apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Cluster tags don't propagate to any other resources associated with the cluster.\n\n> You must have the `eks:TagResource` and `eks:UntagResource` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", "Version": "The desired Kubernetes version for your cluster. If you don't specify a value here, the default version available in Amazon EKS is used.\n\n> The default version might not be the latest version available." }, - "AWS::EKS::Cluster AccessConfig": { - "AuthenticationMode": "", - "BootstrapClusterCreatorAdminPermissions": "" - }, "AWS::EKS::Cluster ClusterLogging": { "EnabledTypes": "The enabled control plane logs for your cluster. All log types are disabled if the array is empty.\n\n> When updating a resource, you must include this `EnabledTypes` property if the previous CloudFormation template of the resource had it." }, @@ -13308,7 +13297,7 @@ "Name": "The name of the rule.", "RoleArn": "The Amazon Resource Name (ARN) of the role that is used for target invocation.\n\nIf you're setting an event bus in another account as the target and that account granted permission to your account through an organization instead of directly by the account ID, you must specify a `RoleArn` with proper permissions in the `Target` structure, instead of here in this parameter.", "ScheduleExpression": "The scheduling expression. For example, \"cron(0 20 * * ? *)\", \"rate(5 minutes)\". For more information, see [Creating an Amazon EventBridge rule that runs on a schedule](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-rule-schedule.html) .", - "State": "The state of the rule.", + "State": "The state of the rule.\n\nValid values include:\n\n- `DISABLED` : The rule is disabled. EventBridge does not match any events against the rule.\n- `ENABLED` : The rule is enabled. EventBridge matches events against the rule, *except* for AWS management events delivered through CloudTrail.\n- `ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS` : The rule is enabled for all events, including AWS management events delivered through CloudTrail.\n\nManagement events provide visibility into management operations that are performed on resources in your AWS account. These are also known as control plane operations. For more information, see [Logging management events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html#logging-management-events) in the *CloudTrail User Guide* , and [Filtering management events from AWS services](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-cloudtrail) in the *Amazon EventBridge User Guide* .\n\nThis value is only valid for rules on the [default](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is-how-it-works-concepts.html#eb-bus-concepts-buses) event bus or [custom event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-event-bus.html) . It does not apply to [partner event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-saas.html) .", "Targets": "Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule.\n\nTargets are the resources that are invoked when a rule is triggered.\n\nThe maximum number of entries per request is 10.\n\n> Each rule can have up to five (5) targets associated with it at one time. \n\nFor a list of services you can configure as targets for events, see [EventBridge targets](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-targets.html) in the *Amazon EventBridge User Guide* .\n\nCreating rules with built-in targets is supported only in the AWS Management Console . The built-in targets are:\n\n- `Amazon EBS CreateSnapshot API call`\n- `Amazon EC2 RebootInstances API call`\n- `Amazon EC2 StopInstances API call`\n- `Amazon EC2 TerminateInstances API call`\n\nFor some target types, `PutTargets` provides target-specific parameters. If the target is a Kinesis data stream, you can optionally specify which shard the event goes to by using the `KinesisParameters` argument. To invoke a command on multiple EC2 instances with one rule, you can use the `RunCommandParameters` field.\n\nTo be able to make API calls against the resources that you own, Amazon EventBridge needs the appropriate permissions:\n\n- For AWS Lambda and Amazon SNS resources, EventBridge relies on resource-based policies.\n- For EC2 instances, Kinesis Data Streams, AWS Step Functions state machines and API Gateway APIs, EventBridge relies on IAM roles that you specify in the `RoleARN` argument in `PutTargets` .\n\nFor more information, see [Authentication and Access Control](https://docs.aws.amazon.com/eventbridge/latest/userguide/auth-and-access-control-eventbridge.html) in the *Amazon EventBridge User Guide* .