feat(eks): Support EKS Auto mode in L2 construct #32601
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
the
beginning-contributor
github-actions
bot
added
effort/small
aws-cdk-automation
requested changes
Dec 20, 2024
There was a problem hiding this comment.
The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.
A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #32601 +/- ##
=======================================
Coverage 79.13% 79.13%
=======================================
Files 107 107
Lines 7131 7131
Branches 1319 1319
=======================================
Hits 5643 5643
Misses 1304 1304
Partials 184 184
Flags with carried forward coverage won't be shown. Click here to find out more.
|
Issacwww
changed the title
### Reason for this change In aws#32595 we bumped jsii to 5.7, now let's also bump jsii-rosetta. ### Description of changes Upgrade jsii-rosetta to v5.7 Upgrade other jsii tools to latest version ### Describe any new or updated permissions being added n/a ### Description of how you validated changes Code builds. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue Fixes aws#32304 ### Reason for this change The CLI doesn't respect the proxy configuration (either via command line or via environment variables) to fetch notices. As a result, customers who can only access the internet via a proxy will never see notices. ### Description of changes - Proxy agent construction refactored into a public method, to be reused. - `Settings` has two new keys: `proxy` and `caBundlePath`. - These new settings are passed to the `Notices` class, which internally uses them to make the GET request to the notices URL. - Proxy integ test now also asserts that the notices URL is intercepted by the proxy. ### Description of how you validated changes Proxy integ test, and manual tests with `mitmproxy`. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…n directly anymore (aws#32578) This is a refactor that follows aws#32558. The effort is to ensure that the `configuration` object is not directly used by commands and instead, the relevant information is passed directly to the function. - doctor: no options needed - docs: 1 option needed - context: in addition to a few options, the context command also saves *some* values to `cdk.context.json`. this requires some modifications to the `Context` object to support this. We move away from using the archaic API in `command-api.ts`. This seems to be an old effort to standardize CLI commands that was only used for doctor/docs/context. We have since evolved to use command-specific property bags. Since this is a refactor PR. I aim to change no functionality of the CLI. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Reason for this change Removing dead code in `determineV1BootstrapSource` which could not be called anymore since version always returns v2 these days. ### Description of changes Remove the dead code and conditional. Also slightly changes the contract of `CliToolkit.bootstrap()` to take a `BootstrapSource` as part of options, instead of a the `Bootstrapper`. ### Describe any new or updated permissions being added n/a ### Description of how you validated changes existing tests and integ tests ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec`
**L1 CloudFormation resource definition changes:**
```
├[~] service aws-appconfig
│ └ resources
│ ├[~] resource AWS::AppConfig::ConfigurationProfile
│ │ └ properties
│ │ └[+] DeletionProtectionCheck: string
│ └[~] resource AWS::AppConfig::Environment
│ └ properties
│ └[+] DeletionProtectionCheck: string
├[~] service aws-batch
│ └ resources
│ └[~] resource AWS::Batch::JobDefinition
│ ├ attributes
│ │ └[-] Id: string
│ └ types
│ ├[~] type AuthorizationConfig
│ │ ├ - documentation: The authorization configuration details for the Amazon EFS file system.
│ │ │ + documentation: undefined
│ │ └ properties
│ │ ├ AccessPointId: (documentation changed)
│ │ └ Iam: (documentation changed)
│ ├[~] type ContainerProperties
│ │ └ properties
│ │ └ InstanceType: (documentation changed)
│ ├[~] type EcsTaskProperties
│ │ └ properties
│ │ └ Volumes: - Array<Volume> ⇐ Array<Volumes>
│ │ + Array<Volume>
│ ├[~] type EFSAuthorizationConfig
│ │ ├ - documentation: undefined
│ │ │ + documentation: The authorization configuration details for the Amazon EFS file system.
│ │ └ properties
│ │ ├ AccessPointId: (documentation changed)
│ │ └ Iam: (documentation changed)
│ ├[~] type EfsVolumeConfiguration
│ │ ├ - documentation: This is used when you're using an Amazon Elastic File System file system for job storage. For more information, see [Amazon EFS Volumes](https://docs.aws.amazon.com/batch/latest/userguide/efs-volumes.html) in the *AWS Batch User Guide* .
│ │ │ + documentation: undefined
│ │ └ properties
│ │ ├ AuthorizationConfig: (documentation changed)
│ │ ├ FileSystemId: (documentation changed)
│ │ ├ RootDirectory: (documentation changed)
│ │ ├ TransitEncryption: (documentation changed)
│ │ └ TransitEncryptionPort: (documentation changed)
│ ├[~] type EFSVolumeConfiguration
│ │ ├ - documentation: undefined
│ │ │ + documentation: This is used when you're using an Amazon Elastic File System file system for job storage. For more information, see [Amazon EFS Volumes](https://docs.aws.amazon.com/batch/latest/userguide/efs-volumes.html) in the *AWS Batch User Guide* .
│ │ └ properties
│ │ ├ AuthorizationConfig: (documentation changed)
│ │ ├ FileSystemId: (documentation changed)
│ │ ├ RootDirectory: (documentation changed)
│ │ ├ TransitEncryption: (documentation changed)
│ │ └ TransitEncryptionPort: (documentation changed)
│ ├[~] type EksMetadata
│ │ ├ - documentation: undefined
│ │ │ + documentation: Describes and uniquely identifies Kubernetes resources. For example, the compute environment that a pod runs in or the `jobID` for a job running in the pod. For more information, see [Understanding Kubernetes Objects](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/) in the *Kubernetes documentation* .
│ │ └ properties
│ │ └ Labels: (documentation changed)
│ ├[~] type EksPodProperties
│ │ ├ - documentation: undefined
│ │ │ + documentation: The properties for the pod.
│ │ └ properties
│ │ ├ Containers: (documentation changed)
│ │ ├ DnsPolicy: (documentation changed)
│ │ ├ HostNetwork: (documentation changed)
│ │ ├ ImagePullSecrets: (documentation changed)
│ │ ├ InitContainers: (documentation changed)
│ │ ├ Metadata: (documentation changed)
│ │ ├ ServiceAccountName: (documentation changed)
│ │ ├ ShareProcessNamespace: (documentation changed)
│ │ └ Volumes: (documentation changed)
│ ├[~] type Host
│ │ ├ - documentation: undefined
│ │ │ + documentation: Determine whether your data volume persists on the host container instance and where it's stored. If this parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running.
│ │ └ properties
│ │ └ SourcePath: (documentation changed)
│ ├[~] type JobTimeout
│ │ ├ - documentation: undefined
│ │ │ + documentation: An object that represents a job timeout configuration.
│ │ └ properties
│ │ └ AttemptDurationSeconds: (documentation changed)
│ ├[~] type Metadata
│ │ ├ - documentation: Metadata about the Kubernetes pod. For more information, see [Understanding Kubernetes Objects](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/) in the *Kubernetes documentation* .
│ │ │ + documentation: undefined
│ │ └ properties
│ │ └ Labels: (documentation changed)
│ ├[~] type MountPoint
│ │ ├ - documentation: undefined
│ │ │ + documentation: Details for a Docker volume mount point that's used in a job's container properties. This parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.43/#tag/Container/operation/ContainerCreate) section of the *Docker Remote API* and the `--volume` option to docker run.
│ │ └ properties
│ │ ├ ContainerPath: (documentation changed)
│ │ ├ ReadOnly: (documentation changed)
│ │ └ SourceVolume: (documentation changed)
│ ├[~] type MountPoints
│ │ ├ - documentation: Details for a Docker volume mount point that's used in a job's container properties. This parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.43/#tag/Container/operation/ContainerCreate) section of the *Docker Remote API* and the `--volume` option to docker run.
│ │ │ + documentation: undefined
│ │ └ properties
│ │ ├ ContainerPath: (documentation changed)
│ │ ├ ReadOnly: (documentation changed)
│ │ └ SourceVolume: (documentation changed)
│ ├[~] type NodeRangeProperty
│ │ └ properties
│ │ └ EcsProperties: - MultiNodeEcsProperties ⇐ EcsProperties
│ │ + MultiNodeEcsProperties
│ ├[~] type PodProperties
│ │ ├ - documentation: The properties for the pod.
