Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: update L1 CloudFormation resource definitions #33019

Merged
merged 1 commit into from
Jan 20, 2025
Merged

feat: update L1 CloudFormation resource definitions #33019

merged 1 commit into from
Jan 20, 2025

Conversation

aws-cdk-automation
Copy link
Collaborator

Updates the L1 CloudFormation resource definitions with the latest changes from @aws-cdk/aws-service-spec

L1 CloudFormation resource definition changes:

├[~] service aws-appsync
│ └ resources
│    └[~]  resource AWS::AppSync::DataSource
│       └ properties
│          └ ServiceRoleArn: (documentation changed)
├[~] service aws-batch
│ └ resources
│    └[~]  resource AWS::Batch::SchedulingPolicy
│       └ types
│          └[~] type FairsharePolicy
│            └ properties
│               └ ShareDecaySeconds: (documentation changed)
├[~] service aws-bedrock
│ └ resources
│    ├[~]  resource AWS::Bedrock::KnowledgeBase
│    │  ├ properties
│    │  │  └ KnowledgeBaseConfiguration: - KnowledgeBaseConfiguration (required, immutable)
│    │  │                                + KnowledgeBaseConfiguration (required)
│    │  └ types
│    │     ├[+]  type CuratedQuery
│    │     │  ├      documentation: Curated query or question and answer pair
│    │     │  │      name: CuratedQuery
│    │     │  └ properties
│    │     │     ├ NaturalLanguage: string (required)
│    │     │     └ Sql: string (required)
│    │     ├[~] type KnowledgeBaseConfiguration
│    │     │ └ properties
│    │     │    ├ KendraKnowledgeBaseConfiguration: - KendraKnowledgeBaseConfiguration
│    │     │    │                                   + KendraKnowledgeBaseConfiguration (immutable)
│    │     │    ├[+] SqlKnowledgeBaseConfiguration: SqlKnowledgeBaseConfiguration
│    │     │    ├ Type: - string (required)
│    │     │    │       + string (required, immutable)
│    │     │    └ VectorKnowledgeBaseConfiguration: - VectorKnowledgeBaseConfiguration
│    │     │                                        + VectorKnowledgeBaseConfiguration (immutable)
│    │     ├[+]  type QueryGenerationColumn
│    │     │  ├      documentation: Redshift query generation column
│    │     │  │      name: QueryGenerationColumn
│    │     │  └ properties
│    │     │     ├ Name: string
│    │     │     ├ Description: string
│    │     │     └ Inclusion: string
│    │     ├[+]  type QueryGenerationConfiguration
│    │     │  ├      documentation: Configurations for generating Redshift engine queries
│    │     │  │      name: QueryGenerationConfiguration
│    │     │  └ properties
│    │     │     ├ ExecutionTimeoutSeconds: integer
│    │     │     └ GenerationContext: QueryGenerationContext
│    │     ├[+]  type QueryGenerationContext
│    │     │  ├      documentation: Context used to improve query generation
│    │     │  │      name: QueryGenerationContext
│    │     │  └ properties
│    │     │     ├ Tables: Array<QueryGenerationTable>
│    │     │     └ CuratedQueries: Array<CuratedQuery>
│    │     ├[+]  type QueryGenerationTable
│    │     │  ├      documentation: Tables used for Redshift query generation context
│    │     │  │      name: QueryGenerationTable
│    │     │  └ properties
│    │     │     ├ Name: string (required)
│    │     │     ├ Description: string
│    │     │     ├ Inclusion: string
│    │     │     └ Columns: Array<QueryGenerationColumn>
│    │     ├[+]  type RedshiftConfiguration
│    │     │  ├      documentation: Configurations for a Redshift knowledge base
│    │     │  │      name: RedshiftConfiguration
│    │     │  └ properties
│    │     │     ├ StorageConfigurations: Array<RedshiftQueryEngineStorageConfiguration> (required, immutable)
│    │     │     ├ QueryEngineConfiguration: RedshiftQueryEngineConfiguration (required, immutable)
│    │     │     └ QueryGenerationConfiguration: QueryGenerationConfiguration
│    │     ├[+]  type RedshiftProvisionedAuthConfiguration
│    │     │  ├      documentation: Configurations for Redshift query engine provisioned auth setup
│    │     │  │      name: RedshiftProvisionedAuthConfiguration
│    │     │  └ properties
│    │     │     ├ Type: string (required)
│    │     │     ├ DatabaseUser: string
│    │     │     └ UsernamePasswordSecretArn: string
│    │     ├[+]  type RedshiftProvisionedConfiguration
│    │     │  ├      documentation: Configurations for provisioned Redshift query engine
│    │     │  │      name: RedshiftProvisionedConfiguration
│    │     │  └ properties
│    │     │     ├ ClusterIdentifier: string (required)
│    │     │     └ AuthConfiguration: RedshiftProvisionedAuthConfiguration (required)
│    │     ├[+]  type RedshiftQueryEngineAwsDataCatalogStorageConfiguration
│    │     │  ├      documentation: Configurations for Redshift query engine AWS Data Catalog backed storage
│    │     │  │      name: RedshiftQueryEngineAwsDataCatalogStorageConfiguration
│    │     │  └ properties
│    │     │     └ TableNames: Array<string> (required)
│    │     ├[+]  type RedshiftQueryEngineConfiguration
│    │     │  ├      documentation: Configurations for Redshift query engine
│    │     │  │      name: RedshiftQueryEngineConfiguration
│    │     │  └ properties
│    │     │     ├ Type: string (required)
│    │     │     ├ ServerlessConfiguration: RedshiftServerlessConfiguration
│    │     │     └ ProvisionedConfiguration: RedshiftProvisionedConfiguration
│    │     ├[+]  type RedshiftQueryEngineRedshiftStorageConfiguration
│    │     │  ├      documentation: Configurations for Redshift query engine Redshift backed storage
│    │     │  │      name: RedshiftQueryEngineRedshiftStorageConfiguration
│    │     │  └ properties
│    │     │     └ DatabaseName: string (required)
│    │     ├[+]  type RedshiftQueryEngineStorageConfiguration
│    │     │  ├      documentation: Configurations for available Redshift query engine storage types
│    │     │  │      name: RedshiftQueryEngineStorageConfiguration
│    │     │  └ properties
│    │     │     ├ Type: string (required)
│    │     │     ├ AwsDataCatalogConfiguration: RedshiftQueryEngineAwsDataCatalogStorageConfiguration
│    │     │     └ RedshiftConfiguration: RedshiftQueryEngineRedshiftStorageConfiguration
│    │     ├[+]  type RedshiftServerlessAuthConfiguration
│    │     │  ├      documentation: Configurations for Redshift query engine serverless auth setup
│    │     │  │      name: RedshiftServerlessAuthConfiguration
│    │     │  └ properties
│    │     │     ├ Type: string (required)
│    │     │     └ UsernamePasswordSecretArn: string
│    │     ├[+]  type RedshiftServerlessConfiguration
│    │     │  ├      documentation: Configurations for serverless Redshift query engine
│    │     │  │      name: RedshiftServerlessConfiguration
│    │     │  └ properties
│    │     │     ├ WorkgroupArn: string (required)
│    │     │     └ AuthConfiguration: RedshiftServerlessAuthConfiguration (required)
│    │     └[+]  type SqlKnowledgeBaseConfiguration
│    │        ├      documentation: Configurations for a SQL knowledge base
│    │        │      name: SqlKnowledgeBaseConfiguration
│    │        └ properties
│    │           ├ Type: string (required, immutable)
│    │           └ RedshiftConfiguration: RedshiftConfiguration
│    └[~]  resource AWS::Bedrock::PromptVersion
│       └ types
│          ├[+]  type ChatPromptTemplateConfiguration
│          │  ├      documentation: Configuration for chat prompt template
│          │  │      name: ChatPromptTemplateConfiguration
│          │  └ properties
│          │     ├ Messages: Array<Message> (required)
│          │     ├ System: Array<SystemContentBlock>
│          │     ├ ToolConfiguration: ToolConfiguration
│          │     └ InputVariables: Array<PromptInputVariable>
│          ├[+]  type ContentBlock
│          │  ├      documentation: Configuration for chat prompt template
│          │  │      name: ContentBlock
│          │  └ properties
│          │     └ Text: string (required)
│          ├[+]  type Message
│          │  ├      documentation: Chat prompt Message
│          │  │      name: Message
│          │  └ properties
│          │     ├ Role: string (required)
│          │     └ Content: Array<ContentBlock> (required)
│          ├[+]  type PromptAgentResource
│          │  ├      documentation: Target Agent to invoke with Prompt
│          │  │      name: PromptAgentResource
│          │  └ properties
│          │     └ AgentIdentifier: string (required)
│          ├[+]  type PromptGenAiResource
│          │  ├      documentation: Target resource to invoke with Prompt
│          │  │      name: PromptGenAiResource
│          │  └ properties
│          │     └ Agent: PromptAgentResource (required)
