From d39e8356643ab89fec791df725af4ad8f0bbaecd Mon Sep 17 00:00:00 2001 From: Ian Hou <45278651+iankhou@users.noreply.github.com> Date: Fri, 10 Jan 2025 12:42:56 -0500 Subject: [PATCH 1/7] fix(rds): clusterScailabilityType is spelled wrong and should be clusterScalabilityType (#32825) ### Issue #32415 Closes #32415 . ### Reason for this change Misspelling of the `ClusterScalabilityType` type, enum, and prop. ### Description of changes Deprecated misspellings of **ClusterScailabilityType**/**clusterScailabilityType** and aliased the misspelling for backwards compatibility. The misspelled name will be removed in the next MV release. ### Describe any new or updated permissions being added No permissions changes. ### Description of how you validated changes Added unit tests for the new spelling (ClusterScalabilityType/clusterScalabilityType), and kept unit tests that tested the misspelling. ```zsh # in packages/aws-cdk-lib yarn test aws-rds ``` Screenshot 2025-01-09 at 16 10 04 Ran the relevant integration test. ```zsh # in packages/@aws-cdk-testing/framework-integ yarn integ test/aws-rds/test/integ.cluster-limitless.js ``` Screenshot 2025-01-09 at 17 03 44 Ran Rosetta to verify README changes. ```zsh ./scripts/run-rosetta.sh ``` No complications from README changes in these commits. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/aws-cdk-lib/aws-rds/README.md | 2 +- packages/aws-cdk-lib/aws-rds/lib/cluster.ts | 39 +++++++++++++++++-- .../aws-cdk-lib/aws-rds/test/cluster.test.ts | 36 +++++++++++++++-- 3 files changed, 69 insertions(+), 8 deletions(-) diff --git a/packages/aws-cdk-lib/aws-rds/README.md b/packages/aws-cdk-lib/aws-rds/README.md index a3862eb036ec4..fd0a8a4ee66e1 100644 --- a/packages/aws-cdk-lib/aws-rds/README.md +++ b/packages/aws-cdk-lib/aws-rds/README.md @@ -1436,7 +1436,7 @@ new rds.DatabaseCluster(this, 'LimitlessDatabaseCluster', { version: rds.AuroraPostgresEngineVersion.VER_16_4_LIMITLESS, }), vpc, - clusterScailabilityType: rds.ClusterScailabilityType.LIMITLESS, + clusterScalabilityType: rds.ClusterScalabilityType.LIMITLESS, // Requires enabling Performance Insights enablePerformanceInsights: true, performanceInsightRetention: rds.PerformanceInsightRetention.MONTHS_1, diff --git a/packages/aws-cdk-lib/aws-rds/lib/cluster.ts b/packages/aws-cdk-lib/aws-rds/lib/cluster.ts index 48521aedd2a1b..7284a8c42b1e3 100644 --- a/packages/aws-cdk-lib/aws-rds/lib/cluster.ts +++ b/packages/aws-cdk-lib/aws-rds/lib/cluster.ts @@ -450,7 +450,17 @@ interface DatabaseClusterBaseProps { * * Set LIMITLESS if you want to use a limitless database; otherwise, set it to STANDARD. * + * @default ClusterScalabilityType.STANDARD + */ + readonly clusterScalabilityType?: ClusterScalabilityType; + + /** + * [Misspelled] Specifies the scalability mode of the Aurora DB cluster. + * + * Set LIMITLESS if you want to use a limitless database; otherwise, set it to STANDARD. + * * @default ClusterScailabilityType.STANDARD + * @deprecated Use clusterScalabilityType instead. This will be removed in the next major version. */ readonly clusterScailabilityType?: ClusterScailabilityType; } @@ -492,6 +502,25 @@ export enum InstanceUpdateBehaviour { /** * The scalability mode of the Aurora DB cluster. */ +export enum ClusterScalabilityType { + /** + * The cluster uses normal DB instance creation. + */ + STANDARD = 'standard', + + /** + * The cluster operates as an Aurora Limitless Database, + * allowing you to create a DB shard group for horizontal scaling (sharding) capabilities. + * + * @see https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/limitless.html + */ + LIMITLESS = 'limitless', +} + +/** + * The scalability mode of the Aurora DB cluster. + * @deprecated Use ClusterScalabilityType instead. This will be removed in the next major version. + */ export enum ClusterScailabilityType { /** * The cluster uses normal DB instance creation. @@ -701,6 +730,10 @@ abstract class DatabaseClusterNew extends DatabaseClusterBase { constructor(scope: Construct, id: string, props: DatabaseClusterBaseProps) { super(scope, id); + if (props.clusterScalabilityType !== undefined && props.clusterScailabilityType !== undefined) { + throw new Error('You cannot specify both clusterScalabilityType and clusterScailabilityType (deprecated). Use clusterScalabilityType.'); + } + if ((props.vpc && props.instanceProps?.vpc) || (!props.vpc && !props.instanceProps?.vpc)) { throw new Error('Provide either vpc or instanceProps.vpc, but not both'); } @@ -802,7 +835,7 @@ abstract class DatabaseClusterNew extends DatabaseClusterBase { throw new Error('`enablePerformanceInsights` disabled, but `performanceInsightRetention` or `performanceInsightEncryptionKey` was set'); } - if (props.clusterScailabilityType === ClusterScailabilityType.LIMITLESS) { + if (props.clusterScalabilityType === ClusterScalabilityType.LIMITLESS || props.clusterScailabilityType === ClusterScailabilityType.LIMITLESS) { if (!props.enablePerformanceInsights) { throw new Error('Performance Insights must be enabled for Aurora Limitless Database.'); } @@ -877,7 +910,7 @@ abstract class DatabaseClusterNew extends DatabaseClusterBase { }), storageType: props.storageType?.toString(), enableLocalWriteForwarding: props.enableLocalWriteForwarding, - clusterScalabilityType: props.clusterScailabilityType, + clusterScalabilityType: props.clusterScalabilityType ?? props.clusterScailabilityType, // Admin backtrackWindow: props.backtrackWindow?.toSeconds(), backupRetentionPeriod: props.backup?.retention?.toDays(), @@ -1287,7 +1320,7 @@ export class DatabaseCluster extends DatabaseClusterNew { setLogRetention(this, props); // create the instances for only standard aurora clusters - if (props.clusterScailabilityType !== ClusterScailabilityType.LIMITLESS) { + if (props.clusterScalabilityType !== ClusterScalabilityType.LIMITLESS && props.clusterScailabilityType !== ClusterScailabilityType.LIMITLESS) { if ((props.writer || props.readers) && (props.instances || props.instanceProps)) { throw new Error('Cannot provide writer or readers if instances or instanceProps are provided'); } diff --git a/packages/aws-cdk-lib/aws-rds/test/cluster.test.ts b/packages/aws-cdk-lib/aws-rds/test/cluster.test.ts index 56a426d9cc9ec..9c340a6e41378 100644 --- a/packages/aws-cdk-lib/aws-rds/test/cluster.test.ts +++ b/packages/aws-cdk-lib/aws-rds/test/cluster.test.ts @@ -17,12 +17,34 @@ import { DatabaseClusterEngine, DatabaseClusterFromSnapshot, ParameterGroup, PerformanceInsightRetention, SubnetGroup, DatabaseSecret, DatabaseInstanceEngine, SqlServerEngineVersion, SnapshotCredentials, InstanceUpdateBehaviour, NetworkType, ClusterInstance, CaCertificate, IClusterEngine, + ClusterScalabilityType, ClusterScailabilityType, DBClusterStorageType, } from '../lib'; describe('cluster new api', () => { describe('errors are thrown', () => { + test('when both clusterScalabilityType and clusterScailabilityType (deprecated) props are provided', () => { + // GIVEN + const stack = testStack(); + const vpc = new ec2.Vpc(stack, 'VPC'); + + expect(() => { + // WHEN + new DatabaseCluster(stack, 'Database', { + engine: DatabaseClusterEngine.AURORA_MYSQL, + instanceProps: { + instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), + vpc, + }, + clusterScalabilityType: ClusterScalabilityType.STANDARD, + clusterScailabilityType: ClusterScailabilityType.STANDARD, + iamAuthentication: true, + }); + // THEN + }).toThrow('You cannot specify both clusterScalabilityType and clusterScailabilityType (deprecated). Use clusterScalabilityType.'); + }); + test('when old and new props are provided', () => { // GIVEN const stack = testStack(); @@ -165,7 +187,10 @@ describe('cluster new api', () => { }); }); - test('cluster scalability option', () => { + test.each([ + ['clusterScalabilityType', 'clusterScalabilityType', ClusterScalabilityType.STANDARD], + ['clusterScailabilityType (deprecated)', 'clusterScailabilityType', ClusterScailabilityType.STANDARD], + ])('cluster scalability option with %s', (_, propName, propValue) => { // GIVEN const stack = testStack(); const vpc = new ec2.Vpc(stack, 'VPC'); @@ -174,8 +199,8 @@ describe('cluster new api', () => { new DatabaseCluster(stack, 'Cluster', { engine: DatabaseClusterEngine.AURORA_MYSQL, vpc, - clusterScailabilityType: ClusterScailabilityType.STANDARD, writer: ClusterInstance.serverlessV2('writer'), + [propName]: propValue, }); // THEN @@ -186,7 +211,10 @@ describe('cluster new api', () => { }); describe('limitless database', () => { - test('with default options', () => { + test.each([ + ['clusterScalabilityType', 'clusterScalabilityType', ClusterScalabilityType.LIMITLESS], + ['clusterScailabilityType (deprecated)', 'clusterScailabilityType', ClusterScailabilityType.LIMITLESS], + ])('with default options using %s', (_, propName, propValue) => { // GIVEN const stack = testStack(); const vpc = new ec2.Vpc(stack, 'VPC'); @@ -197,7 +225,7 @@ describe('cluster new api', () => { version: AuroraPostgresEngineVersion.VER_16_4_LIMITLESS, }), vpc, - clusterScailabilityType: ClusterScailabilityType.LIMITLESS, + [propName]: propValue, enablePerformanceInsights: true, performanceInsightRetention: PerformanceInsightRetention.MONTHS_1, monitoringInterval: cdk.Duration.minutes(1), From add7c6bf63cd00fd12df888d69dc9e0c4b7dadc9 Mon Sep 17 00:00:00 2001 From: KIDANI Akito Date: Sat, 11 Jan 2025 03:14:17 +0900 Subject: [PATCH 2/7] docs(ec2-alpha): fix typos (#32800) ### Issue # (if applicable) N/A ### Reason for this change Fixed typos in the README.md ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-ec2-alpha/README.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2-alpha/README.md b/packages/@aws-cdk/aws-ec2-alpha/README.md index b387e02180ad4..a01295ac1da67 100644 --- a/packages/@aws-cdk/aws-ec2-alpha/README.md +++ b/packages/@aws-cdk/aws-ec2-alpha/README.md @@ -305,7 +305,7 @@ const acceptorVpc = new VpcV2(this, 'VpcA', { const acceptorRoleArn = acceptorVpc.createAcceptorVpcRole('000000000000'); // Requestor account ID ``` -After creating an IAM role in the acceptor account, we can initiate the peering connection request from the requestor VPC. Import accpeptorVpc to the stack using `fromVpcV2Attributes` method, it is recommended to specify owner account id of the acceptor VPC in case of cross account peering connection, if acceptor VPC is hosted in different region provide region value for import as well. +After creating an IAM role in the acceptor account, we can initiate the peering connection request from the requestor VPC. Import acceptorVpc to the stack using `fromVpcV2Attributes` method, it is recommended to specify owner account id of the acceptor VPC in case of cross account peering connection, if acceptor VPC is hosted in different region provide region value for import as well. The following code snippet demonstrates how to set up VPC peering between two VPCs in different AWS accounts using CDK: ```ts @@ -461,11 +461,11 @@ For more information, see [What is AWS Site-to-Site VPN?](https://docs.aws.amazo VPN route propagation is a feature in Amazon Web Services (AWS) that automatically updates route tables in your Virtual Private Cloud (VPC) with routes learned from a VPN connection. -To enable VPN route propogation, use the `vpnRoutePropagation` property to specify the subnets as an input to the function. VPN route propagation will then be enabled for each subnet with the corresponding route table IDs. +To enable VPN route propagation, use the `vpnRoutePropagation` property to specify the subnets as an input to the function. VPN route propagation will then be enabled for each subnet with the corresponding route table IDs. Additionally, you can set up a route in any route table with the target set to the VPN Gateway. The function `enableVpnGatewayV2` returns a `VPNGatewayV2` object that you can reference later. -The code example below provides the definition for setting up a VPN gateway with `vpnRoutePropogation` enabled: +The code example below provides the definition for setting up a VPN gateway with `vpnRoutePropagation` enabled: ```ts @@ -494,7 +494,7 @@ An internet gateway is a horizontally scaled, redundant, and highly available VP For more information, see [Enable VPC internet access using internet gateways](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-igw-internet-access.html). You can add an internet gateway to a VPC using `addInternetGateway` method. By default, this method creates a route in all Public Subnets with outbound destination set to `0.0.0.0` for IPv4 and `::0` for IPv6 enabled VPC. -Instead of using the default settings, you can configure a custom destinatation range by providing an optional input `destination` to the method. +Instead of using the default settings, you can configure a custom destination range by providing an optional input `destination` to the method. The code example below shows how to add an internet gateway with a custom outbound destination IP range: @@ -539,13 +539,13 @@ const importedVpc = VpcV2.fromVpcV2Attributes(stack, 'ImportedVpc', { In case of cross account or cross region VPC, its recommended to provide region and ownerAccountId so that these values for the VPC can be used to populate correct arn value for the VPC. If a VPC region and account ID is not provided, then region and account configured in the stack will be used. Furthermore, these fields will be referenced later while setting up VPC peering connection, so its necessary to set these fields to a correct value. -Below is an example of importing a cross region and cross acount VPC, VPC arn for this case would be 'arn:aws:ec2:us-west-2:123456789012:vpc/mockVpcID' +Below is an example of importing a cross region and cross account VPC, VPC arn for this case would be 'arn:aws:ec2:us-west-2:123456789012:vpc/mockVpcID' ``` ts const stack = new Stack(); -//Importing a cross acount or cross region VPC +//Importing a cross account or cross region VPC const importedVpc = VpcV2.fromVpcV2Attributes(stack, 'ImportedVpc', { vpcId: 'mockVpcID', vpcCidrBlock: '10.0.0.0/16', From d1a0ac50803b4043e8a87aa25fcc61e65480435f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 10 Jan 2025 19:07:06 +0000 Subject: [PATCH 3/7] chore(deps): bump tj-actions/changed-files from 45.0.5 to 45.0.6 (#32752) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 45.0.5 to 45.0.6.
Release notes