│ │ │ + documentation: undefined
│ │ └ properties
│ │ ├ Containers: (documentation changed)
│ │ ├ DnsPolicy: (documentation changed)
│ │ ├ HostNetwork: (documentation changed)
│ │ ├[-] ImagePullSecrets: Array<ImagePullSecret>
│ │ ├[-] InitContainers: Array<EksContainer>
│ │ ├ Metadata: (documentation changed)
│ │ ├ ServiceAccountName: (documentation changed)
│ │ ├[-] ShareProcessNamespace: boolean
│ │ └ Volumes: (documentation changed)
│ ├[~] type TaskContainerProperties
│ │ └ properties
│ │ └ MountPoints: - Array<MountPoint> ⇐ Array<MountPoints>
│ │ + Array<MountPoint>
│ ├[~] type Timeout
│ │ ├ - documentation: An object that represents a job timeout configuration.
│ │ │ + documentation: undefined
│ │ └ properties
│ │ └ AttemptDurationSeconds: (documentation changed)
│ ├[~] type Volume
│ │ ├ - documentation: undefined
│ │ │ + documentation: A data volume that's used in a job's container properties.
│ │ └ properties
│ │ ├ EfsVolumeConfiguration: (documentation changed)
│ │ ├ Host: (documentation changed)
│ │ └ Name: (documentation changed)
│ ├[~] type Volumes
│ │ ├ - documentation: A list of volumes that are associated with the job.
│ │ │ + documentation: undefined
│ │ └ properties
│ │ ├ EfsVolumeConfiguration: (documentation changed)
│ │ ├ Host: (documentation changed)
│ │ └ Name: (documentation changed)
│ └[~] type VolumesHost
│ ├ - documentation: Determine whether your data volume persists on the host container instance and where it's stored. If this parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running.
│ │ + documentation: undefined
│ └ properties
│ └ SourcePath: (documentation changed)
├[~] service aws-cassandra
│ └ resources
│ ├[~] resource AWS::Cassandra::Keyspace
│ │ └ properties
│ │ └[+] ClientSideTimestampsEnabled: boolean
│ └[+] resource AWS::Cassandra::Type
│ ├ name: Type
│ │ cloudFormationType: AWS::Cassandra::Type
│ │ documentation: The `CreateType` operation creates a new user-defined type in the specified keyspace.
│ │ To configure the required permissions, see [Permissions to create a UDT](https://docs.aws.amazon.com/keyspaces/latest/devguide/configure-udt-permissions.html#udt-permissions-create) in the *Amazon Keyspaces Developer Guide* .
│ │ For more information, see [User-defined types (UDTs)](https://docs.aws.amazon.com/keyspaces/latest/devguide/udts.html) in the *Amazon Keyspaces Developer Guide* .
│ ├ properties
│ │ ├KeyspaceName: string (required, immutable)
│ │ ├TypeName: string (required, immutable)
│ │ └Fields: Array<Field> (required, immutable)
│ ├ attributes
│ │ ├DirectReferringTables: Array<string>
│ │ ├DirectParentTypes: Array<string>
│ │ ├MaxNestingDepth: integer
│ │ ├LastModifiedTimestamp: number
│ │ └KeyspaceArn: string
│ └ types
│ └type Field
│ ├ name: Field
│ └ properties
│ ├FieldName: string (required)
│ └FieldType: string (required)
├[~] service aws-cleanrooms
│ └ resources
│ ├[~] resource AWS::CleanRooms::IdMappingTable
│ │ └ attributes
│ │ ├ CollaborationIdentifier: (documentation changed)
│ │ └ IdMappingTableIdentifier: (documentation changed)
│ ├[~] resource AWS::CleanRooms::IdNamespaceAssociation
│ │ └ attributes
│ │ ├ CollaborationIdentifier: (documentation changed)
│ │ └ IdNamespaceAssociationIdentifier: (documentation changed)
│ └[~] resource AWS::CleanRooms::PrivacyBudgetTemplate
│ └ properties
│ └ Tags: (documentation changed)
├[~] service aws-cloudformation
│ └ resources
│ └[~] resource AWS::CloudFormation::StackSet
│ └ types
│ └[~] type DeploymentTargets
│ └ properties
│ ├ Accounts: (documentation changed)
│ ├ AccountsUrl: (documentation changed)
│ └ OrganizationalUnitIds: (documentation changed)
├[~] service aws-cloudfront
│ └ resources
│ └[~] resource AWS::CloudFront::Distribution
│ └ types
│ ├[~] type CacheBehavior
│ │ └ properties
│ │ └ GrpcConfig: (documentation changed)
│ ├[~] type DefaultCacheBehavior
│ │ └ properties
│ │ └ GrpcConfig: (documentation changed)
│ ├[~] type DistributionConfig
│ │ └ properties
│ │ └ DefaultRootObject: (documentation changed)
│ ├[~] type GrpcConfig
│ │ ├ - documentation: undefined
│ │ │ + documentation: Amazon CloudFront supports gRPC, an open-source remote procedure call (RPC) framework built on HTTP/2. gRPC offers bi-directional streaming and binary protocol that buffers payloads, making it suitable for applications that require low latency communications.
│ │ │ To enable your distribution to handle gRPC requests, you must include HTTP/2 as one of the supported `HTTP` versions and allow `HTTP` methods, including `POST` .
│ │ │ For more information, see [Using gRPC with CloudFront distributions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-using-grpc.html) in the *Amazon CloudFront Developer Guide* .
│ │ └ properties
│ │ └ Enabled: (documentation changed)
│ └[~] type OriginGroup
│ └ properties
│ └ SelectionCriteria: (documentation changed)
├[~] service aws-cognito
│ └ resources
│ ├[~] resource AWS::Cognito::LogDeliveryConfiguration
│ │ └ types
│ │ └[~] type LogConfiguration
│ │ └ properties
│ │ ├ EventSource: (documentation changed)
│ │ └ LogLevel: (documentation changed)
│ ├[~] resource AWS::Cognito::UserPool
│ │ ├ properties
│ │ │ └ UserPoolAddOns: (documentation changed)
│ │ └ types
│ │ ├[~] type PasswordPolicy
│ │ │ └ properties
│ │ │ └ PasswordHistorySize: (documentation changed)
│ │ ├[~] type Policies
│ │ │ └ properties
│ │ │ └ SignInPolicy: (documentation changed)
│ │ ├[~] type SignInPolicy
│ │ │ └ - documentation: The policy for allowed types of authentication in a user pool.
│ │ │ This data type is a request and response parameter of [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) and [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) , and a response parameter of [DescribeUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) .
│ │ │ + documentation: The policy for allowed types of authentication in a user pool. To activate this setting, your user pool must be in the [Essentials tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-essentials.html) or higher.
│ │ │ This data type is a request and response parameter of [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) and [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) , and a response parameter of [DescribeUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) .
│ │ └[~] type UserPoolAddOns
│ │ └ - documentation: User pool add-ons. Contains settings for activation of advanced security features. To log user security information but take no action, set to `AUDIT` . To configure automatic security responses to risky traffic to your user pool, set to `ENFORCED` .
│ │ For more information, see [Adding advanced security to a user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html) .
│ │ This data type is a request and response parameter of [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) and [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) , and a response parameter of [DescribeUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) .
│ │ + documentation: User pool add-ons. Contains settings for activation of threat protection. To log user security information but take no action, set to `AUDIT` . To configure automatic security responses to risky traffic to your user pool, set to `ENFORCED` .
│ │ For more information, see [Adding advanced security to a user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html) . To activate this setting, your user pool must be on the [Plus tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-plus.html) .
│ │ This data type is a request and response parameter of [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) and [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) , and a response parameter of [DescribeUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) .