\n\nIf another AWS account is in the same region and has granted you permission (using `PutPermission` ), you can send events to that account. Set that account's event bus as a target of the rules in your account. To send the matched events to the other account, specify that account's event bus as the `Arn` value when you run `PutTargets` . If your account sends events to another account, your account is charged for each sent event. Each event sent to another account is charged as a custom event. The account receiving the event is not charged. For more information, see [Amazon EventBridge Pricing](https://docs.aws.amazon.com/eventbridge/pricing/) .\n\n> `Input` , `InputPath` , and `InputTransformer` are not available with `PutTarget` if the target is an event bus of a different AWS account. \n\nIf you are setting the event bus of another account as the target, and that account granted permission to your account through an organization instead of directly by the account ID, then you must specify a `RoleArn` with proper permissions in the `Target` structure. For more information, see [Sending and Receiving Events Between AWS Accounts](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-cross-account-event-delivery.html) in the *Amazon EventBridge User Guide* .\n\n> If you have an IAM role on a cross-account event bus target, a `PutTargets` call without a role on the same target (same `Id` and `Arn` ) will not remove the role. \n\nFor more information about enabling cross-account events, see [PutPermission](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutPermission.html) .\n\n*Input* , *InputPath* , and *InputTransformer* are mutually exclusive and optional parameters of a target. When a rule is triggered due to a matched event:\n\n- If none of the following arguments are specified for a target, then the entire event is passed to the target in JSON format (unless the target is Amazon EC2 Run Command or Amazon ECS task, in which case nothing from the event is passed to the target).\n- If *Input* is specified in the form of valid JSON, then the matched event is overridden with this constant.\n- If *InputPath* is specified in the form of JSONPath (for example, `$.detail` ), then only the part of the event specified in the path is passed to the target (for example, only the detail part of the event is passed).\n- If *InputTransformer* is specified, then one or more specified JSONPaths are extracted from the event and used as values in a template that you specify as the input to the target.\n\nWhen you specify `InputPath` or `InputTransformer` , you must use JSON dot notation, not bracket notation.\n\nWhen you add targets to a rule and the associated rule triggers soon after, new or updated targets might not be immediately invoked. Allow a short period of time for changes to take effect.\n\nThis action can partially fail if too many requests are made at the same time. If that happens, `FailedEntryCount` is non-zero in the response and each entry in `FailedEntries` provides the ID of the failed target and the error code." }, "AWS::Events::Rule AwsVpcConfiguration": { @@ -14372,6 +14361,22 @@ "Key": "The key for a developer-defined key value pair for tagging an AWS resource.", "Value": "The value for a developer-defined key value pair for tagging an AWS resource." }, + "AWS::GameLift::Script": { + "Name": "A descriptive label that is associated with a script. Script names do not need to be unique.", + "StorageLocation": "The location of the Amazon S3 bucket where a zipped file containing your Realtime scripts is stored. The storage location must specify the Amazon S3 bucket name, the zip file name (the \"key\"), and a role ARN that allows Amazon GameLift to access the Amazon S3 storage location. The S3 bucket must be in the same Region where you want to create a new script. By default, Amazon GameLift uploads the latest version of the zip file; if you have S3 object versioning turned on, you can use the `ObjectVersion` parameter to specify an earlier version.", + "Tags": "A list of labels to assign to the new script resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", + "Version": "The version that is associated with a build or script. Version strings do not need to be unique." + }, + "AWS::GameLift::Script S3Location": { + "Bucket": "An Amazon S3 bucket identifier. Thename of the S3 bucket.