Sourced from tj-actions/changed-files's releases.

v45.0.6

What's Changed

Full Changelog: https://github.com/tj-actions/changed-files/compare/v45...v45.0.6

Changelog

Sourced from tj-actions/changed-files's changelog.

Changelog

45.0.6 - (2025-01-03)

🐛 Bug Fixes

  • deps: Update dependency yaml to v2.7.0 (#2383) (5f974c2) - (renovate[bot])

⚙️ Miscellaneous Tasks

  • deps: Update dependency @​types/lodash to v4.17.14 (#2388) (d6e91a2) - (renovate[bot])
  • deps: Update dependency @​types/node to v22.10.5 (#2387) (73401cd) - (renovate[bot])
  • deps: Update dependency @​types/node to v22.10.4 (#2386) (7f28b2b) - (renovate[bot])
  • deps: Update dependency @​types/node to v22.10.3 (#2385) (c1f82ce) - (renovate[bot])
  • deps: Lock file maintenance (#2382) (bb364ec) - (renovate[bot])
  • deps: Update peter-evans/create-pull-request action to v7.0.6 (#2380) (7ac5902) - (renovate[bot])
  • deps: Lock file maintenance (#2379) (7c5097f) - (renovate[bot])
  • deps: Update dependency eslint-plugin-jest to v28.10.0 (#2378) (37dc9a5) - (renovate[bot])
  • deps: Lock file maintenance (#2377) (515a6b3) - (renovate[bot])
  • deps: Update dependency @​types/node to v22.10.2 (#2376) (ac47125) - (renovate[bot])
  • deps: Lock file maintenance (#2375) (ef3b6f1) - (renovate[bot])

⬆️ Upgrades

  • Upgraded to v45.0.5 (#2374)

Co-authored-by: jackton1 17484350+jackton1@users.noreply.github.com (8082fbc) - (tj-actions[bot])

45.0.5 - (2024-12-05)

⚙️ Miscellaneous Tasks

  • deps: Update dependency eslint-plugin-github to v5.1.4 (#2372) (bab30c2) - (renovate[bot])
  • deps: Update dependency prettier to v3.4.2 (#2370) (657a3f9) - (renovate[bot])
  • deps: Lock file maintenance (#2369) (05f0aba) - (renovate[bot])
  • deps: Update dependency @​types/node to v22.10.1 (#2368) (4623961) - (renovate[bot])
  • deps: Update dependency eslint-plugin-github to v5.1.3 (#2367) (c19a7eb) - (renovate[bot])
  • deps: Update dependency prettier to v3.4.1 (#2366) (c288441) - (renovate[bot])
  • deps: Update dependency prettier to v3.4.0 (#2365) (1d6ea46) - (renovate[bot])
  • deps: Update dependency @​types/node to v22.10.0 (#2364) (02b41f5) - (renovate[bot])
  • deps: Update dependency @​types/node to v22.9.4 (#2361) (b4a4dca) - (renovate[bot])
  • deps: Lock file maintenance (#2360) (602aacf) - (renovate[bot])
  • deps: Update dependency @​types/node to v22.9.3 (#2359) (51290e0) - (renovate[bot])
  • deps: Update dependency @​types/node to v22.9.2 (#2358) (b4badd8) - (renovate[bot])
  • deps: Update dependency typescript to v5.7.2 (#2357) (652b4c0) - (renovate[bot])
  • deps-dev: Bump eslint-plugin-github from 5.0.2 to 5.1.1 (#2356) (0b7a421) - (dependabot[bot])
  • deps: Bump yaml from 2.6.0 to 2.6.1 (#2353) (b26581a) - (dependabot[bot])
  • deps: Update dependency @​types/node to v22.9.1 (#2352) (43e6b45) - (renovate[bot])
  • deps: Lock file maintenance (#2349) (fe1bc0e) - (renovate[bot])
  • deps: Update dependency @​vercel/ncc to v0.38.3 (#2348) (d7917c6) - (renovate[bot])

... (truncated)