│ ├[~] resource AWS::Cognito::UserPoolClient
│ │ └ properties
│ │ └ ExplicitAuthFlows: (documentation changed)
│ └[~] resource AWS::Cognito::UserPoolUser
│ └ properties
│ └ ClientMetadata: (documentation changed)
├[~] service aws-connect
│ └ resources
│ ├[~] resource AWS::Connect::EmailAddress
│ │ └ properties
│ │ └ Tags: (documentation changed)
│ └[~] resource AWS::Connect::HoursOfOperation
│ └ types
│ ├[~] type HoursOfOperationOverride
│ │ ├ - documentation: Overrides attached to the hours of operation.
│ │ │ + documentation: Information about the hours of operations override.
│ │ └ properties
│ │ └ HoursOfOperationOverrideId: (documentation changed)
│ ├[~] type HoursOfOperationOverrideConfig
│ │ ├ - documentation: Contains information about the hours of operation override.
│ │ │ + documentation: Information about the hours of operation override config: day, start time, and end time.
│ │ └ properties
│ │ ├ EndTime: (documentation changed)
│ │ └ StartTime: (documentation changed)
│ └[~] type OverrideTimeSlice
│ └ - documentation: The start time or end time for an an hours of operation override.
│ + documentation: The start time or end time for an hours of operation override.
├[~] service aws-connectcampaignsv2
│ └ resources
│ └[~] resource AWS::ConnectCampaignsV2::Campaign
│ └ types
│ ├[~] type EventTrigger
│ │ ├ - documentation: The event trigger of the campaign
│ │ │ + documentation: The event trigger of the campaign.
│ │ └ properties
│ │ └ CustomerProfilesDomainArn: (documentation changed)
│ └[~] type Source
│ └ properties
│ └ EventTrigger: (documentation changed)
├[~] service aws-databrew
│ └ resources
│ └[~] resource AWS::DataBrew::Dataset
│ ├ properties
│ │ └[+] Source: string
│ └ types
│ └[~] type S3Location
│ └ properties
│ └[+] BucketOwner: string
├[~] service aws-datazone
│ └ resources
│ └[~] resource AWS::DataZone::SubscriptionTarget
│ └ properties
│ └ ManageAccessRole: - string (required)
│ + string
├[~] service aws-dlm
│ └ resources
│ └[~] resource AWS::DLM::LifecyclePolicy
│ └ types
│ ├[~] type CreateRule
│ │ └ properties
│ │ └ Location: (documentation changed)
│ ├[~] type PolicyDetails
│ │ └ properties
│ │ └ ResourceLocations: (documentation changed)
│ └[~] type Schedule
│ └ properties
│ └ CrossRegionCopyRules: (documentation changed)
├[~] service aws-ec2
│ └ resources
│ ├[~] resource AWS::EC2::EC2Fleet
│ │ └ types
│ │ ├[+] type BaselinePerformanceFactorsRequest
│ │ │ ├ name: BaselinePerformanceFactorsRequest
│ │ │ └ properties
│ │ │ └Cpu: CpuPerformanceFactorRequest
│ │ ├[+] type CpuPerformanceFactorRequest
│ │ │ ├ name: CpuPerformanceFactorRequest
│ │ │ └ properties
│ │ │ └References: Array<PerformanceFactorReferenceRequest>
│ │ ├[~] type InstanceRequirementsRequest
│ │ │ └ properties
│ │ │ └[+] BaselinePerformanceFactors: BaselinePerformanceFactorsRequest
│ │ └[+] type PerformanceFactorReferenceRequest
│ │ ├ name: PerformanceFactorReferenceRequest
│ │ └ properties
│ │ └InstanceFamily: string
│ ├[~] resource AWS::EC2::LaunchTemplate
│ │ └ types
│ │ ├[+] type BaselinePerformanceFactors
│ │ │ ├ documentation: The baseline performance to consider, using an instance family as a baseline reference. The instance family establishes the lowest acceptable level of performance. Amazon EC2 uses this baseline to guide instance type selection, but there is no guarantee that the selected instance types will always exceed the baseline for every application.
│ │ │ │ Currently, this parameter only supports CPU performance as a baseline performance factor. For example, specifying `c6i` would use the CPU performance of the `c6i` family as the baseline reference.
│ │ │ │ name: BaselinePerformanceFactors
│ │ │ └ properties
│ │ │ └Cpu: Cpu
│ │ ├[+] type ConnectionTrackingSpecification
│ │ │ ├ documentation: A security group connection tracking specification that enables you to set the idle timeout for connection tracking on an Elastic network interface. For more information, see [Connection tracking timeouts](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) in the *Amazon EC2 User Guide* .
│ │ │ │ name: ConnectionTrackingSpecification
│ │ │ └ properties
│ │ │ ├UdpTimeout: integer
│ │ │ ├TcpEstablishedTimeout: integer
│ │ │ └UdpStreamTimeout: integer
│ │ ├[+] type Cpu
│ │ │ ├ documentation: Specifies the CPU performance to consider when using an instance family as the baseline reference.
│ │ │ │ name: Cpu
│ │ │ └ properties
│ │ │ └References: Array<Reference>
│ │ ├[+] type EnaSrdSpecification
│ │ │ ├ documentation: ENA Express uses AWS Scalable Reliable Datagram (SRD) technology to increase the maximum bandwidth used per stream and minimize tail latency of network traffic between EC2 instances. With ENA Express, you can communicate between two EC2 instances in the same subnet within the same account, or in different accounts. Both sending and receiving instances must have ENA Express enabled.
│ │ │ │ To improve the reliability of network packet delivery, ENA Express reorders network packets on the receiving end by default. However, some UDP-based applications are designed to handle network packets that are out of order to reduce the overhead for packet delivery at the network layer. When ENA Express is enabled, you can specify whether UDP network traffic uses it.
│ │ │ │ name: EnaSrdSpecification
│ │ │ └ properties
│ │ │ ├EnaSrdEnabled: boolean
│ │ │ └EnaSrdUdpSpecification: EnaSrdUdpSpecification
│ │ ├[+] type EnaSrdUdpSpecification
│ │ │ ├ documentation: ENA Express is compatible with both TCP and UDP transport protocols. When it's enabled, TCP traffic automatically uses it. However, some UDP-based applications are designed to handle network packets that are out of order, without a need for retransmission, such as live video broadcasting or other near-real-time applications. For UDP traffic, you can specify whether to use ENA Express, based on your application environment needs.
│ │ │ │ name: EnaSrdUdpSpecification
│ │ │ └ properties
│ │ │ └EnaSrdUdpEnabled: boolean
│ │ ├[~] type InstanceRequirements
│ │ │ └ properties
│ │ │ ├[+] BaselinePerformanceFactors: BaselinePerformanceFactors
│ │ │ └[+] MaxSpotPriceAsPercentageOfOptimalOnDemandPrice: integer
│ │ ├[~] type NetworkInterface
│ │ │ └ properties
│ │ │ ├[+] ConnectionTrackingSpecification: ConnectionTrackingSpecification
│ │ │ └[+] EnaSrdSpecification: EnaSrdSpecification
│ │ └[+] type Reference
│ │ ├ documentation: Specifies an instance family to use as the baseline reference for CPU performance.