\n\n> Amazon GameLift doesn't support uploading from Amazon S3 buckets with names that contain a dot (.).", + "Key": "The name of the zip file that contains the build files or script files.", + "ObjectVersion": "The version of the file, if object versioning is turned on for the bucket. Amazon GameLift uses this information when retrieving files from an S3 bucket that you own. Use this parameter to specify a specific version of the file. If not set, the latest version of the file is retrieved.", + "RoleArn": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) for an IAM role that allows Amazon GameLift to access the S3 bucket." + }, + "AWS::GameLift::Script Tag": { + "Key": "The key for a developer-defined key value pair for tagging an AWS resource.", + "Value": "The value for a developer-defined key value pair for tagging an AWS resource." + }, "AWS::GlobalAccelerator::Accelerator": { "Enabled": "Indicates whether the accelerator is enabled. The value is true or false. The default value is true.\n\nIf the value is set to true, the accelerator cannot be deleted. If set to false, accelerator can be deleted.", "IpAddressType": "The IP address type that an accelerator supports. For a standard accelerator, the value can be IPV4 or DUAL_STACK.", @@ -15622,8 +15627,8 @@ "EbsVolumes": "Describes the configuration for scanning EBS volumes as data source." }, "AWS::GuardDuty::Detector TagItem": { - "Key": "", - "Value": "" + "Key": "The tag value.", + "Value": "The tag key." }, "AWS::GuardDuty::Filter": { "Action": "Specifies the action that is to be applied to the findings that match the filter.", @@ -15664,9 +15669,9 @@ "Name": "The user-friendly name to identify the IPSet.\n\nAllowed characters are alphanumeric, whitespace, dash (-), and underscores (_).", "Tags": "The tags to be added to a new IP set resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." }, - "AWS::GuardDuty::IPSet Tag": { - "Key": "The EC2 instance tag key.", - "Value": "The EC2 instance tag value." + "AWS::GuardDuty::IPSet TagItem": { + "Key": "", + "Value": "" }, "AWS::GuardDuty::Master": { "DetectorId": "The unique ID of the detector of the GuardDuty member account.", @@ -15687,9 +15692,9 @@ "Name": "A user-friendly ThreatIntelSet name displayed in all findings that are generated by activity that involves IP addresses included in this ThreatIntelSet.", "Tags": "The tags to be added to a new threat list resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." }, - "AWS::GuardDuty::ThreatIntelSet Tag": { - "Key": "The EC2 instance tag key.", - "Value": "The EC2 instance tag value." + "AWS::GuardDuty::ThreatIntelSet TagItem": { + "Key": "", + "Value": "" }, "AWS::HealthImaging::Datastore": { "DatastoreName": "The data store name.", @@ -16219,6 +16224,59 @@ "S3BucketName": "The S3 bucket in which to store the logs.", "S3KeyPrefix": "The Amazon S3 path to the bucket where the logs are stored." }, + "AWS::ImageBuilder::LifecyclePolicy": { + "Description": "Optional description for the lifecycle policy.", + "ExecutionRole": "The name of the IAM role that Image Builder uses to run the lifecycle policy. This is a custom role that you create.", + "Name": "The name of the lifecycle policy.", + "PolicyDetails": "The configuration details for a lifecycle policy resource.", + "ResourceSelection": "Resource selection criteria used to run the lifecycle policy.", + "ResourceType": "The type of resources the lifecycle policy targets.", + "Status": "Indicates whether the lifecycle policy resource is enabled.", + "Tags": "To help manage your lifecycle policy resources, you can assign your own metadata to each resource in the form of tags. Each tag consists of a key and an optional value, both of which you define." + }, + "AWS::ImageBuilder::LifecyclePolicy Action": { + "IncludeResources": "", + "Type": "" + }, + "AWS::ImageBuilder::LifecyclePolicy AmiExclusionRules": { + "IsPublic": "", + "LastLaunched": "", + "Regions": "", + "SharedAccounts": "", + "TagMap": "" + }, + "AWS::ImageBuilder::LifecyclePolicy ExclusionRules": { + "Amis": "", + "TagMap": "" + }, + "AWS::ImageBuilder::LifecyclePolicy Filter": { + "RetainAtLeast": "", + "Type": "", + "Unit": "", + "Value": "" + }, + "AWS::ImageBuilder::LifecyclePolicy IncludeResources": { + "Amis": "", + "Containers": "", + "Snapshots": "" + }, + "AWS::ImageBuilder::LifecyclePolicy LastLaunched": { + "Unit": "", + "Value": "" + }, + "AWS::ImageBuilder::LifecyclePolicy PolicyDetail": { + "Action": "", + "ExclusionRules": "", + "Filter": "" + }, + "AWS::ImageBuilder::LifecyclePolicy RecipeSelection": { + "Name": "", + "SemanticVersion": "" + }, + "AWS::ImageBuilder::LifecyclePolicy ResourceSelection": { + "Recipes": "", + "TagMap": "" + }, "AWS::Inspector::AssessmentTarget": { "AssessmentTargetName": "The name of the Amazon Inspector assessment target. The name must be unique within the AWS account .", "ResourceGroupArn": "The ARN that specifies the resource group that is used to create the assessment target. If `resourceGroupArn` is not specified, all EC2 instances in the current AWS account and Region are included in the assessment target." @@ -16359,10 +16417,6 @@ "PlacementTemplate": "An object describing the project's