│          ├[~] type PromptTemplateConfiguration
│          │ └ properties
│          │    ├[+] Chat: ChatPromptTemplateConfiguration
│          │    └ Text: - TextPromptTemplateConfiguration (required)
│          │            + TextPromptTemplateConfiguration
│          ├[~] type PromptVariant
│          │ └ properties
│          │    └[+] GenAiResource: PromptGenAiResource
│          ├[+]  type SpecificToolChoice
│          │  ├      documentation: Specific Tool choice
│          │  │      name: SpecificToolChoice
│          │  └ properties
│          │     └ Name: string (required)
│          ├[+]  type SystemContentBlock
│          │  ├      documentation: Configuration for chat prompt template
│          │  │      name: SystemContentBlock
│          │  └ properties
│          │     └ Text: string (required)
│          ├[+]  type Tool
│          │  ├      documentation: Tool details
│          │  │      name: Tool
│          │  └ properties
│          │     └ ToolSpec: ToolSpecification (required)
│          ├[+]  type ToolChoice
│          │  ├      name: ToolChoice
│          │  └ properties
│          │     ├ Auto: json
│          │     ├ Any: json
│          │     └ Tool: SpecificToolChoice
│          ├[+]  type ToolConfiguration
│          │  ├      documentation: Tool configuration
│          │  │      name: ToolConfiguration
│          │  └ properties
│          │     ├ Tools: Array<Tool> (required)
│          │     └ ToolChoice: ToolChoice
│          ├[+]  type ToolInputSchema
│          │  ├      documentation: Tool input schema
│          │  │      name: ToolInputSchema
│          │  └ properties
│          │     └ Json: json (required)
│          └[+]  type ToolSpecification
│             ├      documentation: Tool specification
│             │      name: ToolSpecification
│             └ properties
│                ├ Name: string (required)
│                ├ Description: string
│                └ InputSchema: ToolInputSchema (required)
├[~] service aws-cloudfront
│ └ resources
│    └[~]  resource AWS::CloudFront::AnycastIpList
│       ├      - documentation: An Anycast static IP list.
│       │      + documentation: An Anycast static IP list. For more information, see [Request Anycast static IPs to use for allowlisting](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/request-static-ips.html) in the *Amazon CloudFront Developer Guide* .
│       └ types
│          └[~] type AnycastIpList
│            └      - documentation: An Anycast static IP list.
│                   + documentation: An Anycast static IP list. For more information, see [Request Anycast static IPs to use for allowlisting](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/request-static-ips.html) in the *Amazon CloudFront Developer Guide* .
├[~] service aws-codepipeline
│ └ resources
│    └[~]  resource AWS::CodePipeline::Pipeline
│       └ types
│          └[~] type RuleDeclaration
│            └ properties
│               └[+] Commands: Array<string>
├[~] service aws-cognito
│ └ resources
│    ├[~]  resource AWS::Cognito::LogDeliveryConfiguration
│    │  └ types
│    │     └[~] type LogConfiguration
│    │       ├      - documentation: The configuration of user event logs to an external AWS service like Amazon Data Firehose, Amazon S3, or Amazon CloudWatch Logs.
│    │       │      This data type is a request parameter of `API_SetLogDeliveryConfiguration` and a response parameter of `API_GetLogDeliveryConfiguration` .
│    │       │      + documentation: The configuration of user event logs to an external AWS service like Amazon Data Firehose, Amazon S3, or Amazon CloudWatch Logs.
│    │       └ properties
│    │          └ CloudWatchLogsConfiguration: (documentation changed)
│    ├[~]  resource AWS::Cognito::ManagedLoginBranding
│    │  └ types
│    │     └[~] type AssetType
│    │       └      - documentation: An image file from a managed login branding style in a user pool.
│    │              This data type is a request parameter of `API_CreateManagedLoginBranding` and `API_UpdateManagedLoginBranding` , and a response parameter of `API_DescribeManagedLoginBranding` .
│    │              + documentation: An image file from a managed login branding style in a user pool.
│    ├[~]  resource AWS::Cognito::UserPool
│    │  ├ properties
│    │  │  ├ AdminCreateUserConfig: (documentation changed)
│    │  │  └ Policies: (documentation changed)
│    │  └ types
│    │     ├[~] type AdminCreateUserConfig
│    │     │ ├      - documentation: The settings for administrator creation of users in a user pool. Contains settings for allowing user sign-up, customizing invitation messages to new users, and the amount of time before temporary passwords expire.
│    │     │ │      This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` .
│    │     │ │      + documentation: The settings for administrator creation of users in a user pool. Contains settings for allowing user sign-up, customizing invitation messages to new users, and the amount of time before temporary passwords expire.
│    │     │ └ properties
│    │     │    └ UnusedAccountValidityDays: (documentation changed)
│    │     ├[~] type DeviceConfiguration
│    │     │ └      - documentation: The device-remembering configuration for a user pool.
│    │     │        A `API_DescribeUserPool` request returns a null value for this object when the user pool isn't configured to remember devices. When device remembering is active, you can remember a user's device with a `API_ConfirmDevice` API request. Additionally. when the property `DeviceOnlyRememberedOnUserPrompt` is `true` , you must follow `ConfirmDevice` with an `API_UpdateDeviceStatus` API request that sets the user's device to `remembered` or `not_remembered` .
│    │     │        To sign in with a remembered device, include `DEVICE_KEY` in the authentication parameters in your user's `API_InitiateAuth` request. If your app doesn't include a `DEVICE_KEY` parameter, the `API_InitiateAuth` from Amazon Cognito includes newly-generated `DEVICE_KEY` and `DEVICE_GROUP_KEY` values under `NewDeviceMetadata` . Store these values to use in future device-authentication requests.
│    │     │        > When you provide a value for any property of `DeviceConfiguration` , you activate the device remembering for the user pool.
│    │     │        > 
│    │     │        > This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` .
│    │     │        + documentation: The device-remembering configuration for a user pool.
│    │     ├[~] type LambdaConfig
│    │     │ └      - documentation: A collection of user pool Lambda triggers. Amazon Cognito invokes triggers at several possible stages of user pool operations. Triggers can modify the outcome of the operations that invoked them.
│    │     │        This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` .
│    │     │        + documentation: A collection of user pool Lambda triggers. Amazon Cognito invokes triggers at several possible stages of user pool operations. Triggers can modify the outcome of the operations that invoked them.
│    │     ├[~] type NumberAttributeConstraints
│    │     │ └      - documentation: The minimum and maximum values of an attribute that is of the number type, for example `custom:age` .
│    │     │        This data type is part of `API_SchemaAttributeType` . It defines the length constraints on number-type attributes that you configure in `API_CreateUserPool` and `API_UpdateUserPool` , and displays the length constraints of all number-type attributes in the response to `API_DescribeUserPool`
│    │     │        + documentation: The minimum and maximum values of an attribute that is of the number type, for example `custom:age` .
│    │     ├[~] type PasswordPolicy
│    │     │ ├      - documentation: The password policy settings for a user pool, including complexity, history, and length requirements.
│    │     │ │      This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` .
│    │     │ │      + documentation: The password policy settings for a user pool, including complexity, history, and length requirements.
│    │     │ └ properties
│    │     │    └ PasswordHistorySize: (documentation changed)
│    │     ├[~] type Policies
│    │     │ ├      - documentation: A list of user pool policies. Contains the policy that sets password-complexity requirements.
│    │     │ │      This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` .
│    │     │ │      + documentation: A list of user pool policies. Contains the policy that sets password-complexity requirements.
│    │     │ └ properties
│    │     │    └ SignInPolicy: (documentation changed)
│    │     ├[~] type PreTokenGenerationConfig