│ │ │ name: Reference
│ │ └ properties
│ │ └InstanceFamily: string
│ ├[~] resource AWS::EC2::SpotFleet
│ │ └ types
│ │ ├[+] type BaselinePerformanceFactorsRequest
│ │ │ ├ name: BaselinePerformanceFactorsRequest
│ │ │ └ properties
│ │ │ └Cpu: CpuPerformanceFactorRequest
│ │ ├[+] type CpuPerformanceFactorRequest
│ │ │ ├ name: CpuPerformanceFactorRequest
│ │ │ └ properties
│ │ │ └References: Array<PerformanceFactorReferenceRequest>
│ │ ├[~] type InstanceRequirementsRequest
│ │ │ └ properties
│ │ │ └[+] BaselinePerformanceFactors: BaselinePerformanceFactorsRequest
│ │ └[+] type PerformanceFactorReferenceRequest
│ │ ├ name: PerformanceFactorReferenceRequest
│ │ └ properties
│ │ └InstanceFamily: string
│ └[~] resource AWS::EC2::VPCEndpoint
│ ├ - tagInformation: undefined
│ │ + tagInformation: {"tagPropertyName":"Tags","variant":"standard"}
│ ├ properties
│ │ ├[+] DnsOptions: DnsOptionsSpecification
│ │ ├[+] IpAddressType: string
│ │ ├[+] ResourceConfigurationArn: string (immutable)
│ │ ├ ServiceName: - string (required, immutable)
│ │ │ + string (immutable)
│ │ ├[+] ServiceNetworkArn: string (immutable)
│ │ └[+] Tags: Array<tag>
│ └ types
│ └[+] type DnsOptionsSpecification
│ ├ name: DnsOptionsSpecification
│ └ properties
│ ├PrivateDnsOnlyForInboundResolverEndpoint: string
│ └DnsRecordIpType: string
├[~] service aws-efs
│ └ resources
│ └[~] resource AWS::EFS::FileSystem
│ └ types
│ └[~] type ReplicationDestination
│ └ properties
│ ├ RoleArn: (documentation changed)
│ ├ Status: (documentation changed)
│ └ StatusMessage: (documentation changed)
├[~] service aws-eks
│ └ resources
│ └[~] resource AWS::EKS::Nodegroup
│ ├ properties
│ │ └ NodeRepairConfig: (documentation changed)
│ └ types
│ └[~] type NodeRepairConfig
│ ├ - documentation: The node auto repair configuration for node group.
│ │ + documentation: The node auto repair configuration for the node group.
│ └ properties
│ └ Enabled: (documentation changed)
├[~] service aws-elasticloadbalancingv2
│ └ resources
│ └[~] resource AWS::ElasticLoadBalancingV2::TargetGroup
│ └ types
│ └[~] type TargetGroupAttribute
│ └ properties
│ └ Key: (documentation changed)
├[~] service aws-fis
│ └ resources
│ └[~] resource AWS::FIS::ExperimentTemplate
│ └ types
│ └[~] type ExperimentTemplateExperimentReportConfiguration
│ └ properties
│ └ DataSources: - DataSources (required)
│ + DataSources
├[~] service aws-logs
│ └ resources
│ ├[~] resource AWS::Logs::Delivery
│ │ ├ - documentation: This structure contains information about one *delivery* in your account.
│ │ │ A delivery is a connection between a logical *delivery source* and a logical *delivery destination* .
│ │ │ For more information, see [CreateDelivery](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateDelivery.html) .
│ │ │ To update an existing delivery configuration, use [UpdateDeliveryConfiguration](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UpdateDeliveryConfiguration.html) .
│ │ │ + documentation: Use this to create or update one *delivery* in your account.
│ │ │ A delivery is a connection between a logical *delivery source* and a logical *delivery destination* .
│ │ │ For more information, see [CreateDelivery](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateDelivery.html) .
│ │ ├ properties
│ │ │ ├ RecordFields: (documentation changed)
│ │ │ ├ S3EnableHiveCompatiblePath: (documentation changed)
│ │ │ ├ S3SuffixPath: (documentation changed)
│ │ │ └ Tags: (documentation changed)
│ │ └ attributes
│ │ └ DeliveryDestinationType: (documentation changed)
│ ├[~] resource AWS::Logs::DeliveryDestination
│ │ ├ - documentation: This structure contains information about one *delivery destination* in your account. A delivery destination is an AWS resource that represents an AWS service that logs can be sent to. CloudWatch Logs, Amazon S3, are supported as Firehose delivery destinations.
│ │ │ To configure logs delivery between a supported AWS service and a destination, you must do the following:
│ │ │ - Create a delivery source, which is a logical object that represents the resource that is actually sending the logs. For more information, see [PutDeliverySource](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliverySource.html) .
│ │ │ - Create a *delivery destination* , which is a logical object that represents the actual delivery destination.
│ │ │ - If you are delivering logs cross-account, you must use [PutDeliveryDestinationPolicy](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestinationPolicy.html) in the destination account to assign an IAM policy to the destination. This policy allows delivery to that destination.
│ │ │ - Create a *delivery* by pairing exactly one delivery source and one delivery destination. For more information, see [CreateDelivery](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateDelivery.html) .
│ │ │ You can configure a single delivery source to send logs to multiple destinations by creating multiple deliveries. You can also create multiple deliveries to configure multiple delivery sources to send logs to the same delivery destination.
│ │ │ + documentation: Cretes or updates one *delivery destination* in your account. A delivery destination is an AWS resource that represents an AWS service that logs can be sent to. CloudWatch Logs , Amazon S3 , or Firehose are supported as delivery destinations.
│ │ │ To configure logs delivery between a supported AWS service and a destination, you must do the following:
│ │ │ - Create a delivery source, which is a logical object that represents the resource that is actually sending the logs. For more information, see [AWS::Logs::DeliverySource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-deliverysource.html) and [PutDeliverySource](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliverySource.html) .
│ │ │ - Create a *delivery destination* , which is a logical object that represents the actual delivery destination.
│ │ │ - Create a *delivery* by pairing exactly one delivery source and one delivery destination. For more information, see [AWS::Logs::Delivery](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-delivery.html) or [CreateDelivery](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateDelivery.html) .
│ │ │ You can configure a single delivery source to send logs to multiple destinations by creating multiple deliveries. You can also create multiple deliveries to configure multiple delivery sources to send logs to the same delivery destination.
│ │ ├ properties
│ │ │ ├ DeliveryDestinationPolicy: (documentation changed)
│ │ │ ├ DestinationResourceArn: (documentation changed)
│ │ │ └ Tags: (documentation changed)
│ │ └ attributes
│ │ └ DeliveryDestinationType: (documentation changed)
│ ├[~] resource AWS::Logs::DeliverySource
│ │ └ - documentation: This structure contains information about one *delivery source* in your account. A delivery source is an AWS resource that sends logs to an AWS destination. The destination can be CloudWatch Logs, Amazon S3, or Firehose.
│ │ Only some AWS services support being configured as a delivery source. These services are listed as *Supported [V2 Permissions]* in the table at [Enabling logging from AWS services.](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html)
│ │ To configure logs delivery between a supported AWS service and a destination, you must do the following:
│ │ - Create a delivery source, which is a logical object that represents the resource that is actually sending the logs. For more information, see [PutDeliverySource](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliverySource.html) .
│ │ - Create a *delivery destination* , which is a logical object that represents the actual delivery destination. For more information, see [PutDeliveryDestination](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestination.html) .
│ │ - If you are delivering logs cross-account, you must use [PutDeliveryDestinationPolicy](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestinationPolicy.html) in the destination account to assign an IAM policy to the destination. This policy allows delivery to that destination.
│ │ - Create a *delivery* by pairing exactly one delivery source and one delivery destination. For more information, see [CreateDelivery](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateDelivery.html) .
│ │ You can configure a single delivery source to send logs to multiple destinations by creating multiple deliveries. You can also create multiple deliveries to configure multiple delivery sources to send logs to the same delivery destination.
│ │ + documentation: Creates or updates one *delivery source* in your account. A delivery source is an AWS resource that sends logs to an AWS destination. The destination can be CloudWatch Logs , Amazon S3 , or Firehose .
│ │ Only some AWS services support being configured as a delivery source. These services are listed as *Supported [V2 Permissions]* in the table at [Enabling logging from AWS services.](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html)
│ │ To configure logs delivery between a supported AWS service and a destination, you must do the following:
│ │ - Create a delivery source, which is a logical object that represents the resource that is actually sending the logs.
│ │ - Create a *delivery destination* , which is a logical object that represents the actual delivery destination. For more information, see [AWS::Logs::DeliveryDestination](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-deliverydestination.html) or [PutDeliveryDestination](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestination.html) .
│ │ - Create a *delivery* by pairing exactly one delivery source and one delivery destination. For more information, see [AWS::Logs::Delivery](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-delivery.html) or [CreateDelivery](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateDelivery.html) .