placement specifications.", "ProjectName": "The name of the project from which to obtain information." }, - "AWS::IoT1Click::Project DeviceTemplate": { - "CallbackOverrides": "An optional AWS Lambda function to invoke instead of the default AWS Lambda function provided by the placement template.", - "DeviceType": "The device type, which currently must be `\"button\"` ." - }, "AWS::IoT1Click::Project PlacementTemplate": { "DefaultAttributes": "The default attributes (key-value pairs) to be applied to all placements using this template.", "DeviceTemplates": "An object specifying the [DeviceTemplate](https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_DeviceTemplate.html) for all placements using this ( [PlacementTemplate](https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_PlacementTemplate.html) ) template." @@ -16685,7 +16739,7 @@ "AdditionalMetricsToRetainV2": "A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's `behaviors` , but it's also retained for any metric specified here. Can be used with custom metrics; can't be used with dimensions.", "AlertTargets": "Specifies the destinations to which alerts are sent. (Alerts are always sent to the console.) Alerts are generated when a device (thing) violates a behavior.", "Behaviors": "Specifies the behaviors that, when violated by a device (thing), cause an alert.", - "MetricsExportConfig": "", + "MetricsExportConfig": "Specifies the MQTT topic and role ARN required for metric export.", "SecurityProfileDescription": "A description of the security profile.", "SecurityProfileName": "The name you gave to the security profile.", "Tags": "Metadata that can be used to manage the security profile.", @@ -16697,7 +16751,7 @@ }, "AWS::IoT::SecurityProfile Behavior": { "Criteria": "The criteria that determine if a device is behaving normally in regard to the `metric` .\n\n> In the AWS IoT console, you can choose to be sent an alert through Amazon SNS when AWS IoT Device Defender detects that a device is behaving anomalously.", - "ExportMetric": "", + "ExportMetric": "Value indicates exporting metrics related to the behavior when it is true.", "Metric": "What is measured by the behavior.", "MetricDimension": "The dimension of the metric.", "Name": "The name you've given to the behavior.", @@ -16720,7 +16774,7 @@ "Operator": "Operators are constructs that perform logical operations. Valid values are `IN` and `NOT_IN` ." }, "AWS::IoT::SecurityProfile MetricToRetain": { - "ExportMetric": "", + "ExportMetric": "The value indicates exporting metrics related to the `MetricToRetain` when it's true.", "Metric": "A standard of measurement.", "MetricDimension": "The dimension of the metric." }, @@ -21459,6 +21513,7 @@ "AirflowConfigurationOptions": "A list of key-value pairs containing the Airflow configuration options for your environment. For example, `core.default_timezone: utc` . To learn more, see [Apache Airflow configuration options](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-env-variables.html) .", "AirflowVersion": "The version of Apache Airflow to use for the environment. If no value is specified, defaults to the latest version.\n\nIf you specify a newer version number for an existing environment, the version update requires some service interruption before taking effect.\n\n*Allowed Values* : `1.10.12` | `2.0.2` | `2.2.2` | `2.4.3` | `2.5.1` | `2.6.3` | `2.7.2` (latest)", "DagS3Path": "The relative path to the DAGs folder on your Amazon S3 bucket. For example, `dags` . To learn more, see [Adding or updating DAGs](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-folder.html) .", + "EndpointManagement": "Defines whether the VPC endpoints configured for the environment are created, and managed, by the customer or by Amazon MWAA. If set to `SERVICE` , Amazon MWAA will create and manage the required VPC endpoints in your VPC. If set to `CUSTOMER` , you must create, and manage, the VPC endpoints in your VPC.", "EnvironmentClass": "The environment class type. Valid values: `mw1.small` , `mw1.medium` , `mw1.large` . To learn more, see [Amazon MWAA environment class](https://docs.aws.amazon.com/mwaa/latest/userguide/environment-class.html) .", "ExecutionRoleArn": "The Amazon Resource Name (ARN) of the execution role in IAM that allows MWAA to access AWS resources in your environment. For example, `arn:aws:iam::123456789:role/my-execution-role` . To learn more, see [Amazon MWAA Execution role](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-create-role.html) .", "KmsKey": "The AWS Key Management Service (KMS) key to encrypt and decrypt the data in your environment. You can use an AWS KMS key managed by MWAA, or a customer-managed KMS key (advanced).", @@ -24350,6 +24405,12 @@ "Key": "The key to