│    │     │ └      - documentation: The properties of a pre token generation Lambda trigger.
│    │     │        This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` .
│    │     │        + documentation: The properties of a pre token generation Lambda trigger.
│    │     ├[~] type RecoveryOption
│    │     │ └      - documentation: A recovery option for a user. The `AccountRecoverySettingType` data type is an array of this object. Each `RecoveryOptionType` has a priority property that determines whether it is a primary or secondary option.
│    │     │        For example, if `verified_email` has a priority of `1` and `verified_phone_number` has a priority of `2` , your user pool sends account-recovery messages to a verified email address but falls back to an SMS message if the user has a verified phone number. The `admin_only` option prevents self-service account recovery.
│    │     │        This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` .
│    │     │        + documentation: A recovery option for a user. The `AccountRecoverySettingType` data type is an array of this object. Each `RecoveryOptionType` has a priority property that determines whether it is a primary or secondary option.
│    │     │        For example, if `verified_email` has a priority of `1` and `verified_phone_number` has a priority of `2` , your user pool sends account-recovery messages to a verified email address but falls back to an SMS message if the user has a verified phone number. The `admin_only` option prevents self-service account recovery.
│    │     ├[~] type SchemaAttribute
│    │     │ └      - documentation: A list of the user attributes and their properties in your user pool. The attribute schema contains standard attributes, custom attributes with a `custom:` prefix, and developer attributes with a `dev:` prefix. For more information, see [User pool attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html) .
│    │     │        Developer-only `dev:` attributes are a legacy feature of user pools, and are read-only to all app clients. You can create and update developer-only attributes only with IAM-authenticated API operations. Use app client read/write permissions instead.
│    │     │        This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` .
│    │     │        + documentation: A list of the user attributes and their properties in your user pool. The attribute schema contains standard attributes, custom attributes with a `custom:` prefix, and developer attributes with a `dev:` prefix. For more information, see [User pool attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html) .
│    │     │        Developer-only `dev:` attributes are a legacy feature of user pools, and are read-only to all app clients. You can create and update developer-only attributes only with IAM-authenticated API operations. Use app client read/write permissions instead.
│    │     ├[~] type SignInPolicy
│    │     │ └      - documentation: The policy for allowed types of authentication in a user pool. To activate this setting, your user pool must be in the [Essentials tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-essentials.html) or higher.
│    │     │        This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` .
│    │     │        + documentation: The policy for allowed types of authentication in a user pool. To activate this setting, your user pool must be in the [Essentials tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-essentials.html) or higher.
│    │     ├[~] type SmsConfiguration
│    │     │ └      - documentation: User pool configuration for delivery of SMS messages with Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the AWS Region that you want, the Amazon Cognito user pool uses an AWS Identity and Access Management (IAM) role in your AWS account .
│    │     │        This data type is a request parameter of `API_CreateUserPool` , `API_UpdateUserPool` , and `API_SetUserPoolMfaConfig` , and a response parameter of `API_CreateUserPool` , `API_UpdateUserPool` , and `API_GetUserPoolMfaConfig` .
│    │     │        + documentation: User pool configuration for delivery of SMS messages with Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the AWS Region that you want, the Amazon Cognito user pool uses an AWS Identity and Access Management (IAM) role in your AWS account .
│    │     ├[~] type StringAttributeConstraints
│    │     │ └      - documentation: The minimum and maximum length values of an attribute that is of the string type, for example `custom:department` .
│    │     │        This data type is part of `API_SchemaAttributeType` . It defines the length constraints on string-type attributes that you configure in `API_CreateUserPool` and `API_UpdateUserPool` , and displays the length constraints of all string-type attributes in the response to `API_DescribeUserPool`
│    │     │        + documentation: The minimum and maximum length values of an attribute that is of the string type, for example `custom:department` .
│    │     ├[~] type UserAttributeUpdateSettings
│    │     │ └ properties
│    │     │    └ AttributesRequireVerificationBeforeUpdate: (documentation changed)
│    │     ├[~] type UsernameConfiguration
│    │     │ └      - documentation: Case sensitivity of the username input for the selected sign-in option. When case sensitivity is set to `False` (case insensitive), users can sign in with any combination of capital and lowercase letters. For example, `username` , `USERNAME` , or `UserName` , or for email, `email@example.com` or `EMaiL@eXamplE.Com` . For most use cases, set case sensitivity to `False` (case insensitive) as a best practice. When usernames and email addresses are case insensitive, Amazon Cognito treats any variation in case as the same user, and prevents a case variation from being assigned to the same attribute for a different user.
│    │     │        This configuration is immutable after you set it. For more information, see `API_UsernameConfigurationType` .
│    │     │        + documentation: Case sensitivity of the username input for the selected sign-in option. When case sensitivity is set to `False` (case insensitive), users can sign in with any combination of capital and lowercase letters. For example, `username` , `USERNAME` , or `UserName` , or for email, `email@example.com` or `EMaiL@eXamplE.Com` . For most use cases, set case sensitivity to `False` (case insensitive) as a best practice. When usernames and email addresses are case insensitive, Amazon Cognito treats any variation in case as the same user, and prevents a case variation from being assigned to the same attribute for a different user.
│    │     ├[~] type UserPoolAddOns
│    │     │ └      - documentation: Contains settings for activation of threat protection, including the operating mode and additional authentication types. To log user security information but take no action, set to `AUDIT` . To configure automatic security responses to potentially unwanted traffic to your user pool, set to `ENFORCED` .
│    │     │        For more information, see [Adding advanced security to a user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html) . To activate this setting, your user pool must be on the [Plus tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-plus.html) .
│    │     │        This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` .
│    │     │        + documentation: User pool add-ons. Contains settings for activation of threat protection. To log user security information but take no action, set to `AUDIT` . To configure automatic security responses to risky traffic to your user pool, set to `ENFORCED` .
│    │     │        For more information, see [Adding advanced security to a user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html) . To activate this setting, your user pool must be on the [Plus tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-plus.html) .
│    │     └[~] type VerificationMessageTemplate
│    │       └      - documentation: The template for the verification message that your user pool delivers to users who set an email address or phone number attribute.
│    │              This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` .
│    │              + documentation: The template for the verification message that your user pool delivers to users who set an email address or phone number attribute.
│    ├[~]  resource AWS::Cognito::UserPoolClient
│    │  ├ properties
│    │  │  ├ EnableTokenRevocation: (documentation changed)
│    │  │  ├ ReadAttributes: (documentation changed)
│    │  │  └ WriteAttributes: (documentation changed)