│ │ You can configure a single delivery source to send logs to multiple destinations by creating multiple deliveries. You can also create multiple deliveries to configure multiple delivery sources to send logs to the same delivery destination.
│ └[~] resource AWS::Logs::Integration
│ ├ attributes
│ │ └ IntegrationStatus: (documentation changed)
│ └ types
│ └[~] type OpenSearchResourceConfig
│ └ properties
│ ├ DashboardViewerPrincipals: (documentation changed)
│ └ DataSourceRoleArn: (documentation changed)
├[+] service aws-pcs
│ ├ capitalized: PCS
│ │ cloudFormationNamespace: AWS::PCS
│ │ name: aws-pcs
│ │ shortName: pcs
│ └ resources
│ ├resource AWS::PCS::ComputeNodeGroup
│ │├ name: ComputeNodeGroup
│ ││ cloudFormationType: AWS::PCS::ComputeNodeGroup
│ ││ documentation: AWS::PCS::ComputeNodeGroup resource creates an AWS PCS compute node group.
│ ││ tagInformation: {"tagPropertyName":"Tags","variant":"map"}
│ │├ properties
│ ││ ├AmiId: string
│ ││ ├ClusterId: string (required, immutable)
│ ││ ├CustomLaunchTemplate: CustomLaunchTemplate (required)
│ ││ ├IamInstanceProfileArn: string (required)
│ ││ ├InstanceConfigs: Array<InstanceConfig> (required, immutable)
│ ││ ├Name: string (immutable)
│ ││ ├PurchaseOption: string
│ ││ ├ScalingConfiguration: ScalingConfiguration (required)
│ ││ ├SlurmConfiguration: SlurmConfiguration
│ ││ ├SpotOptions: SpotOptions
│ ││ ├SubnetIds: Array<string> (required)
│ ││ └Tags: Map<string, string>
│ │├ attributes
│ ││ ├Arn: string
│ ││ ├ErrorInfo: Array<ErrorInfo>
│ ││ ├Id: string
│ ││ └Status: string
│ │└ types
│ │ ├type CustomLaunchTemplate
│ │ │├ documentation: An Amazon EC2 launch template AWS PCS uses to launch compute nodes.
│ │ ││ name: CustomLaunchTemplate
│ │ │└ properties
│ │ │ ├Id: string (required)
│ │ │ └Version: string (required)
│ │ ├type ErrorInfo
│ │ │├ documentation: An error that occurred during resource provisioning.
│ │ ││ name: ErrorInfo
│ │ │└ properties
│ │ │ ├Code: string
│ │ │ └Message: string
│ │ ├type InstanceConfig
│ │ │├ documentation: An EC2 instance configuration AWS PCS uses to launch compute nodes.
│ │ ││ name: InstanceConfig
│ │ │└ properties
│ │ │ └InstanceType: string
│ │ ├type ScalingConfiguration
│ │ │├ documentation: Specifies the boundaries of the compute node group auto scaling.
│ │ ││ name: ScalingConfiguration
│ │ │└ properties
│ │ │ ├MaxInstanceCount: integer (required)
│ │ │ └MinInstanceCount: integer (required)
│ │ ├type SlurmConfiguration
│ │ │├ documentation: Additional options related to the Slurm scheduler.
│ │ ││ name: SlurmConfiguration
│ │ │└ properties
│ │ │ └SlurmCustomSettings: Array<SlurmCustomSetting>
│ │ ├type SlurmCustomSetting
│ │ │├ documentation: Additional settings that directly map to Slurm settings.
│ │ ││ name: SlurmCustomSetting
│ │ │└ properties
│ │ │ ├ParameterName: string (required)
│ │ │ └ParameterValue: string (required)
│ │ └type SpotOptions
│ │ ├ documentation: Additional configuration when you specify SPOT as the purchase option.
│ │ │ name: SpotOptions
│ │ └ properties
│ │ └AllocationStrategy: string
│ ├resource AWS::PCS::Queue
│ │├ name: Queue
│ ││ cloudFormationType: AWS::PCS::Queue
│ ││ documentation: AWS::PCS::Queue resource creates an AWS PCS queue.
│ ││ tagInformation: {"tagPropertyName":"Tags","variant":"map"}
│ │├ properties
│ ││ ├ClusterId: string (required, immutable)
│ ││ ├ComputeNodeGroupConfigurations: Array<ComputeNodeGroupConfiguration>
│ ││ ├Name: string (immutable)
│ ││ └Tags: Map<string, string>
│ │├ attributes
│ ││ ├Arn: string
│ ││ ├ErrorInfo: Array<ErrorInfo>
│ ││ ├Id: string
│ ││ └Status: string
│ │└ types
│ │ ├type ComputeNodeGroupConfiguration
│ │ │├ documentation: The compute node group configuration for a queue.
│ │ ││ name: ComputeNodeGroupConfiguration
│ │ │└ properties
│ │ │ └ComputeNodeGroupId: string
│ │ └type ErrorInfo
│ │ ├ documentation: An error that occurred during resource provisioning.
│ │ │ name: ErrorInfo
│ │ └ properties
│ │ ├Code: string
│ │ └Message: string
│ └resource AWS::PCS::Cluster
│ ├ name: Cluster
│ │ cloudFormationType: AWS::PCS::Cluster
│ │ documentation: AWS::PCS::Cluster resource creates an AWS PCS cluster.
│ │ tagInformation: {"tagPropertyName":"Tags","variant":"map"}
│ ├ properties
│ │ ├Name: string (immutable)
│ │ ├Networking: Networking (required, immutable)
│ │ ├Scheduler: Scheduler (required, immutable)
│ │ ├Size: string (required, immutable)
│ │ ├SlurmConfiguration: SlurmConfiguration (immutable)
│ │ └Tags: Map<string, string>
│ ├ attributes
│ │ ├Arn: string
│ │ ├Endpoints: Array<Endpoint>
│ │ ├ErrorInfo: Array<ErrorInfo>
│ │ ├Id: string
│ │ └Status: string
│ └ types
│ ├type Endpoint
│ │├ documentation: An endpoint available for interaction with the scheduler.
│ ││ name: Endpoint
│ │└ properties
│ │ ├Port: string (required)
│ │ ├PrivateIpAddress: string (required)
│ │ ├Type: string (required)
│ │ └PublicIpAddress: string
│ ├type ErrorInfo
│ │├ documentation: An error that occurred during resource provisioning.
│ ││ name: ErrorInfo
│ │└ properties
│ │ ├Code: string
│ │ └Message: string
│ ├type Networking
│ │├ documentation: The networking configuration for the cluster's control plane.
│ ││ name: Networking
│ │└ properties
│ │ ├SecurityGroupIds: Array<string>
│ │ └SubnetIds: Array<string>
│ ├type Scheduler
│ │├ documentation: The cluster management and job scheduling software associated with the cluster.
│ ││ name: Scheduler
│ │└ properties
│ │ ├Type: string (required)
│ │ └Version: string (required)
│ ├type SlurmConfiguration
│ │├ documentation: Additional options related to the Slurm scheduler.
│ ││ name: SlurmConfiguration
│ │└ properties
│ │ ├AuthKey: AuthKey
│ │ ├ScaleDownIdleTimeInSeconds: integer
│ │ └SlurmCustomSettings: Array<SlurmCustomSetting>
│ ├type AuthKey
│ │├ documentation: The shared Slurm key for authentication, also known as the cluster secret.
│ ││ name: AuthKey
│ │└ properties
│ │ ├SecretArn: string (required)
│ │ └SecretVersion: string (required)
│ └type SlurmCustomSetting
│ ├ documentation: Additional settings that directly map to Slurm settings.