use in the tag.", "Value": "The value of the tag." }, + "AWS::OpenSearchServerless::LifecyclePolicy": { + "Description": "The description of the lifecycle policy.", + "Name": "The name of the lifecycle policy.", + "Policy": "The JSON policy document without any whitespaces.", + "Type": "The type of lifecycle policy." + }, "AWS::OpenSearchServerless::SecurityConfig": { "Description": "The description of the security configuration.", "Name": "The name of the security configuration.", @@ -35707,7 +35768,8 @@ "AWS::Route53Resolver::ResolverRule TargetAddress": { "Ip": "One IPv4 address that you want to forward DNS queries to.", "Ipv6": "One IPv6 address that you want to forward DNS queries to.", - "Port": "The port at `Ip` that you want to forward DNS queries to." + "Port": "The port at `Ip` that you want to forward DNS queries to.", + "Protocol": "" }, "AWS::Route53Resolver::ResolverRuleAssociation": { "Name": "The name of an association between a Resolver rule and a VPC.", @@ -39550,7 +39612,7 @@ }, "AWS::Transfer::User HomeDirectoryMapEntry": { "Entry": "Represents an entry for `HomeDirectoryMappings` .", - "Target": "Represents the map target that is used in a `HomeDirectorymapEntry` ." + "Target": "Represents the map target that is used in a `HomeDirectoryMapEntry` ." }, "AWS::Transfer::User PosixProfile": { "Gid": "The POSIX group ID used for all EFS operations by this user.", diff --git a/schema_source/cloudformation.schema.json b/schema_source/cloudformation.schema.json index 30bee4d3a..566a64f7d 100644 --- a/schema_source/cloudformation.schema.json +++ b/schema_source/cloudformation.schema.json @@ -7090,7 +7090,7 @@ "additionalProperties": false, "properties": { "ApiId": { - "markdownDescription": "The identifier of the API.", + "markdownDescription": "The API identifier.", "title": "ApiId", "type": "string" }, @@ -7651,13 +7651,9 @@ "additionalProperties": false, "properties": { "Destination": { - "markdownDescription": "Specifies the location of the response to modify, and how to modify it. To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .", - "title": "Destination", "type": "string" }, "Source": { - "markdownDescription": "Specifies the data to update the parameter with. To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .", - "title": "Source", "type": "string" } }, @@ -7674,8 +7670,6 @@ "items": { "$ref": "#/definitions/AWS::ApiGatewayV2::Integration.ResponseParameter" }, - "markdownDescription": "Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. Response parameters are a key-value map. The key must match the pattern `:
.` or `overwrite.statuscode` . The action can be `append` , `overwrite` or `remove` . The value can be a static value, or map to response data, stage variables, or context variables that are evaluated at runtime. To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .", - "title": "ResponseParameters", "type": "array" } }, @@ -29993,7 +29987,7 @@ "type": "string" }, "ImageId": { - "markdownDescription": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. To choose an AMI for the instance, you must specify a valid AMI alias or a valid AWS Systems Manager path.\n\nFrom November 20, 2023, you will be required to include the `imageId` parameter for the `CreateEnvironmentEC2` action. This change will be reflected across all direct methods of communicating with the API, such as AWS SDK, AWS CLI and AWS CloudFormation. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nFrom January 22, 2024, Amazon Linux (AL1) will be removed from the list of available image IDs for Cloud9. This is necessary as AL1 will reach the end of maintenance support in December 2023, and as a result will no longer receive security updates. We recommend using Amazon Linux 2 as the new AMI to create your environment as it is fully supported. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nSince Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04.\n\n*AMI aliases*\n\n- Amazon Linux: `amazonlinux-1-x86_64`\n- Amazon Linux 2: `amazonlinux-2-x86_64`\n- Ubuntu 18.04: `ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `ubuntu-22.04-x86_64`\n\n*SSM paths*\n\n- Amazon Linux: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-1-x86_64`\n- Amazon Linux 2: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n- Ubuntu 18.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`", + "markdownDescription": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. To choose an AMI for the instance, you must specify a valid AMI alias or a valid AWS Systems Manager path.\n\nFrom December 04, 2023, you will be required to include the `imageId` parameter for the `CreateEnvironmentEC2` action. This change will be reflected across all direct methods of communicating with the API, such as AWS SDK, AWS CLI and AWS CloudFormation. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nFrom January 22, 2024, Amazon Linux (AL1) will be removed from the list of available image IDs for Cloud9. This is necessary as AL1 will reach the end of maintenance support in December 2023, and as a result will no longer receive security updates. We recommend using Amazon Linux 2 as the new AMI to create your environment as it is fully supported. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nSince Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04.\n\n*AMI aliases*\n\n- Amazon Linux (default): `amazonlinux-1-x86_64`\n- Amazon Linux 2: `amazonlinux-2-x86_64`\n- Ubuntu 18.04: `ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `ubuntu-22.04-x86_64`\n\n*SSM paths*\n\n- Amazon Linux (default): `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-1-x86_64`\n- Amazon Linux 2: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n- Ubuntu 18.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`", "title": "ImageId", "type": "string" }, @@ -34819,7 +34813,7 @@ "type": "boolean" }, "RetentionPeriod": { - "markdownDescription": "The retention period of the event data store, in days. You can set a retention period of up to 2557 days, the equivalent of seven years.", + "markdownDescription": "The retention period of the event data store, in days. If `BillingMode` is set to `EXTENDABLE_RETENTION_PRICING` , you can set a retention period of up to 3653 days, the equivalent of 10 years. If `BillingMode` is set to `FIXED_RETENTION_PRICING` , you can set a retention period of up to 2557 days, the equivalent of seven years.\n\nCloudTrail Lake determines whether to retain an event by checking if the `eventTime` of the event is within the specified retention period. For example, if you set a retention period of 90 days, CloudTrail will remove events when the `eventTime` is older than 90 days.\n\n> If you plan to copy trail events to this event data store, we recommend that you consider both the age of the events that you want to copy as well as how long you want to keep the copied events in your event data store. For example, if you copy trail events that are 5 years old and specify a retention period of 7 years, the event data store will retain those events for two years.", "title": "RetentionPeriod", "type": "number" }, @@ -50167,12 +50161,12 @@ "type": "boolean" }, "ExecutionHandler": { - "markdownDescription": "The SSM document that includes the pre and/or post scripts to run.\n\n- If you are automating VSS backups, specify `AWS_VSS_BACKUP` . In this case, Amazon Data Lifecycle Manager automatically uses the `AWSEC2-CreateVssSnapshot` SSM document.\n- If you are using a custom SSM document that you own, specify either the name or ARN of the SSM document. If you are using a custom SSM document that is shared with you, specify the ARN of the SSM document.", + "markdownDescription": "The SSM document that includes the pre and/or post scripts to run.\n\n- If you are automating VSS backups, specify `AWS_VSS_BACKUP` . In this case, Amazon Data Lifecycle Manager automatically uses the `AWSEC2-CreateVssSnapshot` SSM document.\n- If you are automating application-consistent snapshots for SAP HANA workloads, specify `AWSSystemsManagerSAP-CreateDLMSnapshotForSAPHANA` .\n- If you are using a custom SSM document that you own, specify either the name or ARN of the SSM document. If you are using a custom SSM document that is shared with you, specify the ARN of the SSM document.", "title": "ExecutionHandler", "type": "string" }, "ExecutionHandlerService": { - "markdownDescription": "Indicates the service used to execute the pre and/or post scripts.\n\n- If you are using custom SSM documents, specify `AWS_SYSTEMS_MANAGER` .\n- If you are automating VSS Backups, omit this parameter.\n\nDefault: AWS_SYSTEMS_MANAGER", + "markdownDescription": "Indicates the service used to execute the pre and/or post scripts.\n\n- If you are using custom SSM documents or automating application-consistent snapshots of SAP HANA workloads, specify `AWS_SYSTEMS_MANAGER` .\n- If you are automating VSS Backups, omit this parameter.\n\nDefault: AWS_SYSTEMS_MANAGER", "title": "ExecutionHandlerService", "type": "string" }, @@ -61812,7 +61806,7 @@ "type": "array" }, "Tier": { - "markdownDescription": "", + "markdownDescription": "IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see the [VPC IPAM product pricing page](https://docs.aws.amazon.com//vpc/pricing/) .", "title": "Tier", "type": "string" } @@ -86230,7 +86224,7 @@ "type": "string" }, "State": { - "markdownDescription": "The state of the rule.", + "markdownDescription": "The state of the rule.