│    │  └ types
│    │     └[~] type AnalyticsConfiguration
│    │       └      - documentation: The settings for Amazon Pinpoint analytics configuration. With an analytics configuration, your application can collect user-activity metrics for user notifications with a Amazon Pinpoint campaign.
│    │              Amazon Pinpoint isn't available in all AWS Regions. For a list of available Regions, see [Amazon Cognito and Amazon Pinpoint Region availability](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-pinpoint-integration.html#cognito-user-pools-find-region-mappings) .
│    │              This data type is a request parameter of `API_CreateUserPoolClient` and `API_UpdateUserPoolClient` , and a response parameter of `API_DescribeUserPoolClient` .
│    │              + documentation: The settings for Amazon Pinpoint analytics configuration. With an analytics configuration, your application can collect user-activity metrics for user notifications with a Amazon Pinpoint campaign.
│    │              Amazon Pinpoint isn't available in all AWS Regions. For a list of available Regions, see [Amazon Cognito and Amazon Pinpoint Region availability](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-pinpoint-integration.html#cognito-user-pools-find-region-mappings) .
│    ├[~]  resource AWS::Cognito::UserPoolDomain
│    │  ├ properties
│    │  │  └ CustomDomainConfig: (documentation changed)
│    │  └ types
│    │     └[~] type CustomDomainConfigType
│    │       └      - documentation: The configuration for a hosted UI custom domain.
│    │              This data type is a request parameter of `API_CreateUserPoolDomain` and `API_UpdateUserPoolDomain` .
│    │              + documentation: The configuration for a hosted UI custom domain.
│    ├[~]  resource AWS::Cognito::UserPoolGroup
│    │  └      - documentation: A user pool group. Contains details about the group and the way that it contributes to IAM role decisions with identity pools. Identity pools can make decisions about the IAM role to assign based on groups: users get credentials for the role associated with their highest-priority group.
│    │         This data type is a response parameter of `API_AdminListGroupsForUser` , `API_CreateGroup` , `API_GetGroup` , `API_ListGroups` , and `API_UpdateGroup` .
│    │         + documentation: A user pool group. Contains details about the group and the way that it contributes to IAM role decisions with identity pools. Identity pools can make decisions about the IAM role to assign based on groups: users get credentials for the role associated with their highest-priority group.
│    ├[~]  resource AWS::Cognito::UserPoolResourceServer
│    │  └ types
│    │     └[~] type ResourceServerScopeType
│    │       └      - documentation: One custom scope associated with a user pool resource server. This data type is a member of `ResourceServerScopeType` . For more information, see [Scopes, M2M, and API authorization with resource servers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-define-resource-servers.html) .
│    │              This data type is a request parameter of `API_CreateResourceServer` and a response parameter of `API_DescribeResourceServer` .
│    │              + documentation: One custom scope associated with a user pool resource server. This data type is a member of `ResourceServerScopeType` . For more information, see [Scopes, M2M, and API authorization with resource servers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-define-resource-servers.html) .
│    ├[~]  resource AWS::Cognito::UserPoolRiskConfigurationAttachment
│    │  └ types
│    │     ├[~] type AccountTakeoverActionsType
│    │     │ └      - documentation: A list of account-takeover actions for each level of risk that Amazon Cognito might assess with threat protection features.
│    │     │        This data type is a request parameter of `API_SetRiskConfiguration` and a response parameter of `API_DescribeRiskConfiguration` .
│    │     │        + documentation: A list of account-takeover actions for each level of risk that Amazon Cognito might assess with advanced security features.
│    │     ├[~] type AccountTakeoverActionType
│    │     │ └      - documentation: The automated response to a risk level for adaptive authentication in full-function, or `ENFORCED` , mode. You can assign an action to each risk level that threat protection evaluates.
│    │     │        This data type is a request parameter of `API_SetRiskConfiguration` and a response parameter of `API_DescribeRiskConfiguration` .
│    │     │        + documentation: The automated response to a risk level for adaptive authentication in full-function, or `ENFORCED` , mode. You can assign an action to each risk level that advanced security features evaluates.
│    │     ├[~] type AccountTakeoverRiskConfigurationType
│    │     │ └      - documentation: The settings for automated responses and notification templates for adaptive authentication with threat protection features.
│    │     │        This data type is a request parameter of `API_SetRiskConfiguration` and a response parameter of `API_DescribeRiskConfiguration` .
│    │     │        + documentation: The settings for automated responses and notification templates for adaptive authentication with advanced security features.
│    │     ├[~] type CompromisedCredentialsActionsType
│    │     │ └      - documentation: Settings for user pool actions when Amazon Cognito detects compromised credentials with threat protection in full-function `ENFORCED` mode.
│    │     │        This data type is a request parameter of `API_SetRiskConfiguration` and a response parameter of `API_DescribeRiskConfiguration` .
│    │     │        + documentation: Settings for user pool actions when Amazon Cognito detects compromised credentials with advanced security features in full-function `ENFORCED` mode.
│    │     ├[~] type CompromisedCredentialsRiskConfigurationType
│    │     │ └      - documentation: Settings for compromised-credentials actions and authentication-event sources with threat protection in full-function `ENFORCED` mode.
│    │     │        This data type is a request parameter of `API_SetRiskConfiguration` and a response parameter of `API_DescribeRiskConfiguration` .
│    │     │        + documentation: Settings for compromised-credentials actions and authentication-event sources with advanced security features in full-function `ENFORCED` mode.
│    │     ├[~] type NotifyConfigurationType
│    │     │ └      - documentation: The configuration for Amazon SES email messages that threat protection sends to a user when your adaptive authentication automated response has a *Notify* action.
│    │     │        This data type is a request parameter of `API_SetRiskConfiguration` and a response parameter of `API_DescribeRiskConfiguration` .
│    │     │        + documentation: The configuration for Amazon SES email messages that advanced security features sends to a user when your adaptive authentication automated response has a *Notify* action.
│    │     ├[~] type NotifyEmailType
│    │     │ └      - documentation: The template for email messages that threat protection sends to a user when your threat protection automated response has a *Notify* action.
│    │     │        This data type is a request parameter of `API_SetRiskConfiguration` and a response parameter of `API_DescribeRiskConfiguration` .
│    │     │        + documentation: The template for email messages that advanced security features sends to a user when your threat protection automated response has a *Notify* action.
│    │     └[~] type RiskExceptionConfigurationType
│    │       └      - documentation: Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.
│    │              This data type is a request parameter of `API_SetRiskConfiguration` and a response parameter of `API_DescribeRiskConfiguration` .
│    │              + documentation: Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.
│    ├[~]  resource AWS::Cognito::UserPoolUICustomizationAttachment
│    │  └      - documentation: A container for the UI customization information for the hosted UI in a user pool.
│    │         This data type is a response parameter of `API_DescribeUserPoolClient` .
│    │         + documentation: A container for the UI customization information for the hosted UI in a user pool.
│    └[~]  resource AWS::Cognito::UserPoolUser
│       ├ properties
│       │  └ UserAttributes: (documentation changed)
│       └ types
│          └[~] type AttributeType
│            └      - documentation: The name and value of a user attribute.
│                   This data type is a request parameter of `API_AdminUpdateUserAttributes` and `API_UpdateUserAttributes` .