│ │ name: SlurmCustomSetting
│ └ properties
│ ├ParameterName: string (required)
│ └ParameterValue: string (required)
├[~] service aws-qbusiness
│ └ resources
│ ├[~] resource AWS::QBusiness::DataAccessor
│ │ ├ properties
│ │ │ ├ ActionConfigurations: (documentation changed)
│ │ │ ├ ApplicationId: (documentation changed)
│ │ │ └ Tags: (documentation changed)
│ │ └ types
│ │ └[~] type ActionFilterConfiguration
│ │ └ properties
│ │ └ DocumentAttributeFilter: (documentation changed)
│ └[~] resource AWS::QBusiness::Permission
│ ├ - documentation: Definition of AWS::QBusiness::Permission Resource Type
│ │ + documentation: Adds or updates a permission policy for a Amazon Q Business application, allowing cross-account access for an ISV. This operation creates a new policy statement for the specified Amazon Q Business application. The policy statement defines the IAM actions that the ISV is allowed to perform on the Amazon Q Business application's resources.
│ └ properties
│ ├ Actions: (documentation changed)
│ ├ ApplicationId: (documentation changed)
│ └ StatementId: (documentation changed)
├[~] service aws-quicksight
│ └ resources
│ ├[~] resource AWS::QuickSight::Analysis
│ │ └ types
│ │ ├[+] type GeospatialCategoricalColor
│ │ │ ├ name: GeospatialCategoricalColor
│ │ │ └ properties
│ │ │ ├CategoryDataColors: Array<GeospatialCategoricalDataColor> (required)
│ │ │ ├DefaultOpacity: number
│ │ │ ├NullDataVisibility: string
│ │ │ └NullDataSettings: GeospatialNullDataSettings
│ │ ├[+] type GeospatialCategoricalDataColor
│ │ │ ├ name: GeospatialCategoricalDataColor
│ │ │ └ properties
│ │ │ ├DataValue: string (required)
│ │ │ └Color: string (required)
│ │ ├[+] type GeospatialCircleRadius
│ │ │ ├ name: GeospatialCircleRadius
│ │ │ └ properties
│ │ │ └Radius: number
│ │ ├[+] type GeospatialCircleSymbolStyle
│ │ │ ├ name: GeospatialCircleSymbolStyle
│ │ │ └ properties
│ │ │ ├FillColor: GeospatialColor
│ │ │ ├StrokeWidth: GeospatialLineWidth
│ │ │ ├StrokeColor: GeospatialColor
│ │ │ └CircleRadius: GeospatialCircleRadius
│ │ ├[+] type GeospatialColor
│ │ │ ├ name: GeospatialColor
│ │ │ └ properties
│ │ │ ├Gradient: GeospatialGradientColor
│ │ │ ├Categorical: GeospatialCategoricalColor
│ │ │ └Solid: GeospatialSolidColor
│ │ ├[+] type GeospatialDataSourceItem
│ │ │ ├ name: GeospatialDataSourceItem
│ │ │ └ properties
│ │ │ └StaticFileDataSource: GeospatialStaticFileSource
│ │ ├[+] type GeospatialGradientColor
│ │ │ ├ name: GeospatialGradientColor
│ │ │ └ properties
│ │ │ ├DefaultOpacity: number
│ │ │ ├StepColors: Array<GeospatialGradientStepColor> (required)
│ │ │ ├NullDataVisibility: string
│ │ │ └NullDataSettings: GeospatialNullDataSettings
│ │ ├[+] type GeospatialGradientStepColor
│ │ │ ├ name: GeospatialGradientStepColor
│ │ │ └ properties
│ │ │ ├DataValue: number (required, default=0)
│ │ │ └Color: string (required)
│ │ ├[+] type GeospatialLayerColorField
│ │ │ ├ name: GeospatialLayerColorField
│ │ │ └ properties
│ │ │ ├ColorValuesFields: Array<MeasureField>
│ │ │ └ColorDimensionsFields: Array<DimensionField>
│ │ ├[+] type GeospatialLayerDefinition
│ │ │ ├ name: GeospatialLayerDefinition
│ │ │ └ properties
│ │ │ ├PointLayer: GeospatialPointLayer
│ │ │ ├PolygonLayer: GeospatialPolygonLayer
│ │ │ └LineLayer: GeospatialLineLayer
│ │ ├[+] type GeospatialLayerItem
│ │ │ ├ name: GeospatialLayerItem
│ │ │ └ properties
│ │ │ ├LayerId: string (required)
│ │ │ ├JoinDefinition: GeospatialLayerJoinDefinition
│ │ │ ├Actions: Array<LayerCustomAction>
│ │ │ ├LayerType: string
│ │ │ ├LayerDefinition: GeospatialLayerDefinition
│ │ │ ├Tooltip: TooltipOptions
│ │ │ ├Label: string
│ │ │ ├Visibility: string
│ │ │ └DataSource: GeospatialDataSourceItem
│ │ ├[+] type GeospatialLayerJoinDefinition
│ │ │ ├ name: GeospatialLayerJoinDefinition
│ │ │ └ properties
│ │ │ ├ColorField: GeospatialLayerColorField
│ │ │ ├ShapeKeyField: string
│ │ │ └DatasetKeyField: UnaggregatedField
│ │ ├[~] type GeospatialLayerMapConfiguration
│ │ │ └ properties
│ │ │ └[+] MapLayers: Array<GeospatialLayerItem>
│ │ ├[+] type GeospatialLineLayer
│ │ │ ├ name: GeospatialLineLayer
│ │ │ └ properties
│ │ │ └Style: GeospatialLineStyle (required)
│ │ ├[+] type GeospatialLineStyle
│ │ │ ├ name: GeospatialLineStyle
│ │ │ └ properties
│ │ │ └LineSymbolStyle: GeospatialLineSymbolStyle
│ │ ├[+] type GeospatialLineSymbolStyle
│ │ │ ├ name: GeospatialLineSymbolStyle
│ │ │ └ properties
│ │ │ ├FillColor: GeospatialColor
│ │ │ └LineWidth: GeospatialLineWidth
│ │ ├[+] type GeospatialLineWidth
│ │ │ ├ name: GeospatialLineWidth
│ │ │ └ properties
│ │ │ └LineWidth: number
│ │ ├[+] type GeospatialNullDataSettings
│ │ │ ├ name: GeospatialNullDataSettings
│ │ │ └ properties
│ │ │ └SymbolStyle: GeospatialNullSymbolStyle (required)
│ │ ├[+] type GeospatialNullSymbolStyle
│ │ │ ├ name: GeospatialNullSymbolStyle
│ │ │ └ properties
│ │ │ ├FillColor: string
│ │ │ ├StrokeWidth: number
│ │ │ └StrokeColor: string
│ │ ├[+] type GeospatialPointLayer
│ │ │ ├ name: GeospatialPointLayer
│ │ │ └ properties
│ │ │ └Style: GeospatialPointStyle (required)
│ │ ├[+] type GeospatialPointStyle
│ │ │ ├ name: GeospatialPointStyle
│ │ │ └ properties
│ │ │ └CircleSymbolStyle: GeospatialCircleSymbolStyle
│ │ ├[+] type GeospatialPolygonLayer
│ │ │ ├ name: GeospatialPolygonLayer
│ │ │ └ properties
│ │ │ └Style: GeospatialPolygonStyle (required)
│ │ ├[+] type GeospatialPolygonStyle
│ │ │ ├ name: GeospatialPolygonStyle
│ │ │ └ properties
│ │ │ └PolygonSymbolStyle: GeospatialPolygonSymbolStyle
│ │ ├[+] type GeospatialPolygonSymbolStyle
│ │ │ ├ name: GeospatialPolygonSymbolStyle
│ │ │ └ properties
│ │ │ ├FillColor: GeospatialColor
│ │ │ ├StrokeWidth: GeospatialLineWidth
│ │ │ └StrokeColor: GeospatialColor
│ │ ├[+] type GeospatialSolidColor
│ │ │ ├ documentation: Describes the properties for a solid color
│ │ │ │ name: GeospatialSolidColor
│ │ │ └ properties
│ │ │ ├State: string
│ │ │ └Color: string (required)
│ │ ├[+] type GeospatialStaticFileSource
│ │ │ ├ name: GeospatialStaticFileSource
│ │ │ └ properties
│ │ │ └StaticFileId: string (required)
│ │ ├[~] type ImageInteractionOptions
│ │ │ └ properties
│ │ │ └[+] ImageMenuOption: ImageMenuOption
│ │ ├[+] type LayerCustomAction
│ │ │ ├ name: LayerCustomAction
│ │ │ └ properties
│ │ │ ├Status: string
│ │ │ ├Trigger: string (required)
│ │ │ ├CustomActionId: string (required)
│ │ │ ├Name: string (required)
│ │ │ └ActionOperations: Array<LayerCustomActionOperation> (required)
│ │ ├[+] type LayerCustomActionOperation
│ │ │ ├ name: LayerCustomActionOperation
│ │ │ └ properties
│ │ │ ├NavigationOperation: CustomActionNavigationOperation
│ │ │ ├SetParametersOperation: CustomActionSetParametersOperation
│ │ │ ├FilterOperation: CustomActionFilterOperation
│ │ │ └URLOperation: CustomActionURLOperation
│ │ └[~] type LayerMapVisual
│ │ └ properties
│ │ └[+] ChartConfiguration: GeospatialLayerMapConfiguration
│ ├[+] resource AWS::QuickSight::CustomPermissions
│ │ ├ name: CustomPermissions
│ │ │ cloudFormationType: AWS::QuickSight::CustomPermissions
│ │ │ documentation: Definition of the AWS::QuickSight::CustomPermissions Resource Type.