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tj-actions/changed-files&package-manager=github_actions&previous-version=45.0.5&new-version=45.0.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
--- .github/workflows/request-cli-integ-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/request-cli-integ-test.yml b/.github/workflows/request-cli-integ-test.yml index 8847151c25039..81fbdb9c4ed26 100644 --- a/.github/workflows/request-cli-integ-test.yml +++ b/.github/workflows/request-cli-integ-test.yml @@ -19,7 +19,7 @@ jobs: persist-credentials: false - name: Find changed cli files id: changed-cli-files - uses: tj-actions/changed-files@bab30c2299617f6615ec02a68b9a40d10bd21366 + uses: tj-actions/changed-files@d6e91a2266cdb9d62096cebf1e8546899c6aa18f with: base_sha: ${{ github.event.pull_request.base.sha }} files_yaml: | From 3c0acce39c6179ed18cc14d33622c69a4978ec97 Mon Sep 17 00:00:00 2001 From: Rico Hermans Date: Fri, 10 Jan 2025 20:46:08 +0100 Subject: [PATCH 4/7] fix(cli): "no stack found in the main cloud assembly" (#32839) Reverts aws/aws-cdk#32636 It leads to a problem in case of applications where there are no top-level stacks, but only stacks in nested stages: #32836. Closes #32836. --- .../tests/cli-integ-tests/cli.integtest.ts | 14 ---- packages/aws-cdk/lib/cdk-toolkit.ts | 54 ---------------- packages/aws-cdk/test/cdk-toolkit.test.ts | 64 ------------------- 3 files changed, 132 deletions(-) diff --git a/packages/@aws-cdk-testing/cli-integ/tests/cli-integ-tests/cli.integtest.ts b/packages/@aws-cdk-testing/cli-integ/tests/cli-integ-tests/cli.integtest.ts index 34526ece88265..f4736584a065f 100644 --- a/packages/@aws-cdk-testing/cli-integ/tests/cli-integ-tests/cli.integtest.ts +++ b/packages/@aws-cdk-testing/cli-integ/tests/cli-integ-tests/cli.integtest.ts @@ -2634,20 +2634,6 @@ integTest('hotswap ECS deployment respects properties override', withDefaultFixt expect(describeServicesResponse.services?.[0].deploymentConfiguration?.maximumPercent).toEqual(ecsMaximumHealthyPercent); })); -integTest('cdk destroy does not fail even if the stacks do not exist', withDefaultFixture(async (fixture) => { - const nonExistingStackName1 = 'non-existing-stack-1'; - const nonExistingStackName2 = 'non-existing-stack-2'; - - await expect(fixture.cdkDestroy([nonExistingStackName1, nonExistingStackName2])).resolves.not.toThrow(); -})); - -integTest('cdk destroy with no force option exits without prompt if the stacks do not exist', withDefaultFixture(async (fixture) => { - const nonExistingStackName1 = 'non-existing-stack-1'; - const nonExistingStackName2 = 'non-existing-stack-2'; - - await expect(fixture.cdk(['destroy', ...fixture.fullStackName([nonExistingStackName1, nonExistingStackName2])])).resolves.not.toThrow(); -})); - async function listChildren(parent: string, pred: (x: string) => Promise) { const ret = new Array(); for (const child of await fs.readdir(parent, { encoding: 'utf-8' })) { diff --git a/packages/aws-cdk/lib/cdk-toolkit.ts b/packages/aws-cdk/lib/cdk-toolkit.ts index 64fa955912e4d..32f6616e5cdb6 100644 --- a/packages/aws-cdk/lib/cdk-toolkit.ts +++ b/packages/aws-cdk/lib/cdk-toolkit.ts @@ -4,7 +4,6 @@ import * as cxapi from '@aws-cdk/cx-api'; import * as chalk from 'chalk'; import * as chokidar from 'chokidar'; import * as fs from 'fs-extra'; -import { minimatch } from 'minimatch'; import * as promptly from 'promptly'; import * as uuid from 'uuid'; import { DeploymentMethod, SuccessfulDeployStackResult } from './api'; @@ -800,16 +799,6 @@ export class CdkToolkit { public async destroy(options: DestroyOptions) { let stacks = await this.selectStacksForDestroy(options.selector, options.exclusively); - await this.suggestStacks({ - selector: options.selector, - stacks, - exclusively: options.exclusively, - }); - if (stacks.stackArtifacts.length === 0) { - warning(`No stacks match the name(s): ${chalk.red(options.selector.patterns.join(', '))}`); - return; - } - // The stacks will have been ordered for deployment, so reverse them for deletion. stacks = stacks.reversed(); @@ -1173,49 +1162,6 @@ export class CdkToolkit { return stacks; } - private async suggestStacks(props: { - selector: StackSelector; - stacks: StackCollection; - exclusively?: boolean; - }) { - const assembly = await this.assembly(); - const selectorWithoutPatterns: StackSelector = { - ...props.selector, - allTopLevel: true, - patterns: [], - }; - const stacksWithoutPatterns = await assembly.selectStacks(selectorWithoutPatterns, { - extend: props.exclusively ? ExtendedStackSelection.None : ExtendedStackSelection.Downstream, - defaultBehavior: DefaultSelection.OnlySingle, - }); - - const patterns = props.selector.patterns.map(pattern => { - const notExist = !props.stacks.stackArtifacts.find(stack => - minimatch(stack.hierarchicalId, pattern), - ); - - const closelyMatched = notExist ? stacksWithoutPatterns.stackArtifacts.map(stack => { - if (minimatch(stack.hierarchicalId.toLowerCase(), pattern.toLowerCase())) { - return stack.hierarchicalId; - } - return; - }).filter((stack): stack is string => stack !== undefined) : []; - - return { - pattern, - notExist, - closelyMatched, - }; - }); - - for (const pattern of patterns) { - if (pattern.notExist) { - const closelyMatched = pattern.closelyMatched.length > 0 ? ` Do you mean ${chalk.blue(pattern.closelyMatched.join(', '))}?` : ''; - warning(`${chalk.red(pattern.pattern)} does not exist.${closelyMatched}`); - } - }; - } - /** * Validate the stacks for errors and warnings according to the CLI's current settings */ diff --git a/packages/aws-cdk/test/cdk-toolkit.test.ts b/packages/aws-cdk/test/cdk-toolkit.test.ts index 5ae3a2f9a45ae..8dad7142baea7 100644 --- a/packages/aws-cdk/test/cdk-toolkit.test.ts +++ b/packages/aws-cdk/test/cdk-toolkit.test.ts @@ -953,70 +953,6 @@ describe('destroy', () => { }); }).resolves; }); - - test('does not throw and warns if there are only non-existent stacks', async () => { - const toolkit = defaultToolkitSetup(); - - await toolkit.destroy({ - selector: { patterns: ['Test-Stack-X', 'Test-Stack-Y'] }, - exclusively: true, - force: true, - fromDeploy: true, - }); - - expect(flatten(stderrMock.mock.calls)).toEqual( - expect.arrayContaining([ - expect.stringMatching(/Test-Stack-X does not exist./), - expect.stringMatching(/Test-Stack-Y does not exist./), - expect.stringMatching(/No stacks match the name\(s\): Test-Stack-X, Test-Stack-Y/), - ]), - ); - }); - - test('does not throw and warns if there is a non-existent stack and the other exists', async () => { - const toolkit = defaultToolkitSetup(); - - await toolkit.destroy({ - selector: { patterns: ['Test-Stack-X', 'Test-Stack-B'] }, - exclusively: true, - force: true, - fromDeploy: true, - }); - - expect(flatten(stderrMock.mock.calls)).toEqual( - expect.arrayContaining([ - expect.stringMatching(/Test-Stack-X does not exist./), - ]), - ); - expect(flatten(stderrMock.mock.calls)).not.toEqual( - expect.arrayContaining([ - expect.stringMatching(/Test-Stack-B does not exist./), - ]), - ); - expect(flatten(stderrMock.mock.calls)).not.toEqual( - expect.arrayContaining([ - expect.stringMatching(/No stacks match the name\(s\)/), - ]), - ); - }); - - test('does not throw and suggests valid names if there is a non-existent but closely matching stack', async () => { - const toolkit = defaultToolkitSetup(); - - await toolkit.destroy({ - selector: { patterns: ['test-stack-b'] }, - exclusively: true, - force: true, - fromDeploy: true, - }); - - expect(flatten(stderrMock.mock.calls)).toEqual( - expect.arrayContaining([ - expect.stringMatching(/test-stack-b does not exist. Do you mean Test-Stack-B?/), - expect.stringMatching(/No stacks match the name\(s\): test-stack-b/), - ]), - ); - }); }); describe('watch', () => { From 49eb9d3aa121470ac9795cf1e8a39760c70a62fe Mon Sep 17 00:00:00 2001 From: GZ Date: Fri, 10 Jan 2025 15:22:54 -0800 Subject: [PATCH 5/7] chore: remove duplicate entry in feature flag (#32843) ### Issue # (if applicable) ### Reason for this change There's a duplicate entry in Feature flag markdown file. ### Description of changes Remove duplicate entry ### Description of how you validated changes N/A ### Checklist - [ ] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/aws-cdk-lib/cx-api/FEATURE_FLAGS.md | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/packages/aws-cdk-lib/cx-api/FEATURE_FLAGS.md b/packages/aws-cdk-lib/cx-api/FEATURE_FLAGS.md index 12075ff16f731..df822c4f90c1f 100644 --- a/packages/aws-cdk-lib/cx-api/FEATURE_FLAGS.md +++ b/packages/aws-cdk-lib/cx-api/FEATURE_FLAGS.md @@ -1439,22 +1439,6 @@ If the flag is set to false then a custom resource will be created when using `U | (not in v1) | | | | 2.174.0 | `false` | `true` | -### @aws-cdk/aws-route53-targets:userPoolDomainNameMethodWithoutCustomResource - -*When enabled, use a new method for DNS Name of user pool domain target without creating a custom resource.* (fix) - -When this feature flag is enabled, a new method will be used to get the DNS Name of the user pool domain target. The old method -creates a custom resource internally, but the new method doesn't need a custom resource. - -If the flag is set to false then a custom resource will be created when using `UserPoolDomainTarget`. - - -| Since | Default | Recommended | -| ----- | ----- | ----- | -| (not in v1) | | | -| 2.174.0 | `false` | `true` | - - ### @aws-cdk/aws-ecs:disableEcsImdsBlocking *When set to true, CDK synth will throw exception if canContainersAccessInstanceRole is false. **IMPORTANT: See [details.](#aws-cdkaws-ecsdisableEcsImdsBlocking)*** (temporary) From 166466d5f64a158705a3acb099f4b7c59e0d3e8f Mon Sep 17 00:00:00 2001 From: Mohamed Elasmar <71043312+moelasmar@users.noreply.github.com> Date: Fri, 10 Jan 2025 19:21:42 -0800 Subject: [PATCH 6/7] chore(iot1click): remove the shut down service aws-iot1click (#32844) Removing the aws-iot1click package for the shut down service https://docs.aws.amazon.com/iot/latest/developerguide/iot-legacy-services.html This PR is required to fix the Spec update PR https://github.com/cdklabs/awscdk-service-spec/pull/1559 I updated the Spec2Cdk tool to accept extra parameter to maintain the list of services we want to skip generating them. ### Checklist - [X] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .github/workflows/issue-label-assign.yml | 1 - deprecated_apis.txt | 1 + .../aws-cdk-lib/aws-iot1click/.jsiirc.json | 13 --------- packages/aws-cdk-lib/aws-iot1click/README.md | 27 ------------------- packages/aws-cdk-lib/aws-iot1click/index.ts | 1 - .../aws-cdk-lib/aws-iot1click/lib/index.ts | 1 - .../lib/helpers-internal/sdk-v2-to-v3.json | 2 -- .../lib/helpers-internal/sdk-v3-metadata.json | 6 ----- packages/aws-cdk-lib/index.ts | 1 - packages/aws-cdk-lib/package.json | 1 - packages/aws-cdk-lib/scripts/gen.ts | 1 + packages/aws-cdk-lib/scripts/scope-map.json | 3 --- .../lib/aws-service-official-names.json | 1 - tools/@aws-cdk/spec2cdk/lib/cfn2ts/index.ts | 5 ++-- tools/@aws-cdk/spec2cdk/lib/cfn2ts/types.ts | 5 ++++ 15 files changed, 10 insertions(+), 59 deletions(-) delete mode 100644 packages/aws-cdk-lib/aws-iot1click/.jsiirc.json delete mode 100644 packages/aws-cdk-lib/aws-iot1click/README.md delete mode 100644 packages/aws-cdk-lib/aws-iot1click/index.ts delete mode 100644 packages/aws-cdk-lib/aws-iot1click/lib/index.ts diff --git a/.github/workflows/issue-label-assign.yml b/.github/workflows/issue-label-assign.yml index 15a4b5688d43b..95e422e53d221 100644 --- a/.github/workflows/issue-label-assign.yml +++ b/.github/workflows/issue-label-assign.yml @@ -173,7 +173,6 @@ env: {"area":"@aws-cdk/aws-inspector","keywords":["aws-inspector","inspector"],"labels":["@aws-cdk/aws-inspector"]}, {"area":"@aws-cdk/aws-iot","keywords":["internet-of-things","aws-iot","iot"],"labels":["@aws-cdk/aws-iot"],"affixes":{"suffixes":["-alpha"]}}, {"area":"@aws-cdk/aws-iot-actions","keywords":["aws-iot-actions","iot-actions"],"labels":["@aws-cdk/aws-iot-actions"],"affixes":{"suffixes":["-alpha"]}}, - {"area":"@aws-cdk/aws-iot1click","keywords":["aws-iot1click","iot1click"],"labels":["@aws-cdk/aws-iot1click"]}, {"area":"@aws-cdk/aws-iotanalytics","keywords":["aws-iotanalytics","iotanalytics"],"labels":["@aws-cdk/aws-iotanalytics"]}, {"area":"@aws-cdk/aws-iotevents","keywords":["aws-iotevents","iotevents"],"labels":["@aws-cdk/aws-iotevents"],"affixes":{"suffixes":["-alpha"]}}, {"area":"@aws-cdk/aws-iotevents-actions","keywords":["aws-iotevents","iotevents-actions"],"labels":["@aws-cdk/aws-iotevents-actions"],"affixes":{"suffixes":["-alpha"]}}, diff --git a/deprecated_apis.txt b/deprecated_apis.txt index 81f8cec199a6f..8cdf9adcd1b92 100644 --- a/deprecated_apis.txt +++ b/deprecated_apis.txt @@ -1098,3 +1098,4 @@ aws-cdk-lib.pipelines.UpdatePipelineActionProps#pipelineStackHierarchicalId aws-cdk-lib.pipelines.UpdatePipelineActionProps#pipelineStackName aws-cdk-lib.pipelines.UpdatePipelineActionProps#privileged aws-cdk-lib.pipelines.UpdatePipelineActionProps#projectName +aws-cdk-lib.iot1click diff --git a/packages/aws-cdk-lib/aws-iot1click/.jsiirc.json b/packages/aws-cdk-lib/aws-iot1click/.jsiirc.json deleted file mode 100644 index 7132206a4af7f..0000000000000 --- a/packages/aws-cdk-lib/aws-iot1click/.jsiirc.