│                   + documentation: The name and value of a user attribute.
├[~] service aws-customerprofiles
│ └ resources
│    └[~]  resource AWS::CustomerProfiles::EventTrigger
│       ├      - documentation: An event trigger resource of Amazon Connect Customer Profiles
│       │      + documentation: Specifies the rules to perform an action based on customer ingested data.
│       └ types
│          └[~] type ObjectAttribute
│            └ properties
│               └ Values: (documentation changed)
├[~] service aws-datazone
│ └ resources
│    └[~]  resource AWS::DataZone::DataSource
│       ├ properties
│       │  ├[+] ConnectionIdentifier: string (immutable)
│       │  └ EnvironmentIdentifier: - string (required, immutable)
│       │                           + string (immutable)
│       ├ attributes
│       │  └[+] ConnectionId: string
│       └ types
│          ├[~] type GlueRunConfigurationInput
│          │ └ properties
│          │    └[+] CatalogName: string
│          └[~] type RedshiftRunConfigurationInput
│            └ properties
│               ├ RedshiftCredentialConfiguration: - RedshiftCredentialConfiguration (required)
│               │                                  + RedshiftCredentialConfiguration
│               └ RedshiftStorage: - RedshiftStorage (required)
│                                  + RedshiftStorage
├[~] service aws-ec2
│ └ resources
│    └[~]  resource AWS::EC2::LaunchTemplate
│       └ types
│          └[~] type NetworkInterface
│            └ properties
│               └ DeviceIndex: (documentation changed)
├[~] service aws-ecs
│ └ resources
│    ├[~]  resource AWS::ECS::Service
│    │  └ types
│    │     ├[~] type AwsVpcConfiguration
│    │     │ └ properties
│    │     │    ├ SecurityGroups: (documentation changed)
│    │     │    └ Subnets: (documentation changed)
│    │     └[~] type ServiceManagedEBSVolumeConfiguration
│    │       └ properties
│    │          └[+] VolumeInitializationRate: integer
│    └[~]  resource AWS::ECS::TaskSet
│       └ types
│          └[~] type AwsVpcConfiguration
│            └ properties
│               ├ SecurityGroups: (documentation changed)
│               └ Subnets: (documentation changed)
├[~] service aws-efs
│ └ resources
│    └[~]  resource AWS::EFS::MountTarget
│       └ properties
│          └ SecurityGroups: (documentation changed)
├[~] service aws-eks
│ └ resources
│    └[~]  resource AWS::EKS::Nodegroup
│       └ types
│          └[~] type UpdateConfig
│            └ properties
│               └[+] UpdateStrategy: string
├[~] service aws-emrserverless
│ └ resources
│    └[~]  resource AWS::EMRServerless::Application
│       └ types
│          ├[~] type MonitoringConfiguration
│          │ └ properties
│          │    └[+] PrometheusMonitoringConfiguration: PrometheusMonitoringConfiguration
│          └[+]  type PrometheusMonitoringConfiguration
│             ├      name: PrometheusMonitoringConfiguration
│             └ properties
│                └ RemoteWriteUrl: string
├[~] service aws-fms
│ └ resources
│    └[~]  resource AWS::FMS::Policy
│       └ properties
│          └[+] ResourceTagLogicalOperator: string
├[~] service aws-gamelift
│ └ resources
│    └[~]  resource AWS::GameLift::GameSessionQueue
│       └ types
│          └[~] type PriorityConfiguration
│            └ properties
│               ├ LocationOrder: (documentation changed)
│               └ PriorityOrder: (documentation changed)
├[~] service aws-imagebuilder
│ └ resources
│    ├[~]  resource AWS::ImageBuilder::Image
│    │  └ types
│    │     └[~] type ImageTestsConfiguration
│    │       └ properties
│    │          └ TimeoutMinutes: (documentation changed)
│    ├[~]  resource AWS::ImageBuilder::ImagePipeline
│    │  └ types
│    │     └[~] type ImageTestsConfiguration
│    │       └ properties
│    │          └ TimeoutMinutes: (documentation changed)
│    └[~]  resource AWS::ImageBuilder::InfrastructureConfiguration
│       ├      - documentation: The infrastructure configuration allows you to specify the infrastructure within which to build and test your image. In the infrastructure configuration, you can specify instance types, subnets, and security groups to associate with your instance. You can also associate an Amazon EC2 key pair with the instance used to build your image. This allows you to log on to your instance to troubleshoot if your build fails and you set terminateInstanceOnFailure to false.
│       │      + documentation: Creates a new infrastructure configuration. An infrastructure configuration defines the environment in which your image will be built and tested.
│       └ properties
│          ├ InstanceMetadataOptions: (documentation changed)
│          ├ InstanceProfileName: (documentation changed)
│          ├ InstanceTypes: (documentation changed)
│          ├ KeyPair: (documentation changed)
│          ├ Logging: (documentation changed)
│          ├ ResourceTags: (documentation changed)
│          ├ SecurityGroupIds: (documentation changed)
│          ├ SnsTopicArn: (documentation changed)
│          ├ SubnetId: (documentation changed)
│          ├ Tags: (documentation changed)
│          └ TerminateInstanceOnFailure: (documentation changed)
├[~] service aws-logs
│ └ resources
│    ├[~]  resource AWS::Logs::Integration
│    │  └ types
│    │     └[~] type OpenSearchResourceConfig
│    │       └ properties
│    │          └ DashboardViewerPrincipals: (documentation changed)
│    └[~]  resource AWS::Logs::Transformer
│       ├      - documentation: Creates or updates a *log transformer* for a single log group. You use log transformers to transform log events into a different format, making them easier for you to process and analyze. You can also transform logs from different sources into standardized formats that contains relevant, source-specific information.
│       │      After you have created a transformer, CloudWatch Logs performs the transformations at the time of log ingestion. You can then refer to the transformed versions of the logs during operations such as querying with CloudWatch Logs Insights or creating metric filters or subscription filers.
│       │      You can also use a transformer to copy metadata from metadata keys into the log events themselves. This metadata can include log group name, log stream name, account ID and Region.
│       │      A transformer for a log group is a series of processors, where each processor applies one type of transformation to the log events ingested into this log group. The processors work one after another, in the order that you list them, like a pipeline. For more information about the available processors to use in a transformer, see [Processors that you can use](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-Processors) .
│       │      Having log events in standardized format enables visibility across your applications for your log analysis, reporting, and alarming needs. CloudWatch Logs provides transformation for common log types with out-of-the-box transformation templates for major AWS log sources such as VPC flow logs, Lambda, and Amazon RDS. You can use pre-built transformation templates or create custom transformation policies.
│       │      You can create transformers only for the log groups in the Standard log class.
│       │      You can also set up a transformer at the account level. For more information, see [PutAccountPolicy](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutAccountPolicy.html) . If there is both a log-group level transformer created with `PutTransformer` and an account-level transformer that could apply to the same log group, the log group uses only the log-group level transformer. It ignores the account-level transformer.
│       │      + documentation: Creates or updates a *log transformer* for a single log group. You use log transformers to transform log events into a different format, making them easier for you to process and analyze. You can also transform logs from different sources into standardized formats that contains relevant, source-specific information.
│       │      After you have created a transformer, CloudWatch Logs performs the transformations at the time of log ingestion. You can then refer to the transformed versions of the logs during operations such as querying with CloudWatch Logs Insights or creating metric filters or subscription filers.
│       │      You can also use a transformer to copy metadata from metadata keys into the log events themselves. This metadata can include log group name, log stream name, account ID and Region.