│ │ │ tagInformation: {"tagPropertyName":"Tags","variant":"standard"}
│ │ ├ properties
│ │ │ ├AwsAccountId: string (required, immutable)
│ │ │ ├Capabilities: Capabilities
│ │ │ ├CustomPermissionsName: string (required, immutable)
│ │ │ └Tags: Array<tag>
│ │ ├ attributes
│ │ │ └Arn: string
│ │ └ types
│ │ └type Capabilities
│ │ ├ name: Capabilities
│ │ └ properties
│ │ ├ExportToCsv: string
│ │ ├ExportToExcel: string
│ │ ├CreateAndUpdateThemes: string
│ │ ├AddOrRunAnomalyDetectionForAnalyses: string
│ │ ├ShareAnalyses: string
│ │ ├CreateAndUpdateDatasets: string
│ │ ├ShareDatasets: string
│ │ ├SubscribeDashboardEmailReports: string
│ │ ├CreateAndUpdateDashboardEmailReports: string
│ │ ├ShareDashboards: string
│ │ ├CreateAndUpdateThresholdAlerts: string
│ │ ├RenameSharedFolders: string
│ │ ├CreateSharedFolders: string
│ │ ├CreateAndUpdateDataSources: string
│ │ ├ShareDataSources: string
│ │ ├ViewAccountSPICECapacity: string
│ │ └CreateSPICEDataset: string
│ ├[~] resource AWS::QuickSight::Dashboard
│ │ └ types
│ │ ├[+] type GeospatialCategoricalColor
│ │ │ ├ name: GeospatialCategoricalColor
│ │ │ └ properties
│ │ │ ├CategoryDataColors: Array<GeospatialCategoricalDataColor> (required)
│ │ │ ├DefaultOpacity: number
│ │ │ ├NullDataVisibility: string
│ │ │ └NullDataSettings: GeospatialNullDataSettings
│ │ ├[+] type GeospatialCategoricalDataColor
│ │ │ ├ name: GeospatialCategoricalDataColor
│ │ │ └ properties
│ │ │ ├DataValue: string (required)
│ │ │ └Color: string (required)
│ │ ├[+] type GeospatialCircleRadius
│ │ │ ├ name: GeospatialCircleRadius
│ │ │ └ properties
│ │ │ └Radius: number
│ │ ├[+] type GeospatialCircleSymbolStyle
│ │ │ ├ name: GeospatialCircleSymbolStyle
│ │ │ └ properties
│ │ │ ├FillColor: GeospatialColor
│ │ │ ├StrokeWidth: GeospatialLineWidth
│ │ │ ├StrokeColor: GeospatialColor
│ │ │ └CircleRadius: GeospatialCircleRadius
│ │ ├[+] type GeospatialColor
│ │ │ ├ name: GeospatialColor
│ │ │ └ properties
│ │ │ ├Gradient: GeospatialGradientColor
│ │ │ ├Categorical: GeospatialCategoricalColor
│ │ │ └Solid: GeospatialSolidColor
│ │ ├[+] type GeospatialDataSourceItem
│ │ │ ├ name: GeospatialDataSourceItem
│ │ │ └ properties
│ │ │ └StaticFileDataSource: GeospatialStaticFileSource
│ │ ├[+] type GeospatialGradientColor
│ │ │ ├ name: GeospatialGradientColor
│ │ │ └ properties
│ │ │ ├DefaultOpacity: number
│ │ │ ├StepColors: Array<GeospatialGradientStepColor> (required)
│ │ │ ├NullDataVisibility: string
│ │ │ └NullDataSettings: GeospatialNullDataSettings
│ │ ├[+] type GeospatialGradientStepColor
│ │ │ ├ name: GeospatialGradientStepColor
│ │ │ └ properties
│ │ │ ├DataValue: number (required, default=0)
│ │ │ └Color: string (required)
│ │ ├[+] type GeospatialLayerColorField
│ │ │ ├ name: GeospatialLayerColorField
│ │ │ └ properties
│ │ │ ├ColorValuesFields: Array<MeasureField>
│ │ │ └ColorDimensionsFields: Array<DimensionField>
│ │ ├[+] type GeospatialLayerDefinition
│ │ │ ├ name: GeospatialLayerDefinition
│ │ │ └ properties
│ │ │ ├PointLayer: GeospatialPointLayer
│ │ │ ├PolygonLayer: GeospatialPolygonLayer
│ │ │ └LineLayer: GeospatialLineLayer
│ │ ├[+] type GeospatialLayerItem
│ │ │ ├ name: GeospatialLayerItem
│ │ │ └ properties
│ │ │ ├LayerId: string (required)
│ │ │ ├JoinDefinition: GeospatialLayerJoinDefinition
│ │ │ ├Actions: Array<LayerCustomAction>
│ │ │ ├LayerType: string
│ │ │ ├LayerDefinition: GeospatialLayerDefinition
│ │ │ ├Tooltip: TooltipOptions
│ │ │ ├Label: string
│ │ │ ├Visibility: string
│ │ │ └DataSource: GeospatialDataSourceItem
│ │ ├[+] type GeospatialLayerJoinDefinition
│ │ │ ├ name: GeospatialLayerJoinDefinition
│ │ │ └ properties
│ │ │ ├ColorField: GeospatialLayerColorField
│ │ │ ├ShapeKeyField: string
│ │ │ └DatasetKeyField: UnaggregatedField
│ │ ├[~] type GeospatialLayerMapConfiguration
│ │ │ └ properties
│ │ │ └[+] MapLayers: Array<GeospatialLayerItem>
│ │ ├[+] type GeospatialLineLayer
│ │ │ ├ name: GeospatialLineLayer
│ │ │ └ properties
│ │ │ └Style: GeospatialLineStyle (required)
│ │ ├[+] type GeospatialLineStyle
│ │ │ ├ name: GeospatialLineStyle
│ │ │ └ properties
│ │ │ └LineSymbolStyle: GeospatialLineSymbolStyle
│ │ ├[+] type GeospatialLineSymbolStyle
│ │ │ ├ name: GeospatialLineSymbolStyle
│ │ │ └ properties
│ │ │ ├FillColor: GeospatialColor
│ │ │ └LineWidth: GeospatialLineWidth
│ │ ├[+] type GeospatialLineWidth
│ │ │ ├ name: GeospatialLineWidth
│ │ │ └ properties
│ │ │ └LineWidth: number
│ │ ├[+] type GeospatialNullDataSettings
│ │ │ ├ name: GeospatialNullDataSettings
│ │ │ └ properties
│ │ │ └SymbolStyle: GeospatialNullSymbolStyle (required)
│ │ ├[+] type GeospatialNullSymbolStyle
│ │ │ ├ name: GeospatialNullSymbolStyle
│ │ │ └ properties
│ │ │ ├FillColor: string
│ │ │ ├StrokeWidth: number
│ │ │ └StrokeColor: string
│ │ ├[+] type GeospatialPointLayer
│ │ │ ├ name: GeospatialPointLayer
│ │ │ └ properties
│ │ │ └Style: GeospatialPointStyle (required)
│ │ ├[+] type GeospatialPointStyle
│ │ │ ├ name: GeospatialPointStyle
│ │ │ └ properties
│ │ │ └CircleSymbolStyle: GeospatialCircleSymbolStyle
│ │ ├[+] type GeospatialPolygonLayer
│ │ │ ├ name: GeospatialPolygonLayer
│ │ │ └ properties
│ │ │ └Style: GeospatialPolygonStyle (required)
│ │ ├[+] type GeospatialPolygonStyle
│ │ │ ├ name: GeospatialPolygonStyle
│ │ │ └ properties
│ │ │ └PolygonSymbolStyle: GeospatialPolygonSymbolStyle
│ │ ├[+] type GeospatialPolygonSymbolStyle
│ │ │ ├ name: GeospatialPolygonSymbolStyle
│ │ │ └ properties
│ │ │ ├FillColor: GeospatialColor
│ │ │ ├StrokeWidth: GeospatialLineWidth
│ │ │ └StrokeColor: GeospatialColor
│ │ ├[+] type GeospatialSolidColor
│ │ │ ├ documentation: Describes the properties for a solid color
│ │ │ │ name: GeospatialSolidColor
│ │ │ └ properties
│ │ │ ├State: string
│ │ │ └Color: string (required)
│ │ ├[+] type GeospatialStaticFileSource
│ │ │ ├ name: GeospatialStaticFileSource
│ │ │ └ properties
│ │ │ └StaticFileId: string (required)
│ │ ├[+] type LayerCustomAction
│ │ │ ├ name: LayerCustomAction
│ │ │ └ properties
│ │ │ ├Status: string
│ │ │ ├Trigger: string (required)
│ │ │ ├CustomActionId: string (required)
│ │ │ ├Name: string (required)
│ │ │ └ActionOperations: Array<LayerCustomActionOperation> (required)
│ │ ├[+] type LayerCustomActionOperation
│ │ │ ├ name: LayerCustomActionOperation
│ │ │ └ properties
│ │ │ ├NavigationOperation: CustomActionNavigationOperation
│ │ │ ├SetParametersOperation: CustomActionSetParametersOperation
│ │ │ ├FilterOperation: CustomActionFilterOperation