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "targets": { - "dotnet": { - "namespace": "Amazon.CDK.AWS.IoT1Click" - }, - "java": { - "package": "software.amazon.awscdk.services.iot1click" - }, - "python": { - "module": "aws_cdk.aws_iot1click" - } - } -} diff --git a/packages/aws-cdk-lib/aws-iot1click/README.md b/packages/aws-cdk-lib/aws-iot1click/README.md deleted file mode 100644 index d67033f75c55e..0000000000000 --- a/packages/aws-cdk-lib/aws-iot1click/README.md +++ /dev/null @@ -1,27 +0,0 @@ -# AWS IoT 1-Click Construct Library - - -This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. - -```ts nofixture -import * as iot1click from 'aws-cdk-lib/aws-iot1click'; -``` - - - -There are no official hand-written ([L2](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) constructs for this service yet. Here are some suggestions on how to proceed: - -- Search [Construct Hub for IoT1Click construct libraries](https://constructs.dev/search?q=iot1click) -- Use the automatically generated [L1](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_l1_using) constructs, in the same way you would use [the CloudFormation AWS::IoT1Click resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_IoT1Click.html) directly. - - - - -There are no hand-written ([L2](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) constructs for this service yet. -However, you can still use the automatically generated [L1](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_l1_using) constructs, and use this service exactly as you would using CloudFormation directly. - -For more information on the resources and properties available for this service, see the [CloudFormation documentation for AWS::IoT1Click](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_IoT1Click.html). - -(Read the [CDK Contributing Guide](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and submit an RFC if you are interested in contributing to this construct library.) - - diff --git a/packages/aws-cdk-lib/aws-iot1click/index.ts b/packages/aws-cdk-lib/aws-iot1click/index.ts deleted file mode 100644 index f41a696fd204d..0000000000000 --- a/packages/aws-cdk-lib/aws-iot1click/index.ts +++ /dev/null @@ -1 +0,0 @@ -export * from './lib'; diff --git a/packages/aws-cdk-lib/aws-iot1click/lib/index.ts b/packages/aws-cdk-lib/aws-iot1click/lib/index.ts deleted file mode 100644 index 9adc206ef8dbd..0000000000000 --- a/packages/aws-cdk-lib/aws-iot1click/lib/index.ts +++ /dev/null @@ -1 +0,0 @@ -export * from './iot1click.generated'; diff --git a/packages/aws-cdk-lib/custom-resources/lib/helpers-internal/sdk-v2-to-v3.json b/packages/aws-cdk-lib/custom-resources/lib/helpers-internal/sdk-v2-to-v3.json index 87d3ee81f1e72..bf8d179c6e16b 100644 --- a/packages/aws-cdk-lib/custom-resources/lib/helpers-internal/sdk-v2-to-v3.json +++ b/packages/aws-cdk-lib/custom-resources/lib/helpers-internal/sdk-v2-to-v3.json @@ -57,8 +57,6 @@ "forecastqueryservice": "forecastquery", "forecastservice": "forecast", "globalaccelerator": "global-accelerator", - "iot1clickdevicesservice": "iot-1click-devices-service", - "iot1clickprojects": "iot-1click-projects", "iotevents": "iot-events", "ioteventsdata": "iot-events-data", "iotjobsdataplane": "iot-jobs-data-plane", diff --git a/packages/aws-cdk-lib/custom-resources/lib/helpers-internal/sdk-v3-metadata.json b/packages/aws-cdk-lib/custom-resources/lib/helpers-internal/sdk-v3-metadata.json index 851878844e36c..399f94a66c5f6 100644 --- a/packages/aws-cdk-lib/custom-resources/lib/helpers-internal/sdk-v3-metadata.json +++ b/packages/aws-cdk-lib/custom-resources/lib/helpers-internal/sdk-v3-metadata.json @@ -492,12 +492,6 @@ "internetmonitor": { "iamPrefix": "internetmonitor" }, - "iot-1click-devices-service": { - "iamPrefix": "iot1click" - }, - "iot-1click-projects": { - "iamPrefix": "iot1click" - }, "iot-data-plane": { "iamPrefix": "iotdata" }, diff --git a/packages/aws-cdk-lib/index.ts b/packages/aws-cdk-lib/index.ts index 9eee38240790a..03f9fb48fbebf 100644 --- a/packages/aws-cdk-lib/index.ts +++ b/packages/aws-cdk-lib/index.ts @@ -133,7 +133,6 @@ export * as aws_inspectorv2 from './aws-inspectorv2'; export * as aws_internetmonitor from './aws-internetmonitor'; export * as aws_invoicing from './aws-invoicing'; export * as aws_iot from './aws-iot'; -export * as aws_iot1click from './aws-iot1click'; export * as aws_iotanalytics from './aws-iotanalytics'; export * as aws_iotcoredeviceadvisor from './aws-iotcoredeviceadvisor'; export * as aws_iotevents from './aws-iotevents'; diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index 724c217e5f760..2e15d6ce6a46a 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -347,7 +347,6 @@ "./aws-internetmonitor": "./aws-internetmonitor/index.js", "./aws-invoicing": "./aws-invoicing/index.js", "./aws-iot": "./aws-iot/index.js", - "./aws-iot1click": "./aws-iot1click/index.js", "./aws-iotanalytics": "./aws-iotanalytics/index.js", "./aws-iotcoredeviceadvisor": "./aws-iotcoredeviceadvisor/index.js", "./aws-iotevents": "./aws-iotevents/index.js", diff --git a/packages/aws-cdk-lib/scripts/gen.ts b/packages/aws-cdk-lib/scripts/gen.ts index 2bb7a78e0988b..1ef52be8044ba 100644 --- a/packages/aws-cdk-lib/scripts/gen.ts +++ b/packages/aws-cdk-lib/scripts/gen.ts @@ -20,6 +20,7 @@ async function main() { const generated = (await generateAll(awsCdkLibDir, { coreImport: '../../core', cloudwatchImport: '../../aws-cloudwatch', + skippedServices: ['AWS::IoT1Click'], scopeMapPath, })); diff --git a/packages/aws-cdk-lib/scripts/scope-map.json b/packages/aws-cdk-lib/scripts/scope-map.json index 95afe66aedfc3..a25f26649a690 100644 --- a/packages/aws-cdk-lib/scripts/scope-map.json +++ b/packages/aws-cdk-lib/scripts/scope-map.json @@ -359,9 +359,6 @@ "aws-iot": [ "AWS::IoT" ], - "aws-iot1click": [ - "AWS::IoT1Click" - ], "aws-iotanalytics": [ "AWS::IoTAnalytics" ], diff --git a/tools/@aws-cdk/pkglint/lib/aws-service-official-names.json b/tools/@aws-cdk/pkglint/lib/aws-service-official-names.json index 61ac88c6f3e6c..ea13476e369ea 100644 --- a/tools/@aws-cdk/pkglint/lib/aws-service-official-names.json +++ b/tools/@aws-cdk/pkglint/lib/aws-service-official-names.json @@ -50,7 +50,6 @@ "AWS::GuardDuty": "Amazon GuardDuty", "AWS::IAM": "AWS Identity and Access Management", "AWS::Inspector": "Amazon Inspector", - "AWS::IoT1Click": "AWS IoT 1-Click", "AWS::IoT": "AWS IoT", "AWS::IoTAnalytics": "AWS IoT Analytics", "AWS::IoTThingsGraph": "AWS IoT Things Graph", diff --git a/tools/@aws-cdk/spec2cdk/lib/cfn2ts/index.ts b/tools/@aws-cdk/spec2cdk/lib/cfn2ts/index.ts index a874956e1abca..4d2e5605b05fc 100644 --- a/tools/@aws-cdk/spec2cdk/lib/cfn2ts/index.ts +++ b/tools/@aws-cdk/spec2cdk/lib/cfn2ts/index.ts @@ -107,9 +107,10 @@ function computeSuffix(scope: string, allScopes: string[]): string | undefined { */ export async function generateAll( outPath: string, - { scopeMapPath, ...options }: GenerateAllOptions, + { scopeMapPath, skippedServices, ...options }: GenerateAllOptions, ): Promise { - const scopes = await getAllScopes('cloudFormationNamespace'); + const allScopes = await getAllScopes('cloudFormationNamespace'); + const scopes = skippedServices? allScopes.filter((scope) => !skippedServices.includes(scope)) : allScopes; const moduleMap = await readScopeMap(scopeMapPath); // Make sure all scopes have their own dedicated package/namespace. diff --git a/tools/@aws-cdk/spec2cdk/lib/cfn2ts/types.ts b/tools/@aws-cdk/spec2cdk/lib/cfn2ts/types.ts index a2a09e5aa02a9..04c2e9643658c 100644 --- a/tools/@aws-cdk/spec2cdk/lib/cfn2ts/types.ts +++ b/tools/@aws-cdk/spec2cdk/lib/cfn2ts/types.ts @@ -28,6 +28,11 @@ export interface GenerateAllOptions extends CodeGeneratorOptions, AugmentationsG * Path of the file containing the map of module names to their CFN Scopes */ scopeMapPath: string; + + /** + * List of service names to be skipped it will be in format AWS::Service like AWS::S3 + */ + skippedServices?: string[]; } /** From 93172033e4a8346a86ee00017acba57b57f22aab Mon Sep 17 00:00:00 2001 From: AWS CDK Automation <43080478+aws-cdk-automation@users.noreply.github.com> Date: Fri, 10 Jan 2025 20:29:29 -0800 Subject: [PATCH 7/7] feat: update L1 CloudFormation resource definitions (#32847) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec` **L1 CloudFormation resource definition changes:** ``` ├[~] service aws-appconfig │ └ resources │ └[~] resource AWS::AppConfig::Deployment │ ├ attributes │ │ └[-] Id: string │ └ types │ └[~] type Tags │ ├ - documentation: Metadata to assign to the deployment strategy. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define. │ │ + documentation: undefined │ └ properties │ ├ Key: (documentation changed) │ └ Value: (documentation changed) ├[~] service aws-appsync │ └ resources │ └[~] resource AWS::AppSync::DataSource │ └ properties │ └ ServiceRoleArn: (documentation changed) ├[~] service aws-backup │ └ resources │ └[~] resource AWS::Backup::LogicallyAirGappedBackupVault │ ├ properties │ │ ├[-] VaultState: string │ │ └[-] VaultType: string │ └ attributes │ ├[+] VaultState: string │ └[+] VaultType: string ├[~] service aws-cleanrooms │ └ resources │ ├[~] resource AWS::CleanRooms::Collaboration │ │ ├ properties │ │ │ └ CreatorMLMemberAbilities: (documentation changed) │ │ └ types │ │ ├[~] type MemberSpecification │ │ │ └ properties │ │ │ └ MLMemberAbilities: (documentation changed) │ │ ├[~] type MLMemberAbilities │ │ │ ├ - documentation: undefined │ │ │ │ + documentation: The ML member abilities for a collaboration member. │ │ │ └ properties │ │ │ └ CustomMLMemberAbilities: (documentation changed) │ │ ├[~] type MLPaymentConfig │ │ │ ├ - documentation: undefined │ │ │ │ + documentation: An object representing the collaboration member's machine learning payment responsibilities set by the collaboration creator. │ │ │ └ properties │ │ │ ├ ModelInference: (documentation changed) │ │ │ └ ModelTraining: (documentation changed) │ │ ├[~] type ModelInferencePaymentConfig │ │ │ ├ - documentation: undefined │ │ │ │ + documentation: An object representing the collaboration member's model inference payment responsibilities set by the collaboration creator. │ │ │ └ properties │ │ │ └ IsResponsible: (documentation changed) │ │ ├[~] type ModelTrainingPaymentConfig │ │ │ ├ - documentation: undefined │ │ │ │ + documentation: An object representing the collaboration member's model training payment responsibilities set by the collaboration creator. │ │ │ └ properties │ │ │ └ IsResponsible: (documentation changed) │ │ └[~] type PaymentConfiguration │ │ └ properties │ │ └ MachineLearning: (documentation changed) │ └[~] resource AWS::CleanRooms::Membership │ └ types │ ├[~] type MembershipMLPaymentConfig │ │ ├ - documentation: undefined │ │ │ + documentation: An object representing the collaboration member's machine learning payment responsibilities set by the collaboration creator. │ │ └ properties │ │ ├ ModelInference: (documentation changed) │ │ └ ModelTraining: (documentation changed) │ ├[~] type MembershipModelInferencePaymentConfig │ │ ├ - documentation: undefined │ │ │ + documentation: An object representing the collaboration member's model inference payment responsibilities set by the collaboration creator. │ │ └ properties │ │ └ IsResponsible: (documentation changed) │ ├[~] type MembershipModelTrainingPaymentConfig │ │ ├ - documentation: undefined │ │ │ + documentation: An object representing the collaboration member's model training payment responsibilities set by the collaboration creator. │ │ └ properties │ │ └ IsResponsible: (documentation changed) │ └[~] type MembershipPaymentConfiguration │ └ properties │ └ MachineLearning: (documentation changed) ├[~] service aws-cloudformation │ └ resources │ └[~] resource AWS::CloudFormation::Macro │ └ properties │ └ LogGroupName: (documentation changed) ├[~] service aws-cloudwatch │ └ resources │ ├[~] resource AWS::CloudWatch::Alarm │ │ ├ properties │ │ │ └ Period: (documentation changed) │ │ └ types │ │ ├[~] type MetricDataQuery │ │ │ └ properties │ │ │ └ Period: (documentation changed) │ │ └[~] type MetricStat │ │ └ properties │ │ └ Period: (documentation changed) │ └[~] resource AWS::CloudWatch::AnomalyDetector │ └ types │ ├[~] type MetricDataQuery │ │ └ properties │ │ └ Period: (documentation changed) │ └[~] type MetricStat │ └ properties │ └ Period: (documentation changed) ├[~] service aws-cognito │ └ resources │ ├[~] resource AWS::Cognito::LogDeliveryConfiguration │ │ ├ - documentation: Sets up or modifies the logging configuration of a user pool. User pools can export user notification logs and advanced security features user activity logs. │ │ │ + documentation: Sets up or modifies the logging configuration of a user pool. User pools can export user notification logs and, when threat protection is active, user-activity logs. For more information, see [Exporting user pool logs](https://docs.aws.amazon.com/cognito/latest/developerguide/exporting-quotas-and-usage.html) . │ │ └ types │ │ ├[~] type FirehoseConfiguration │ │ │ ├ - documentation: Configuration for the Amazon Data Firehose stream destination of user activity log export with advanced security features. │ │ │ │ + documentation: Configuration