│       │      A transformer for a log group is a series of processors, where each processor applies one type of transformation to the log events ingested into this log group. The processors work one after another, in the order that you list them, like a pipeline. For more information about the available processors to use in a transformer, see [Processors that you can use](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-Processors) .
│       │      Having log events in standardized format enables visibility across your applications for your log analysis, reporting, and alarming needs. CloudWatch Logs provides transformation for common log types with out-of-the-box transformation templates for major AWS log sources such as VPC flow logs, Lambda, and Amazon RDS. You can use pre-built transformation templates or create custom transformation policies.
│       │      You can create transformers only for the log groups in the Standard log class.
│       │      You can also set up a transformer at the account level. For more information, see [PutAccountPolicy](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutAccountPolicy.html) . If there is both a log-group level transformer created with `PutTransformer` and an account-level transformer that could apply to the same log group, the log group uses only the log-group level transformer. It ignores the account-level transformer.
│       └ types
│          ├[~] type AddKeyEntry
│          │ └      - documentation: This object defines one key that will be added with the [addKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-addKey) processor.
│          │        + documentation: This object defines one key that will be added with the [addKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-addKey) processor.
│          ├[~] type AddKeys
│          │ └      - documentation: This processor adds new key-value pairs to the log event.
│          │        For more information about this processor including examples, see [addKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-addKeys) in the *CloudWatch Logs User Guide* .
│          │        + documentation: This processor adds new key-value pairs to the log event.
│          │        For more information about this processor including examples, see [addKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-addKeys) in the *CloudWatch Logs User Guide* .
│          ├[~] type CopyValue
│          │ └      - documentation: This processor copies values within a log event. You can also use this processor to add metadata to log events by copying the values of the following metadata keys into the log events: `@logGroupName` , `@logGroupStream` , `@accountId` , `@regionName` .
│          │        For more information about this processor including examples, see [copyValue](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-copyValue) in the *CloudWatch Logs User Guide* .
│          │        + documentation: This processor copies values within a log event. You can also use this processor to add metadata to log events by copying the values of the following metadata keys into the log events: `@logGroupName` , `@logGroupStream` , `@accountId` , `@regionName` .
│          │        For more information about this processor including examples, see [copyValue](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-copyValue) in the *CloudWatch Logs User Guide* .
│          ├[~] type CopyValueEntry
│          │ └      - documentation: This object defines one value to be copied with the [copyValue](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-copoyValue) processor.
│          │        + documentation: This object defines one value to be copied with the [copyValue](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-copyValue) processor.
│          ├[~] type DateTimeConverter
│          │ └      - documentation: This processor converts a datetime string into a format that you specify.
│          │        For more information about this processor including examples, see [datetimeConverter](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-datetimeConverter) in the *CloudWatch Logs User Guide* .
│          │        + documentation: This processor converts a datetime string into a format that you specify.
│          │        For more information about this processor including examples, see [datetimeConverter](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-datetimeConverter) in the *CloudWatch Logs User Guide* .
│          ├[~] type DeleteKeys
│          │ └      - documentation: This processor deletes entries from a log event. These entries are key-value pairs.
│          │        For more information about this processor including examples, see [deleteKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-deleteKeys) in the *CloudWatch Logs User Guide* .
│          │        + documentation: This processor deletes entries from a log event. These entries are key-value pairs.
│          │        For more information about this processor including examples, see [deleteKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-deleteKeys) in the *CloudWatch Logs User Guide* .
│          ├[~] type Grok
│          │ ├      - documentation: This processor uses pattern matching to parse and structure unstructured data. This processor can also extract fields from log messages.
│          │ │      For more information about this processor including examples, see [grok](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-Grok) in the *CloudWatch Logs User Guide* .
│          │ │      + documentation: This processor uses pattern matching to parse and structure unstructured data. This processor can also extract fields from log messages.
│          │ │      For more information about this processor including examples, see [grok](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-Grok) in the *CloudWatch Logs User Guide* .
│          │ └ properties
│          │    └ Match: (documentation changed)
│          ├[~] type LowerCaseString
│          │ └      - documentation: This processor converts a string to lowercase.
│          │        For more information about this processor including examples, see [lowerCaseString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-lowerCaseString) in the *CloudWatch Logs User Guide* .
│          │        + documentation: This processor converts a string to lowercase.
│          │        For more information about this processor including examples, see [lowerCaseString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-lowerCaseString) in the *CloudWatch Logs User Guide* .
│          ├[~] type MoveKeys
│          │ └      - documentation: This processor moves a key from one field to another. The original key is deleted.
│          │        For more information about this processor including examples, see [moveKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-moveKeys) in the *CloudWatch Logs User Guide* .
│          │        + documentation: This processor moves a key from one field to another. The original key is deleted.
│          │        For more information about this processor including examples, see [moveKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-moveKeys) in the *CloudWatch Logs User Guide* .
│          ├[~] type ParseCloudfront
│          │ └      - documentation: This processor parses CloudFront vended logs, extract fields, and convert them into JSON format. Encoded field values are decoded. Values that are integers and doubles are treated as such. For more information about this processor including examples, see [parseCloudfront](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parseCloudfront)
│          │        For more information about CloudFront log format, see [Configure and use standard logs (access logs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html) .
│          │        If you use this processor, it must be the first processor in your transformer.
│          │        + documentation: This processor parses CloudFront vended logs, extract fields, and convert them into JSON format. Encoded field values are decoded. Values that are integers and doubles are treated as such. For more information about this processor including examples, see [parseCloudfront](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseCloudfront)
│          │        For more information about CloudFront log format, see [Configure and use standard logs (access logs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html) .
│          │        If you use this processor, it must be the first processor in your transformer.
│          ├[~] type ParseJSON
│          │ └      - documentation: This processor parses log events that are in JSON format. It can extract JSON key-value pairs and place them under a destination that you specify.