\n\nValid values include:\n\n- `DISABLED` : The rule is disabled. EventBridge does not match any events against the rule.\n- `ENABLED` : The rule is enabled. EventBridge matches events against the rule, *except* for AWS management events delivered through CloudTrail.\n- `ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS` : The rule is enabled for all events, including AWS management events delivered through CloudTrail.\n\nManagement events provide visibility into management operations that are performed on resources in your AWS account. These are also known as control plane operations. For more information, see [Logging management events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html#logging-management-events) in the *CloudTrail User Guide* , and [Filtering management events from AWS services](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-cloudtrail) in the *Amazon EventBridge User Guide* .\n\nThis value is only valid for rules on the [default](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is-how-it-works-concepts.html#eb-bus-concepts-buses) event bus or [custom event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-event-bus.html) . It does not apply to [partner event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-saas.html) .", "title": "State", "type": "string" }, @@ -92964,18 +92958,26 @@ "additionalProperties": false, "properties": { "Name": { + "markdownDescription": "A descriptive label that is associated with a script. Script names do not need to be unique.", + "title": "Name", "type": "string" }, "StorageLocation": { - "$ref": "#/definitions/AWS::GameLift::Script.S3Location" + "$ref": "#/definitions/AWS::GameLift::Script.S3Location", + "markdownDescription": "The location of the Amazon S3 bucket where a zipped file containing your Realtime scripts is stored. The storage location must specify the Amazon S3 bucket name, the zip file name (the \"key\"), and a role ARN that allows Amazon GameLift to access the Amazon S3 storage location. The S3 bucket must be in the same Region where you want to create a new script. By default, Amazon GameLift uploads the latest version of the zip file; if you have S3 object versioning turned on, you can use the `ObjectVersion` parameter to specify an earlier version.", + "title": "StorageLocation" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, + "markdownDescription": "A list of labels to assign to the new script resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", + "title": "Tags", "type": "array" }, "Version": { + "markdownDescription": "The version that is associated with a build or script. Version strings do not need to be unique.", + "title": "Version", "type": "string" } }, @@ -93009,15 +93011,23 @@ "additionalProperties": false, "properties": { "Bucket": { + "markdownDescription": "An Amazon S3 bucket identifier. Thename of the S3 bucket.\n\n> Amazon GameLift doesn't support uploading from Amazon S3 buckets with names that contain a dot (.).", + "title": "Bucket", "type": "string" }, "Key": { + "markdownDescription": "The name of the zip file that contains the build files or script files.", + "title": "Key", "type": "string" }, "ObjectVersion": { + "markdownDescription": "The version of the file, if object versioning is turned on for the bucket. Amazon GameLift uses this information when retrieving files from an S3 bucket that you own. Use this parameter to specify a specific version of the file. If not set, the latest version of the file is retrieved.", + "title": "ObjectVersion", "type": "string" }, "RoleArn": { + "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) for an IAM role that allows Amazon GameLift to access the S3 bucket.", + "title": "RoleArn", "type": "string" } }, @@ -101293,12 +101303,12 @@ "additionalProperties": false, "properties": { "Key": { - "markdownDescription": "", + "markdownDescription": "The tag value.", "title": "Key", "type": "string" }, "Value": { - "markdownDescription": "", + "markdownDescription": "The tag key.", "title": "Value", "type": "string" } @@ -107183,13 +107193,9 @@ "additionalProperties": false, "properties": { "CallbackOverrides": { - "markdownDescription": "An optional AWS Lambda function to invoke instead of the default AWS Lambda function provided by the placement template.", - "title": "CallbackOverrides", "type": "object" }, "DeviceType": { - "markdownDescription": "The device type, which currently must be `\"button\"` .", - "title": "DeviceType", "type": "string" } }, @@ -242860,7 +242866,7 @@ "type": "string" }, "Target": { - "markdownDescription": "Represents the map target that is used in a `HomeDirectorymapEntry` .", + "markdownDescription": "Represents the map target that is used in a `HomeDirectoryMapEntry` .", "title": "Target", "type": "string" }