for the Amazon Data Firehose stream destination of user activity log export with threat protection. │ │ │ └ properties │ │ │ └ StreamArn: (documentation changed) │ │ ├[~] type LogConfiguration │ │ │ ├ - documentation: The configuration of user event logs to an external AWS service like Amazon Data Firehose, Amazon S3, or Amazon CloudWatch Logs. │ │ │ │ This data type is a request parameter of [SetLogDeliveryConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetLogDeliveryConfiguration.html) and a response parameter of [GetLogDeliveryConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetLogDeliveryConfiguration.html) . │ │ │ │ + documentation: The configuration of user event logs to an external AWS service like Amazon Data Firehose, Amazon S3, or Amazon CloudWatch Logs. │ │ │ │ This data type is a request parameter of `API_SetLogDeliveryConfiguration` and a response parameter of `API_GetLogDeliveryConfiguration` . │ │ │ └ properties │ │ │ ├ CloudWatchLogsConfiguration: (documentation changed) │ │ │ ├ FirehoseConfiguration: (documentation changed) │ │ │ └ S3Configuration: (documentation changed) │ │ └[~] type S3Configuration │ │ ├ - documentation: Configuration for the Amazon S3 bucket destination of user activity log export with advanced security features. │ │ │ + documentation: Configuration for the Amazon S3 bucket destination of user activity log export with threat protection. │ │ └ properties │ │ └ BucketArn: (documentation changed) │ ├[~] resource AWS::Cognito::ManagedLoginBranding │ │ └ types │ │ └[~] type AssetType │ │ └ - documentation: An image file from a managed login branding style in a user pool. │ │ This data type is a request parameter of [CreateManagedLoginBranding](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateManagedLoginBranding.html) and [UpdateManagedLoginBranding](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateManagedLoginBranding.html) , and a response parameter of [DescribeManagedLoginBranding](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeManagedLoginBranding.html) . │ │ + documentation: An image file from a managed login branding style in a user pool. │ │ This data type is a request parameter of `API_CreateManagedLoginBranding` and `API_UpdateManagedLoginBranding` , and a response parameter of `API_DescribeManagedLoginBranding` . │ ├[~] resource AWS::Cognito::UserPool │ │ ├ properties │ │ │ ├ AdminCreateUserConfig: (documentation changed) │ │ │ ├ AliasAttributes: (documentation changed) │ │ │ ├ AutoVerifiedAttributes: (documentation changed) │ │ │ ├ MfaConfiguration: (documentation changed) │ │ │ ├ Policies: (documentation changed) │ │ │ ├ SmsConfiguration: (documentation changed) │ │ │ ├ UserPoolAddOns: (documentation changed) │ │ │ └ UserPoolName: (documentation changed) │ │ └ types │ │ ├[~] type AdminCreateUserConfig │ │ │ ├ - documentation: The settings for administrator creation of users in a user pool. Contains settings for allowing user sign-up, customizing invitation messages to new users, and the amount of time before temporary passwords expire. │ │ │ │ This data type is a request and response parameter of [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) and [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) , and a response parameter of [DescribeUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) . │ │ │ │ + documentation: The settings for administrator creation of users in a user pool. Contains settings for allowing user sign-up, customizing invitation messages to new users, and the amount of time before temporary passwords expire. │ │ │ │ This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` . │ │ │ └ properties │ │ │ ├ AllowAdminCreateUserOnly: (documentation changed) │ │ │ └ UnusedAccountValidityDays: (documentation changed) │ │ ├[~] type AdvancedSecurityAdditionalFlows │ │ │ ├ - documentation: Advanced security configuration options for additional authentication types in your user pool, including custom authentication. │ │ │ │ + documentation: Threat protection configuration options for additional authentication types in your user pool, including custom authentication. │ │ │ └ properties │ │ │ └ CustomAuthMode: (documentation changed) │ │ ├[~] type DeviceConfiguration │ │ │ ├ - documentation: The device-remembering configuration for a user pool. A [DescribeUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) request returns a null value for this object when the user pool isn't configured to remember devices. When device remembering is active, you can remember a user's device with a [ConfirmDevice](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmDevice.html) API request. Additionally. when the property `DeviceOnlyRememberedOnUserPrompt` is `true` , you must follow `ConfirmDevice` with an [UpdateDeviceStatus](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateDeviceStatus.html) API request that sets the user's device to `remembered` or `not_remembered` . │ │ │ │ To sign in with a remembered device, include `DEVICE_KEY` in the authentication parameters in your user's [InitiateAuth](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html) request. If your app doesn't include a `DEVICE_KEY` parameter, the [response](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html#API_InitiateAuth_ResponseSyntax) from Amazon Cognito includes newly-generated `DEVICE_KEY` and `DEVICE_GROUP_KEY` values under `NewDeviceMetadata` . Store these values to use in future device-authentication requests. │ │ │ │ > When you provide a value for any property of `DeviceConfiguration` , you activate the device remembering for the user pool. │ │ │ │ > │ │ │ │ > This data type is a request and response parameter of [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) and [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) , and a response parameter of [DescribeUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) . │ │ │ │ + documentation: The device-remembering configuration for a user pool. │ │ │ │ A `API_DescribeUserPool` request returns a null value for this object when the user pool isn't configured to remember devices. When device remembering is active, you can remember a user's device with a `API_ConfirmDevice` API request. Additionally. when the property `DeviceOnlyRememberedOnUserPrompt` is `true` , you must follow `ConfirmDevice` with an `API_UpdateDeviceStatus` API request that sets the user's device to `remembered` or `not_remembered` . │ │ │ │ To sign in with a remembered device, include `DEVICE_KEY` in the authentication parameters in your user's `API_InitiateAuth` request. If your app doesn't include a `DEVICE_KEY` parameter, the `API_InitiateAuth` from Amazon Cognito includes newly-generated `DEVICE_KEY` and `DEVICE_GROUP_KEY` values under `NewDeviceMetadata` . Store these values to use in future device-authentication requests. │ │ │ │ > When you provide a value for any property of `DeviceConfiguration` , you activate the device remembering for the user pool. │ │ │ │ > │ │ │ │ > This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` . │ │ │ └ properties │ │ │ └ DeviceOnlyRememberedOnUserPrompt: (documentation changed) │ │ ├[~] type LambdaConfig │ │ │ └ - documentation: A collection of user pool Lambda triggers. Amazon Cognito invokes triggers at several possible stages of user pool operations. Triggers can modify the outcome of the operations that invoked them. │ │ │ This data type is a request and response parameter of [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) and [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) , and a response parameter of [DescribeUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) . │ │ │ + documentation: A collection of user pool Lambda triggers. Amazon Cognito invokes triggers at several possible stages of user pool operations. Triggers can modify the outcome of the operations that invoked them. │ │ │ This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` . │ │ ├[~] type NumberAttributeConstraints │ │ │ └ - documentation: The minimum and maximum values of an attribute that is of the number type, for example `custom:age` . │ │ │ This data type is part of [SchemaAttributeType](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SchemaAttributeType.html) . It defines the length constraints on number-type attributes that you configure in [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) and [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) , and displays the length constraints of all number-type attributes in the response to [DescribeUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) │ │ │ + documentation: The minimum and maximum values of an attribute that is of the number type, for example `custom:age` . │ │ │ This data type is part of `API_SchemaAttributeType` . It defines the length constraints on number-type attributes that you configure in `API_CreateUserPool` and `API_UpdateUserPool` , and displays the length constraints of all number-type attributes in the response to `API_DescribeUserPool` │ │ ├[~] type PasswordPolicy │ │ │ ├ - documentation: The password policy settings for a user pool, including complexity, history, and length requirements. │ │ │ │ This data type is a request and response parameter of [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) and [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) , and a response parameter of [DescribeUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) . │ │ │ │ + documentation: The password policy settings for a user pool, including complexity, history, and length requirements. │ │ │ │ This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` . │ │ │ └ properties │ │ │ └ PasswordHistorySize: (documentation changed) │ │ ├[~] type Policies │ │ │ ├ - documentation: A list of user pool policies. Contains the policy that sets password-complexity requirements. │ │ │ │ This data type is a request and response parameter of [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) and [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) , and a response parameter of [DescribeUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) . │ │ │ │ + documentation: A list of user pool policies. Contains the policy that sets password-complexity requirements. │ │ │ │ This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` . │ │ │ └ properties │ │ │ └ SignInPolicy: (documentation changed) │ │ ├[~] type PreTokenGenerationConfig │ │ │ └ - documentation: The properties of a pre token generation Lambda trigger. │ │ │ This data type is a request and response parameter of [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) and [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) , and a response parameter of [DescribeUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) . │ │ │ + documentation: The properties of a pre token generation Lambda trigger. │ │ │ This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` . │ │ ├[~] type RecoveryOption │ │ │ └ - documentation: A recovery option for a user. The `AccountRecoverySettingType` data type is an array of this object. Each `RecoveryOptionType` has a priority property that determines whether it is a primary or secondary option. │ │ │ For example, if `verified_email` has a priority of `1` and `verified_phone_number` has a priority of `2` , your user pool sends account-recovery messages to a verified email address but falls back to an SMS message if the user has a verified phone number. The `admin_only` option prevents self-service account recovery. │ │ │ This data type is a request and response parameter of [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) and [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) , and a response parameter of [DescribeUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) . │ │ │ + documentation: A recovery option for a user. The `AccountRecoverySettingType` data type is an array of this object. Each `RecoveryOptionType` has a priority property that determines whether it is a primary or secondary option. │ │ │ For example, if `verified_email` has a priority of `1` and `verified_phone_number` has a priority of `2` , your user pool sends account-recovery messages to a verified email address but falls back to an SMS message if the user has a verified phone number. The `admin_only` option prevents self-service account recovery. │ │ │ This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` . │ │ ├[~] type SchemaAttribute │ │ │ └ - documentation: A list of the user attributes and their properties in your user pool. The attribute schema contains standard attributes, custom attributes with a `custom:` prefix, and developer attributes with a `dev:` prefix. For more information, see [User pool attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html) . │ │ │ Developer-only `dev:` attributes are a legacy feature of user pools, and are read-only to all app clients. You can create and update developer-only attributes only with IAM-authenticated API operations. Use app client read/write permissions instead. │ │ │ This data type is a request and response parameter of [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) and [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) , and a response parameter of [DescribeUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) . │ │ │ + documentation: A list of the user attributes and their properties in your user pool. The attribute schema contains standard attributes, custom attributes with a `custom:` prefix, and developer attributes with a `dev:` prefix. For more information, see [User pool attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html) . │ │ │ Developer-only `dev:` attributes are a legacy feature of user pools, and are read-only to all app clients. You can create and update developer-only attributes only with IAM-authenticated API operations. Use app client read/write permissions instead. │ │ │ This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` . │ │ ├[~] type SignInPolicy │ │ │ └ - documentation: The policy for allowed types of authentication in a user pool. To activate this setting, your user pool must be in the [Essentials tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-essentials.html) or higher. │ │ │ This data type is a request and response parameter of [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) and [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) , and a response parameter of [DescribeUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) . │ │ │ + documentation: The policy for allowed types of authentication in a user pool. To activate this setting, your user pool must be in the [Essentials tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-essentials.html) or higher. │ │ │ This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` . │ │ ├[~] type SmsConfiguration │ │ │ └ - documentation: User pool configuration for delivery of SMS messages with Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the AWS Region that you want, the Amazon Cognito user pool uses an AWS Identity and Access Management (IAM) role in your AWS account . │ │ │ This data type is a request parameter of [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) , [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) , and [SetUserPoolMfaConfig](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserPoolMfaConfig.html) , and a response parameter of [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) , [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) , and [GetUserPoolMfaConfig](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUserPoolMfaConfig.html) . │ │ │ + documentation: User pool configuration for delivery of SMS messages with Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the AWS Region that you want, the Amazon Cognito user pool uses an AWS Identity and Access Management (IAM) role in your AWS account . │ │ │ This data type is a request parameter of `API_CreateUserPool` , `API_UpdateUserPool` , and `API_SetUserPoolMfaConfig` , and a response parameter of `API_CreateUserPool` , `API_UpdateUserPool` , and `API_GetUserPoolMfaConfig` . │ │ ├[~] type StringAttributeConstraints │ │ │ └ - documentation: The minimum and maximum length values of an attribute that is of the string type, for example `custom:department` . │ │ │ This data type is part of [SchemaAttributeType](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SchemaAttributeType.html) . It defines the length constraints on string-type attributes that you configure in [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) and [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) , and displays the length constraints of all string-type attributes in the response to [DescribeUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) │ │ │ + documentation: The minimum and maximum length values of an attribute that is of the string type, for example `custom:department` . │ │ │ This data type is part of `API_SchemaAttributeType` . It defines the length constraints on string-type attributes that you configure in `API_CreateUserPool` and `API_UpdateUserPool` , and displays the length constraints of all string-type attributes in the response to `API_DescribeUserPool` │ │ ├[~] type UserAttributeUpdateSettings │ │ │ └ properties │ │ │ └ AttributesRequireVerificationBeforeUpdate: (documentation changed) │ │ ├[~] type UsernameConfiguration │ │ │ └ - documentation: Case sensitivity of the username input for the selected sign-in option. When case sensitivity is set to `False` (case insensitive), users can sign in with any combination of capital and lowercase letters. For example, `username` , `USERNAME` , or `UserName` , or for email, `email@example.com` or `EMaiL@eXamplE.Com` . For most use cases, set case sensitivity to `False` (case insensitive) as a best practice. When usernames and email addresses are case insensitive, Amazon Cognito treats any variation in case as the same user, and prevents a case variation from being assigned to the same attribute for a different user. │ │ │ This configuration is immutable after you set it. For more information, see [UsernameConfigurationType](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UsernameConfigurationType.html) . │ │ │ + documentation: Case sensitivity of the username input for the selected sign-in option. When case sensitivity is set to `False` (case insensitive), users can sign in with any combination of capital and lowercase letters. For example, `username` , `USERNAME` , or `UserName` , or for email, `email@example.com` or `EMaiL@eXamplE.Com` . For most use cases, set case sensitivity to `False` (case insensitive) as a best practice. When usernames and email addresses are case insensitive, Amazon Cognito treats any variation in case as the same user, and prevents a case variation from being assigned to the same attribute for a different user. │ │ │ This configuration is immutable after you set it. For more information, see `API_UsernameConfigurationType` . │ │ ├[~] type UserPoolAddOns │ │ │ ├ - documentation: User pool add-ons. Contains settings for activation of threat protection. To log user security information but take no action, set to `AUDIT` . To configure automatic security responses to risky traffic to your user pool, set to `ENFORCED` . │ │ │ │ For more information, see [Adding advanced security to a user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html) . To activate this setting, your user pool must be on the [Plus tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-plus.html) . │ │ │ │ This data type is a request and response parameter of [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) and [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) , and a response parameter of [DescribeUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) . │ │ │ │ + documentation: Contains settings for activation of threat protection, including the operating mode and additional authentication types. To log user security information but take no action, set to `AUDIT` . To configure automatic security responses to potentially unwanted traffic to your user pool, set to `ENFORCED` . │ │ │ │ For more information, see [Adding advanced security to a user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html) . To activate this setting, your user pool must be on the [Plus tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-plus.html) . │ │ │ │ This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` . │ │ │ └ properties │ │ │ ├ AdvancedSecurityAdditionalFlows: (documentation changed) │ │ │ └ AdvancedSecurityMode: (documentation changed) │ │ └[~] type VerificationMessageTemplate │ │ └ - documentation: The template for the verification message that your user pool delivers to users who set an email address or phone number attribute. │ │ This data type is a request and response parameter of [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) and [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) , and a response parameter of [DescribeUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) . │ │ + documentation: The template for the verification message that your user pool delivers to users who set an email address or phone number attribute. │ │ This data type is a request and response parameter of `API_CreateUserPool` and `API_UpdateUserPool` , and a response parameter of `API_DescribeUserPool` . │ ├[~] resource AWS::Cognito::UserPoolClient │ │ ├ properties │ │ │ ├ AllowedOAuthFlows: (documentation changed) │ │ │ ├ AllowedOAuthFlowsUserPoolClient: (documentation changed) │ │ │ ├ AllowedOAuthScopes: (documentation changed) │ │ │ ├ CallbackURLs: (documentation changed) │ │ │ ├ EnablePropagateAdditionalUserContextData: (documentation changed) │ │ │ ├ EnableTokenRevocation: (documentation changed) │ │ │ ├ ExplicitAuthFlows: (documentation changed) │ │ │ ├ GenerateSecret: (documentation changed) │ │ │ ├ LogoutURLs: (documentation changed) │ │ │ ├ ReadAttributes: (documentation changed) │ │ │ ├ SupportedIdentityProviders: (documentation changed) │ │ │ └ WriteAttributes: (documentation changed) │ │ └ types │ │ ├[~] type AnalyticsConfiguration │ │ │ └ - documentation: The settings for Amazon Pinpoint analytics configuration. With an analytics configuration, your application can collect user-activity metrics for user notifications with a Amazon Pinpoint campaign. │ │ │ Amazon Pinpoint isn't available in all AWS Regions. For a list of available Regions, see [Amazon Cognito and Amazon Pinpoint Region availability](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-pinpoint-integration.html#cognito-user-pools-find-region-mappings) . │ │ │ This data type is a request parameter of [CreateUserPoolClient](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPoolClient.html) and [UpdateUserPoolClient](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPoolClient.html) , and a response parameter of [DescribeUserPoolClient](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPoolClient.html) . │ │ │ + documentation: The settings for Amazon Pinpoint analytics configuration. With an analytics configuration, your application can collect user-activity metrics for user notifications with a Amazon Pinpoint campaign. │ │ │ Amazon Pinpoint isn't available in all AWS Regions. For a list of available Regions, see [Amazon Cognito and Amazon Pinpoint Region availability](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-pinpoint-integration.html#cognito-user-pools-find-region-mappings) . │ │ │ This data type is a request parameter of `API_CreateUserPoolClient` and `API_UpdateUserPoolClient` , and a response parameter of `API_DescribeUserPoolClient` . │ │ └[~] type TokenValidityUnits │ │ └ - documentation: The time units you use when you set the duration of ID, access, and refresh tokens. The default unit for RefreshToken is days, and the default for ID and access tokens is hours. │ │ + documentation: The units that validity times are represented in. The default unit for refresh tokens is days, and the default for ID and access tokens are hours. │ ├[~] resource AWS::Cognito::UserPoolDomain │ │ ├ properties │ │ │ ├ CustomDomainConfig: (documentation changed) │ │ │ ├ Domain: (documentation changed) │ │ │ └ UserPoolId: (documentation changed) │ │ └ types │ │ └[~] type CustomDomainConfigType │ │ └ - documentation: The configuration for a hosted UI custom domain. │ │ This data type is a request parameter of [CreateUserPoolDomain](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPoolDomain.html) and [UpdateUserPoolDomain](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPoolDomain.html) . │ │ + documentation: The configuration for a hosted UI custom domain. │ │ This data type is a request parameter of `API_CreateUserPoolDomain` and `API_UpdateUserPoolDomain` . │ ├[~] resource AWS::Cognito::UserPoolGroup │ │ └ - documentation: A user pool group. Contains details about the group and the way that it contributes to IAM role decisions with identity pools. Identity pools can make decisions about the IAM role to assign based on groups: users get credentials for the role associated with their highest-priority group. │ │ This data type is a response parameter of [AdminListGroupsForUser](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminListGroupsForUser.html) , [CreateGroup](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateGroup.html) , [GetGroup](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetGroup.html) , [ListGroups](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ListGroups.html) , and [UpdateGroup](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateGroup.html) . │ │ + documentation: A user pool group. Contains details about the group and the way that it contributes to IAM role decisions with identity pools. Identity pools can make decisions about the IAM role to assign based on groups: users get credentials for the role associated with their highest-priority group. │ │ This data type is a response parameter of `API_AdminListGroupsForUser` , `API_CreateGroup` , `API_GetGroup` , `API_ListGroups` , and `API_UpdateGroup` . │ ├[~] resource AWS::Cognito::UserPoolResourceServer │ │ └ types │ │ └[~] type ResourceServerScopeType │ │ └ - documentation: One custom scope associated with a user pool resource server. This data type is a member of `ResourceServerScopeType` . For more information, see [Scopes, M2M, and API authorization with resource servers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-define-resource-servers.html) . │ │ This data type is a request parameter of [CreateResourceServer](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateResourceServer.html) and a response parameter of [DescribeResourceServer](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeResourceServer.html) . │ │ + documentation: One custom scope associated with a user pool resource server. This data type is a member of `ResourceServerScopeType` . For more information, see [Scopes, M2M, and API authorization with resource servers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-define-resource-servers.html) . │ │ This data type is a request parameter of `API_CreateResourceServer` and a response parameter of `API_DescribeResourceServer` . │ ├[~] resource AWS::Cognito::UserPoolRiskConfigurationAttachment │ │ ├ properties │ │ │ ├ AccountTakeoverRiskConfiguration: (documentation changed) │ │ │ └ CompromisedCredentialsRiskConfiguration: (documentation changed) │ │ └ types │ │ ├[~] type AccountTakeoverActionsType │ │ │ ├ - documentation: A list of account-takeover actions for each level of risk that Amazon Cognito might assess with advanced security features. │ │ │ │ This data type is a request parameter of [SetRiskConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetRiskConfiguration.html) and a response parameter of [DescribeRiskConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeRiskConfiguration.html) . │ │ │ │ + documentation: A list of account-takeover actions for each level of risk that Amazon Cognito might assess with threat protection features. │ │ │ │ This data type is a request parameter of `API_SetRiskConfiguration` and a response parameter of `API_DescribeRiskConfiguration` . │ │ │ └ properties │ │ │ ├ HighAction: (documentation changed) │ │ │ ├ LowAction: (documentation changed) │ │ │ └ MediumAction: (documentation changed) │ │ ├[~] type AccountTakeoverActionType │ │ │ └ - documentation: The automated response to a risk level for adaptive authentication in full-function, or `ENFORCED` , mode. You can assign an action to each risk level that advanced security features evaluates. │ │ │ This data type is a request parameter of [SetRiskConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetRiskConfiguration.html) and a response parameter of [DescribeRiskConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeRiskConfiguration.html) . │ │ │ + documentation: The automated response to a risk level for adaptive authentication in full-function, or `ENFORCED` , mode. You can assign an action to each risk level that threat protection evaluates. │ │ │ This data type is a request parameter of `API_SetRiskConfiguration` and a response parameter of `API_DescribeRiskConfiguration` . │ │ ├[~] type AccountTakeoverRiskConfigurationType │ │ │ ├ - documentation: The settings for automated responses and notification templates for adaptive authentication with advanced security features. │ │ │ │ This data type is a request parameter of [SetRiskConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetRiskConfiguration.html) and a response parameter of [DescribeRiskConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeRiskConfiguration.html) . │ │ │ │ + documentation: The settings for automated responses and notification templates for adaptive authentication with threat protection features. │ │ │ │ This data type is a request parameter of `API_SetRiskConfiguration` and a response parameter of `API_DescribeRiskConfiguration` . │ │ │ └ properties │ │ │ ├ Actions: (documentation changed) │ │ │ └ NotifyConfiguration: (documentation changed) │ │ ├[~] type CompromisedCredentialsActionsType │ │ │ └ - documentation: Settings for user pool actions when Amazon Cognito detects compromised credentials with advanced security features in full-function `ENFORCED` mode. │ │ │ This data type is a request parameter of [SetRiskConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetRiskConfiguration.html) and a response parameter of [DescribeRiskConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeRiskConfiguration.html) . │ │ │ + documentation: Settings for user pool actions when Amazon Cognito detects compromised credentials with threat protection in full-function `ENFORCED` mode. │ │ │ This data type is a request parameter of `API_SetRiskConfiguration` and a response parameter of `API_DescribeRiskConfiguration` . │ │ ├[~] type CompromisedCredentialsRiskConfigurationType │ │ │ └ - documentation: Settings for compromised-credentials actions and authentication-event sources with advanced security features in full-function `ENFORCED` mode. │ │ │ This data type is a request parameter of [SetRiskConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetRiskConfiguration.html) and a response parameter of [DescribeRiskConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeRiskConfiguration.html) . │ │ │ + documentation: Settings for compromised-credentials actions and authentication-event sources with threat protection in full-function `ENFORCED` mode. │ │ │ This data type is a request parameter of `API_SetRiskConfiguration` and a response parameter of `API_DescribeRiskConfiguration` . │ │ ├[~] type NotifyConfigurationType │ │ │ └ - documentation: The configuration for Amazon SES email messages that advanced security features sends to a user when your adaptive authentication automated response has a *Notify* action. │ │ │ This data type is a request parameter of [SetRiskConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetRiskConfiguration.html) and a response parameter of [DescribeRiskConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeRiskConfiguration.html) . │ │ │ + documentation: The configuration for Amazon SES email messages that threat protection sends to a user when your adaptive authentication automated response has a *Notify* action. │ │ │ This data type is a request parameter of `API_SetRiskConfiguration` and a response parameter of `API_DescribeRiskConfiguration` . │ │ ├[~] type NotifyEmailType │ │ │ └ - documentation: The template for email messages that advanced security features sends to a user when your threat protection automated response has a *Notify* action. │ │ │ This data type is a request parameter of [SetRiskConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetRiskConfiguration.html) and a response parameter of [DescribeRiskConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeRiskConfiguration.html) . │ │ │ + documentation: The template for email messages that threat protection sends to a user when your threat protection automated response has a *Notify* action. │ │ │ This data type is a request parameter of `API_SetRiskConfiguration` and a response parameter of `API_DescribeRiskConfiguration` . │ │ └[~] type RiskExceptionConfigurationType │ │ └ - documentation: Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges. │ │ This data type is a request parameter of [SetRiskConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetRiskConfiguration.html) and a response parameter of [DescribeRiskConfiguration](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeRiskConfiguration.html) . │ │ + documentation: Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges. │ │ This data type is a request parameter of `API_SetRiskConfiguration` and a response parameter of `API_DescribeRiskConfiguration` . │ ├[~] resource AWS::Cognito::UserPoolUICustomizationAttachment │ │ ├ - documentation: A container for the UI customization information for the hosted UI in a user pool. │ │ │ This data type is a response parameter of [GetUICustomization](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPoolClient.html) . │ │ │ + documentation: A container for the UI customization information for the hosted UI in a user pool. │ │ │ This data type is a response parameter of `API_DescribeUserPoolClient` . │ │ └ properties │ │ ├ CSS: (documentation changed) │ │ └ UserPoolId: (documentation changed) │ └[~] resource AWS::Cognito::UserPoolUser │ ├ properties │ │ ├ UserAttributes: (documentation changed) │ │ └ ValidationData: (documentation changed) │ └ types │ └[~] type AttributeType │ └ - documentation: The name and value of a user attribute. │ This data type is a request parameter of [AdminUpdateUserAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUpdateUserAttributes.html) and [UpdateUserAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserAttributes.html) . │ + documentation: The name and value of a user attribute. │ This data type is a request parameter of `API_AdminUpdateUserAttributes` and `API_UpdateUserAttributes` . ├[~] service aws-customerprofiles │ └ resources │ └[+] resource AWS::CustomerProfiles::EventTrigger │ ├ name: EventTrigger │ │ cloudFormationType: AWS::CustomerProfiles::EventTrigger │ │ documentation: An event trigger resource of Amazon Connect Customer Profiles │ │ tagInformation: {"tagPropertyName":"Tags","variant":"standard"} │ ├ properties │ │ ├ DomainName: string (required, immutable) │ │ ├ EventTriggerName: string (required, immutable) │ │ ├ ObjectTypeName: string (required) │ │ ├ Description: string │ │ ├ EventTriggerConditions: Array (required) │ │ ├ EventTriggerLimits: EventTriggerLimits │ │ ├ SegmentFilter: string │ │ └ Tags: Array │ ├ attributes │ │ ├ CreatedAt: string │ │ └ LastUpdatedAt: string │ └ types │ ├ type EventTriggerCondition │ │ ├ documentation: Specifies the circumstances under which the event should trigger the destination. │ │ │ name: EventTriggerCondition │ │ └ properties │ │ ├ EventTriggerDimensions: Array (required) │ │ └ LogicalOperator: string (required) │ ├ type EventTriggerDimension │ │ ├ documentation: A specific event dimension to be assessed. │ │ │ name: EventTriggerDimension │ │ └ properties │ │ └ ObjectAttributes: Array (required) │ ├ type EventTriggerLimits │ │ ├ documentation: Defines limits controlling whether an event triggers the destination, based on ingestion latency and the number of invocations per profile over specific time periods. │ │ │ name: EventTriggerLimits │ │ └ properties │ │ ├ EventExpiration: integer │ │ └ Periods: Array │ ├ type ObjectAttribute │ │ ├ documentation: The criteria that a specific object attribute must meet to trigger the destination. │ │ │ name: ObjectAttribute │ │ └ properties │ │ ├ Source: string │ │ ├ FieldName: string │ │ ├ ComparisonOperator: string (required) │ │ └ Values: Array (required) │ └ type Period │ ├ documentation: Defines a limit and the time period during which it is enforced. │ │ name: Period │ └ properties │ ├ Unit: string (required) │ ├ Value: integer (required) │ ├ MaxInvocationsPerProfile: integer │ └ Unlimited: boolean ├[~] service aws-docdb │ └ resources │ └[~] resource AWS::DocDB::DBCluster │ └ properties │ ├ ManageMasterUserPassword: (documentation changed) │ ├ MasterUserSecretKmsKeyId: (documentation changed) │ └ RotateMasterUserPassword: (documentation changed) ├[~] service aws-dynamodb │ └ resources │ ├[~] resource AWS::DynamoDB::GlobalTable │ │ └ types │ │ └[~] type PointInTimeRecoverySpecification │ │ └ properties │ │ └[+] RecoveryPeriodInDays: integer │ └[~] resource AWS::DynamoDB::Table │ └ types │ └[~] type PointInTimeRecoverySpecification │ └ properties │ └ RecoveryPeriodInDays: (documentation changed) ├[~] service aws-ec2 │ └ resources │ ├[~] resource AWS::EC2::EC2Fleet │ │ └ types │ │ └[~] type InstanceRequirementsRequest │ │ └ properties │ │ └ AcceleratorTypes: (documentation changed) │ ├[~] resource AWS::EC2::LaunchTemplate │ │ └ types │ │ └[~] type InstanceRequirements │ │ └ properties │ │ └ AcceleratorTypes: (documentation changed) │ └[~] resource AWS::EC2::SpotFleet │ └ types │ └[~] type InstanceRequirementsRequest │ └ properties │ └ AcceleratorTypes: (documentation changed) ├[~] service aws-healthlake │ └ resources │ └[~] resource AWS::HealthLake::FHIRDatastore │ ├ properties │ │ ├ DatastoreName: (documentation changed) │ │ ├ DatastoreTypeVersion: (documentation changed) │ │ ├ IdentityProviderConfiguration: (documentation changed) │ │ ├ PreloadDataConfig: (documentation changed) │ │ └ SseConfiguration: (documentation changed) │ └ types │ ├[~] type IdentityProviderConfiguration │ │ ├ - documentation: The identity provider configuration that you gave when the data store was created. │ │ │ + documentation: The identity provider configuration selected when the data store was created. │ │ └ properties │ │ ├ AuthorizationStrategy: (documentation changed) │ │ ├ FineGrainedAuthorizationEnabled: (documentation changed) │ │ ├ IdpLambdaArn: (documentation changed) │ │ └ Metadata: (documentation changed) │ ├[~] type KmsEncryptionConfig │ │ └ properties │ │ └ KmsKeyId: (documentation changed) │ ├[~] type PreloadDataConfig │ │ └ - documentation: Optional parameter to preload data upon creation of the data store. Currently, the only supported preloaded data is synthetic data generated from Synthea. │ │ + documentation: An optional parameter to preload (import) open source Synthea FHIR data upon creation of the data store. │ └[~] type SseConfiguration │ ├ - documentation: The server-side encryption key configuration for a customer provided encryption key. │ │ + documentation: The server-side encryption key configuration for a customer-provided encryption key. │ └ properties │ └ KmsEncryptionConfig: (documentation changed) ├[-] service aws-iot1click │ ├ capitalized: IoT1Click │ │ cloudFormationNamespace: AWS::IoT1Click │ │ name: aws-iot1click │ │ shortName: iot1click │ └ resources │ ├ resource AWS::IoT1Click::Device │ │ ├ name: Device │ │ │ cloudFormationType: AWS::IoT1Click::Device │ │ │ documentation: > AWS IoT 1-Click was discontinued on Dec 16, 2024. For more information, see [AWS IoT 1-Click](https://docs.aws.amazon.com//iot/latest/developerguide/iot-legacy-services.html) . │ │ │ The `AWS::IoT1Click::Device` resource controls the enabled state of an AWS IoT 1-Click compatible device. For more information, see [Device](https://docs.aws.amazon.com/iot-1-click/1.0/devices-apireference/devices-deviceid.html) in the *AWS IoT 1-Click Devices API Reference* . │ │ ├ properties │ │ │ ├ DeviceId: string (required, immutable) │ │ │ └ Enabled: boolean (required) │ │ └ attributes │ │ ├ DeviceId: string │ │ ├ Enabled: boolean │ │ └ Arn: string │ ├ resource AWS::IoT1Click::Placement │ │ ├ name: Placement │ │ │ cloudFormationType: AWS::IoT1Click::Placement │ │ │ documentation: > AWS IoT 1-Click was discontinued on Dec 16, 2024. For more information, see [AWS IoT 1-Click](https://docs.aws.amazon.com//iot/latest/developerguide/iot-legacy-services.html) . │ │ │ The `AWS::IoT1Click::Placement` resource creates a placement to be associated with an AWS IoT 1-Click project. A placement is an instance of a device in a location. For more information, see [Projects, Templates, and Placements](https://docs.aws.amazon.com/iot-1-click/latest/developerguide/1click-PTP.html) in the *AWS IoT 1-Click Developer Guide* . │ │ ├ properties │ │ │ ├ PlacementName: string (immutable) │ │ │ ├ ProjectName: string (required, immutable) │ │ │ ├ AssociatedDevices: json (immutable) │ │ │ └ Attributes: json │ │ └ attributes │ │ ├ PlacementName: string │ │ ├ ProjectName: string │ │ └ Id: string │ └ resource AWS::IoT1Click::Project │ ├ name: Project │ │ cloudFormationType: AWS::IoT1Click::Project │ │ documentation: > AWS IoT 1-Click was discontinued on Dec 16, 2024. For more information, see [AWS IoT 1-Click](https://docs.aws.amazon.com//iot/latest/developerguide/iot-legacy-services.html) . │ │ The `AWS::IoT1Click::Project` resource creates an empty project with a placement template. A project contains zero or more placements that adhere to the placement template defined in the project. For more information, see [CreateProject](https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_CreateProject.html) in the *AWS IoT 1-Click Projects API Reference* . │ ├ properties │ │ ├ Description: string │ │ ├ PlacementTemplate: PlacementTemplate (required) │ │ └ ProjectName: string (immutable) │ ├ attributes │ │ ├ ProjectName: string │ │ ├ Arn: string │ │ └ Id: string │ └ types │ ├ type DeviceTemplate │ │ ├ name: DeviceTemplate │ │ └ properties │ │ ├ DeviceType: string │ │ └ CallbackOverrides: json │ └ type PlacementTemplate │ ├ documentation: > AWS IoT 1-Click was discontinued on Dec 16, 2024. For more information, see [AWS IoT 1-Click](https://docs.aws.amazon.com//iot/latest/developerguide/iot-legacy-services.html) . │ │ In AWS CloudFormation , use the `PlacementTemplate` property type to define the template for an AWS IoT 1-Click project. │ │ `PlacementTemplate` is a property of the `AWS::IoT1Click::Project` resource. │ │ name: PlacementTemplate │ └ properties │ ├ DeviceTemplates: Map (immutable) │ └ DefaultAttributes: json ├[~] service aws-lex │ └ resources │ └[~] resource AWS::Lex::Bot │ ├ properties │ │ └[+] Replication: Replication │ └ types │ └[+] type Replication │ ├ documentation: Parameter used to create a replication of the source bot in the secondary region. │ │ name: Replication │ └ properties │ └ ReplicaRegions: Array (required) ├[~] service aws-mediaconvert │ └ resources │ └[~] resource AWS::MediaConvert::Queue │ └ properties │ └ ConcurrentJobs: (documentation changed) ├[~] service aws-organizations │ └ resources │ └[~] resource AWS::Organizations::Organization │ └ properties │ └ FeatureSet: (documentation changed) ├[~] service aws-resiliencehub │ └ resources │ └[~] resource AWS::ResilienceHub::App │ └ properties │ └[+] RegulatoryPolicyArn: string ├[~] service aws-rolesanywhere │ └ resources │ └[~] resource AWS::RolesAnywhere::Profile │ └ properties │ └ RequireInstanceProperties: - boolean │ + boolean (immutable) ├[~] service aws-s3 │ └ resources │ └[~] resource AWS::S3::Bucket │ └ types │ └[~] type Transition │ └ properties │ └ TransitionInDays: (documentation changed) ├[~] service aws-ses │ └ resources │ └[~] resource AWS::SES::ConfigurationSet │ └ types │ └[~] type TrackingOptions │ └ properties │ └[+] HttpsPolicy: string ├[~] service aws-ssm │ └ resources │ └[~] resource AWS::SSM::Parameter │ ├ - documentation: The `AWS::SSM::Parameter` resource creates an SSM parameter in AWS Systems Manager Parameter Store. │ │ > To create an SSM parameter, you must have the AWS Identity and Access Management ( IAM ) permissions `ssm:PutParameter` and `ssm:AddTagsToResource` . On stack creation, AWS CloudFormation adds the following three tags to the parameter: `aws:cloudformation:stack-name` , `aws:cloudformation:logical-id` , and `aws:cloudformation:stack-id` , in addition to any custom tags you specify. │ │ > │ │ > To add, update, or remove tags during stack update, you must have IAM permissions for both `ssm:AddTagsToResource` and `ssm:RemoveTagsFromResource` . For more information, see [Managing Access Using Policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/security-iam.html#security_iam_access-manage) in the *AWS Systems Manager User Guide* . │ │ For information about valid values for parameters, see [About requirements and constraints for parameter names](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-su-create.html#sysman-parameter-name-constraints) in the *AWS Systems Manager User Guide* and [PutParameter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PutParameter.html) in the *AWS Systems Manager API Reference* . │ │ + documentation: The `AWS::SSM::Parameter` resource creates an SSM parameter in AWS Systems Manager Parameter Store. │ │ > To create an SSM parameter, you must have the AWS Identity and Access Management ( IAM ) permissions `ssm:PutParameter` and `ssm:AddTagsToResource` . On stack creation, AWS CloudFormation adds the following three tags to the parameter: `aws:cloudformation:stack-name` , `aws:cloudformation:logical-id` , and `aws:cloudformation:stack-id` , in addition to any custom tags you specify. │ │ > │ │ > To add, update, or remove tags during stack update, you must have IAM permissions for both `ssm:AddTagsToResource` and `ssm:RemoveTagsFromResource` . For more information, see [Managing Access Using Policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/security-iam.html#security_iam_access-manage) in the *AWS Systems Manager User Guide* . │ │ For information about valid values for parameters, see [About requirements and constraints for parameter names](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-su-create.html#sysman-parameter-name-constraints) in the *AWS Systems Manager User Guide* and [PutParameter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PutParameter.html) in the *AWS Systems Manager API Reference* . │ │ > Parameters of type `SecureString` are not supported by AWS CloudFormation . │ └ properties │ └ Type: (documentation changed) ├[~] service aws-ssmquicksetup │ └ resources │ └[~] resource AWS::SSMQuickSetup::ConfigurationManager │ └ types │ └[~] type ConfigurationDefinition │ └ properties │ └ Parameters: (documentation changed) └[~] service aws-sso └ resources ├[~] resource AWS::SSO::Application │ └ - documentation: Creates an application in IAM Identity Center for the given application provider. │ + documentation: Creates an OAuth 2.0 customer managed application in IAM Identity Center for the given application provider. │ > This API does not support creating SAML 2.0 customer managed applications or AWS managed applications. To learn how to create an AWS managed application, see the application user guide. You can create a SAML 2.0 customer managed application in the AWS Management Console only. See [Setting up customer managed SAML 2.0 applications](https://docs.aws.amazon.com/singlesignon/latest/userguide/customermanagedapps-saml2-setup.html) . For more information on these application types, see [AWS managed applications](https://docs.aws.amazon.com/singlesignon/latest/userguide/awsapps.html) . └[~] resource AWS::SSO::PermissionSet └ properties └ ManagedPolicies: (documentation changed) ``` --- .../@aws-cdk/cloudformation-diff/package.json | 4 ++-- packages/@aws-cdk/integ-runner/package.json | 2 +- packages/aws-cdk-lib/package.json | 2 +- tools/@aws-cdk/spec2cdk/package.json | 4 ++-- yarn.lock | 18 +++++++++--------- 5 files changed, 15 insertions(+), 15 deletions(-) diff --git a/packages/@aws-cdk/cloudformation-diff/package.json b/packages/@aws-cdk/cloudformation-diff/package.json index 327364c263c3d..004f5acb82316 100644 --- a/packages/@aws-cdk/cloudformation-diff/package.json +++ b/packages/@aws-cdk/cloudformation-diff/package.json @@ -23,8 +23,8 @@ }, "license": "Apache-2.0", "dependencies": { - "@aws-cdk/aws-service-spec": "^0.1.46", - "@aws-cdk/service-spec-types": "^0.0.112", + "@aws-cdk/aws-service-spec": "^0.1.48", + "@aws-cdk/service-spec-types": "^0.0.114", "chalk": "^4", "diff": "^5.2.0", "fast-deep-equal": "^3.1.3", diff --git a/packages/@aws-cdk/integ-runner/package.json b/packages/@aws-cdk/integ-runner/package.json index aad23a3db2ff6..d3167dbfbe20f 100644 --- a/packages/@aws-cdk/integ-runner/package.json +++ b/packages/@aws-cdk/integ-runner/package.json @@ -75,7 +75,7 @@ "@aws-cdk/cloud-assembly-schema": "^39.0.0", "@aws-cdk/cloudformation-diff": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "@aws-cdk/aws-service-spec": "^0.1.46", + "@aws-cdk/aws-service-spec": "^0.1.48", "cdk-assets": "3.0.0-rc.111", "@aws-cdk/cdk-cli-wrapper": "0.0.0", "aws-cdk": "0.0.0", diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index 2e15d6ce6a46a..b096ede4cdda3 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -136,7 +136,7 @@ "mime-types": "^2.1.35" }, "devDependencies": { - "@aws-cdk/aws-service-spec": "^0.1.46", + "@aws-cdk/aws-service-spec": "^0.1.48", "@aws-cdk/cdk-build-tools": "0.0.0", "@aws-cdk/custom-resource-handlers": "0.0.0", "@aws-cdk/pkglint": "0.0.0", diff --git a/tools/@aws-cdk/spec2cdk/package.json b/tools/@aws-cdk/spec2cdk/package.json index 4cf667c672ff0..b15d047b11220 100644 --- a/tools/@aws-cdk/spec2cdk/package.json +++ b/tools/@aws-cdk/spec2cdk/package.json @@ -32,9 +32,9 @@ }, "license": "Apache-2.0", "dependencies": { - "@aws-cdk/aws-service-spec": "^0.1.46", + "@aws-cdk/aws-service-spec": "^0.1.48", "@aws-cdk/service-spec-importers": "^0.0.62", - "@aws-cdk/service-spec-types": "^0.0.112", + "@aws-cdk/service-spec-types": "^0.0.114", "@cdklabs/tskb": "^0.0.3", "@cdklabs/typewriter": "^0.0.3", "camelcase": "^6", diff --git a/yarn.lock b/yarn.lock index 4cd1e21ac76de..bc30463b93516 100644 --- a/yarn.lock +++ b/yarn.lock @@ -63,12 +63,12 @@ resolved "https://registry.npmjs.org/@aws-cdk/asset-node-proxy-agent-v6/-/asset-node-proxy-agent-v6-2.1.0.tgz#6d3c7860354d4856a7e75375f2f0ecab313b4989" integrity sha512-7bY3J8GCVxLupn/kNmpPc5VJz8grx+4RKfnnJiO1LG+uxkZfANZG3RMHhE+qQxxwkyQ9/MfPtTpf748UhR425A== -"@aws-cdk/aws-service-spec@^0.1.46": - version "0.1.46" - resolved "https://registry.npmjs.org/@aws-cdk/aws-service-spec/-/aws-service-spec-0.1.46.tgz#297bf1ca9ef6ffac2aff5f89032ef98403e7ceb4" - integrity sha512-vsy0iDDj+xGI0frba4fIwbX+qL6ZHYeAkJYhl4tYC7SIwlcN1D97BOufHMZja6RisBOFx9TqIA+nHxM4dS/bvg== +"@aws-cdk/aws-service-spec@^0.1.48": + version "0.1.48" + resolved "https://registry.npmjs.org/@aws-cdk/aws-service-spec/-/aws-service-spec-0.1.48.tgz#5c06d7fbefa845e6311e950a2d97224d7212a8b0" + integrity sha512-yROfIpZSfwqQTSfh8rcmhCSK2dPgabT0GKoDNt6JxGmTu2D3NVAp/Fuv59cBlzKeP+XYX4UkxoTNASa6U3jdEQ== dependencies: - "@aws-cdk/service-spec-types" "^0.0.112" + "@aws-cdk/service-spec-types" "^0.0.114" "@cdklabs/tskb" "^0.0.3" "@aws-cdk/cloud-assembly-schema@^39.0.0", "@aws-cdk/cloud-assembly-schema@^39.0.1", "@aws-cdk/cloud-assembly-schema@^39.1.34": @@ -129,10 +129,10 @@ dependencies: "@cdklabs/tskb" "^0.0.3" -"@aws-cdk/service-spec-types@^0.0.112": - version "0.0.112" - resolved "https://registry.npmjs.org/@aws-cdk/service-spec-types/-/service-spec-types-0.0.112.tgz#08b4a30269647b605186e43c35b6c3d01d99b4d9" - integrity sha512-RYRXtAnbck2efXJ8zSSt8ZNyVyFOT8H+6EZX4WTc+YfjwhcLW465vT88z+54iFvBNhRPIPUmszINcNIR/lbreA== +"@aws-cdk/service-spec-types@^0.0.114": + version "0.0.114" + resolved "https://registry.npmjs.org/@aws-cdk/service-spec-types/-/service-spec-types-0.0.114.tgz#d9e9d23344e461d8344827f899331267e1aef6fa" + integrity sha512-0rYS/QNBdqKp7sBq+eSVuqJl9sEkXqjqYpvHCncdWCHGlHoMOnvIV8klwpthgaA7JEir5Mh2e5+bZLE7be3sVQ== dependencies: "@cdklabs/tskb" "^0.0.3"