│          │        Additionally, because you must have at least one parse-type processor in a transformer, you can use `ParseJSON` as that processor for JSON-format logs, so that you can also apply other processors, such as mutate processors, to these logs.
│          │        For more information about this processor including examples, see [parseJSON](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parseJSON) in the *CloudWatch Logs User Guide* .
│          │        + documentation: This processor parses log events that are in JSON format. It can extract JSON key-value pairs and place them under a destination that you specify.
│          │        Additionally, because you must have at least one parse-type processor in a transformer, you can use `ParseJSON` as that processor for JSON-format logs, so that you can also apply other processors, such as mutate processors, to these logs.
│          │        For more information about this processor including examples, see [parseJSON](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseJSON) in the *CloudWatch Logs User Guide* .
│          ├[~] type ParsePostgres
│          │ └      - documentation: Use this processor to parse RDS for PostgreSQL vended logs, extract fields, and and convert them into a JSON format. This processor always processes the entire log event message. For more information about this processor including examples, see [parsePostGres](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parsePostGres) .
│          │        For more information about RDS for PostgreSQL log format, see [RDS for PostgreSQL database log filesTCP flag sequence](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.Concepts.PostgreSQL.html#USER_LogAccess.Concepts.PostgreSQL.Log_Format.log-line-prefix) .
│          │        > If you use this processor, it must be the first processor in your transformer.
│          │        + documentation: Use this processor to parse RDS for PostgreSQL vended logs, extract fields, and and convert them into a JSON format. This processor always processes the entire log event message. For more information about this processor including examples, see [parsePostGres](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parsePostGres) .
│          │        For more information about RDS for PostgreSQL log format, see [RDS for PostgreSQL database log filesTCP flag sequence](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.Concepts.PostgreSQL.html#USER_LogAccess.Concepts.PostgreSQL.Log_Format.log-line-prefix) .
│          │        > If you use this processor, it must be the first processor in your transformer.
│          ├[~] type ParseRoute53
│          │ └      - documentation: Use this processor to parse Route 53 vended logs, extract fields, and and convert them into a JSON format. This processor always processes the entire log event message. For more information about this processor including examples, see [parseRoute53](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parseRoute53) .
│          │        > If you use this processor, it must be the first processor in your transformer.
│          │        + documentation: Use this processor to parse Route 53 vended logs, extract fields, and and convert them into a JSON format. This processor always processes the entire log event message. For more information about this processor including examples, see [parseRoute53](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseRoute53) .
│          │        > If you use this processor, it must be the first processor in your transformer.
│          ├[~] type ParseWAF
│          │ └      - documentation: Use this processor to parse AWS WAF vended logs, extract fields, and and convert them into a JSON format. This processor always processes the entire log event message. For more information about this processor including examples, see [parseWAF](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parsePostGres) .
│          │        For more information about AWS WAF log format, see [Log examples for web ACL traffic](https://docs.aws.amazon.com/waf/latest/developerguide/logging-examples.html) .
│          │        > If you use this processor, it must be the first processor in your transformer.
│          │        + documentation: Use this processor to parse AWS WAF vended logs, extract fields, and and convert them into a JSON format. This processor always processes the entire log event message. For more information about this processor including examples, see [parseWAF](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parsePostGres) .
│          │        For more information about AWS WAF log format, see [Log examples for web ACL traffic](https://docs.aws.amazon.com/waf/latest/developerguide/logging-examples.html) .
│          │        > If you use this processor, it must be the first processor in your transformer.
│          ├[~] type Processor
│          │ └ properties
│          │    ├ CopyValue: (documentation changed)
│          │    ├ DateTimeConverter: (documentation changed)
│          │    ├ Grok: (documentation changed)
│          │    ├ LowerCaseString: (documentation changed)
│          │    ├ MoveKeys: (documentation changed)
│          │    ├ ParseCloudfront: (documentation changed)
│          │    ├ ParseJSON: (documentation changed)
│          │    ├ ParseKeyValue: (documentation changed)
│          │    ├ ParseRoute53: (documentation changed)
│          │    ├ ParseVPC: (documentation changed)
│          │    ├ SplitString: (documentation changed)
│          │    ├ SubstituteString: (documentation changed)
│          │    ├ TrimString: (documentation changed)
│          │    ├ TypeConverter: (documentation changed)
│          │    └ UpperCaseString: (documentation changed)
│          ├[~] type RenameKeyEntry
│          │ └      - documentation: This object defines one key that will be renamed with the [renameKey](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-renameKey) processor.
│          │        + documentation: This object defines one key that will be renamed with the [renameKey](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-renameKey) processor.
│          ├[~] type RenameKeys
│          │ └      - documentation: Use this processor to rename keys in a log event.
│          │        For more information about this processor including examples, see [renameKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-renameKeys) in the *CloudWatch Logs User Guide* .
│          │        + documentation: Use this processor to rename keys in a log event.
│          │        For more information about this processor including examples, see [renameKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-renameKeys) in the *CloudWatch Logs User Guide* .
│          ├[~] type SplitString
│          │ └      - documentation: Use this processor to split a field into an array of strings using a delimiting character.
│          │        For more information about this processor including examples, see [splitString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-splitString) in the *CloudWatch Logs User Guide* .
│          │        + documentation: Use this processor to split a field into an array of strings using a delimiting character.
│          │        For more information about this processor including examples, see [splitString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-splitString) in the *CloudWatch Logs User Guide* .
│          ├[~] type SplitStringEntry
│          │ └      - documentation: This object defines one log field that will be split with the [splitString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-splitString) processor.
│          │        + documentation: This object defines one log field that will be split with the [splitString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-splitString) processor.
│          ├[~] type SubstituteString
│          │ └      - documentation: This processor matches a key’s value against a regular expression and replaces all matches with a replacement string.
│          │        For more information about this processor including examples, see [substituteString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-substituteString) in the *CloudWatch Logs User Guide* .
│          │        + documentation: This processor matches a key’s value against a regular expression and replaces all matches with a replacement string.
│          │        For more information about this processor including examples, see [substituteString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-substituteSt