│ │ │ └URLOperation: CustomActionURLOperation
│ │ └[~] type LayerMapVisual
│ │ └ properties
│ │ └[+] ChartConfiguration: GeospatialLayerMapConfiguration
│ ├[~] resource AWS::QuickSight::DataSet
│ │ ├ properties
│ │ │ └[+] PerformanceConfiguration: PerformanceConfiguration
│ │ └ types
│ │ ├[+] type PerformanceConfiguration
│ │ │ ├ name: PerformanceConfiguration
│ │ │ └ properties
│ │ │ └UniqueKeys: Array<UniqueKey>
│ │ └[+] type UniqueKey
│ │ ├ name: UniqueKey
│ │ └ properties
│ │ └ColumnNames: Array<string> (required)
│ └[~] resource AWS::QuickSight::Template
│ └ types
│ └[~] type ImageInteractionOptions
│ └ properties
│ └[+] ImageMenuOption: ImageMenuOption
├[~] service aws-ram
│ └ resources
│ └[~] resource AWS::RAM::ResourceShare
│ └ attributes
│ └[-] Id: string
├[~] service aws-rds
│ └ resources
│ ├[~] resource AWS::RDS::DBCluster
│ │ └ types
│ │ └[~] type ServerlessV2ScalingConfiguration
│ │ └ properties
│ │ └[+] SecondsUntilAutoPause: integer
│ └[~] resource AWS::RDS::DBInstance
│ └ properties
│ └[+] DBSystemId: string (immutable)
├[~] service aws-s3
│ └ resources
│ ├[~] resource AWS::S3::Bucket
│ │ └ types
│ │ └[~] type ServerSideEncryptionByDefault
│ │ └ - documentation: Describes the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. For more information, see [PutBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html) .
│ │ > - *General purpose buckets* - If you don't specify a customer managed key at configuration, Amazon S3 automatically creates an AWS KMS key ( `aws/s3` ) in your AWS account the first time that you add an object encrypted with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for SSE-KMS.
│ │ > - *Directory buckets* - Your SSE-KMS configuration can only support 1 [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) per directory bucket for the lifetime of the bucket. The [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) ( `aws/s3` ) isn't supported.
│ │ > - *Directory buckets* - For directory buckets, there are only two supported options for server-side encryption: SSE-S3 and SSE-KMS.
│ │ + documentation: Describes the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. For more information, see [PutBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html) .
│ │ > - *General purpose buckets* - If you don't specify a customer managed key at configuration, Amazon S3 automatically creates an AWS KMS key ( `aws/s3` ) in your AWS account the first time that you add an object encrypted with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for SSE-KMS.
│ │ > - *Directory buckets* - Your SSE-KMS configuration can only support 1 [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) per directory bucket's lifetime. The [AWS managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) ( `aws/s3` ) isn't supported.
│ │ > - *Directory buckets* - For directory buckets, there are only two supported options for server-side encryption: SSE-S3 and SSE-KMS.
│ └[~] resource AWS::S3::BucketPolicy
│ └ - documentation: Applies an Amazon S3 bucket policy to an Amazon S3 bucket. If you are using an identity other than the root user of the AWS account that owns the bucket, the calling identity must have the `PutBucketPolicy` permissions on the specified bucket and belong to the bucket owner's account in order to use this operation.
│ If you don't have `PutBucketPolicy` permissions, Amazon S3 returns a `403 Access Denied` error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a `405 Method Not Allowed` error.
│ > As a security precaution, the root user of the AWS account that owns a bucket can always use this operation, even if the policy explicitly denies the root user the ability to perform this action.
│ For more information, see [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) .
│ The following operations are related to `PutBucketPolicy` :
│ - [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html)
│ - [DeleteBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html)
│ + documentation: Applies an Amazon S3 bucket policy to an Amazon S3 bucket. If you are using an identity other than the root user of the AWS account that owns the bucket, the calling identity must have the `PutBucketPolicy` permissions on the specified bucket and belong to the bucket owner's account in order to use this operation.
│ If you don't have `PutBucketPolicy` permissions, Amazon S3 returns a `403 Access Denied` error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a `405 Method Not Allowed` error.
│ > As a security precaution, the root user of the AWS account that owns a bucket can always use this operation, even if the policy explicitly denies the root user the ability to perform this action.
│ When using the `AWS::S3::BucketPolicy` resource, you can create, update, and delete bucket policies for S3 buckets located in regions different from the stack's region. This cross-region bucket policy modification functionality is supported for backward compatibility with existing workflows.
│ > If the [DeletionPolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html) is not specified or set to `Delete` , the bucket policy will be removed when the stack is deleted. If set to `Retain` , the bucket policy will be preserved even after the stack is deleted.
│ For example, a CloudFormation stack in `us-east-1` can use the `AWS::S3::BucketPolicy` resource to manage the bucket policy for an S3 bucket in `us-west-2` . The retention or removal of the bucket policy during the stack deletion is determined by the `DeletionPolicy` attribute specified in the stack template.
│ For more information, see [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) .
│ The following oper…
|
Comments on closed issues and PRs are hard for our team to see. |
|
The pull request linter fails with the following errors: PRs must pass status checks before we can provide a meaningful review. If you would like to request an exemption from the status checks or clarification on feedback, please leave a comment on this PR containing |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue # (if applicable)
Closes #32364 .
Reason for this change
Support EKS Auto mode
Description of changes
Description of how you validated changes
Integration test to create cluster, while current blocker is the new field is not been parsed to the create cluster request. Looking for a way to debug integration test.
Checklist
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license