@aws-cdk-automation @github-actions
feat: update L1 CloudFormation resource definitions
151a4c9 
Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec`
@aws-cdk-automation aws-cdk-automation added auto-approve contribution/core This is a PR that came from AWS. dependencies This issue is a problem in a dependency or a pull request that updates a dependency file. pr-linter/exempt-readme The PR linter will not require README changes pr-linter/exempt-test The PR linter will not require test changes pr-linter/exempt-integ-test The PR linter will not require integ test changes labels Jan 20, 2025
@aws-cdk-automation aws-cdk-automation requested a review from a team January 20, 2025 13:45
@github-actions github-actions bot added the p2 label Jan 20, 2025
@aws-cdk-automation aws-cdk-automation requested a review from a team January 20, 2025 13:45
@codecov Codecov
Copy link

codecov bot commented Jan 20, 2025

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 81.44%. Comparing base (bf81b3c) to head (151a4c9).

Additional details and impacted files 
@@           Coverage Diff           @@
##             main   #33019   +/-   ##
=======================================
  Coverage   81.44%   81.44%           
=======================================
  Files         225      225           
  Lines       13750    13750           
  Branches     2412     2412           
=======================================
  Hits        11198    11198           
  Misses       2277     2277           
  Partials      275      275
Flag Coverage Δ
suite.unit 81.44% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Components Coverage Δ
packages/aws-cdk 80.80% <ø> (ø)
packages/aws-cdk-lib/core 82.10% <ø> (ø)

@aws-cdk-automation
Copy link
Collaborator Author

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: 151a4c9
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@mergify Mergify
Copy link
Contributor

mergify bot commented Jan 20, 2025

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@mergify mergify bot merged commit e31924a into main Jan 20, 2025
45 checks passed
@mergify mergify bot deleted the automation/spec-update branch January 20, 2025 14:17
@github-actions GitHub Actions
Copy link

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jan 20, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees
No one assigned
Labels
auto-approve contribution/core This is a PR that came from AWS. dependencies This issue is a problem in a dependency or a pull request that updates a dependency file. p2 pr-linter/exempt-integ-test The PR linter will not require integ test changes pr-linter/exempt-readme The PR linter will not require README changes pr-linter/exempt-test The PR linter will not require test changes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@aws-cdk-automation