-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: update L1 CloudFormation resource definitions #30786
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec`
aws-cdk-automation
added
auto-approve
contribution/core
This is a PR that came from AWS.
dependencies
This issue is a problem in a dependency or a pull request that updates a dependency file.
pr-linter/exempt-readme
The PR linter will not require README changes
pr-linter/exempt-test
The PR linter will not require test changes
pr-linter/exempt-integ-test
The PR linter will not require integ test changes
labels
Jul 8, 2024
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
GavinZZ
pushed a commit
that referenced
this pull request
Jul 10, 2024
Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec` **L1 CloudFormation resource definition changes:** ``` ├[~] service aws-applicationautoscaling │ └ resources │ ├[~] resource AWS::ApplicationAutoScaling::ScalableTarget │ │ └ properties │ │ ├ ResourceId: (documentation changed) │ │ └ ScalableDimension: (documentation changed) │ └[~] resource AWS::ApplicationAutoScaling::ScalingPolicy │ └ properties │ ├ ResourceId: (documentation changed) │ └ ScalableDimension: (documentation changed) ├[~] service aws-codebuild │ └ resources │ └[~] resource AWS::CodeBuild::Project │ └ types │ ├[~] type ProjectTriggers │ │ └ properties │ │ └ ScopeConfiguration: (documentation changed) │ └[~] type ScopeConfiguration │ ├ - documentation: undefined │ │ + documentation: Contains configuration information about the scope for a webhook. │ └ properties │ └ Name: (documentation changed) ├[~] service aws-deadline │ └ resources │ └[~] resource AWS::Deadline::MeteredProduct │ └ properties │ ├ Family: (documentation changed) │ ├ Port: (documentation changed) │ └ Vendor: (documentation changed) ├[~] service aws-dms │ └ resources │ └[~] resource AWS::DMS::Endpoint │ └ types │ └[~] type OracleSettings │ └ properties │ ├ ArchivedLogsOnly: (documentation changed) │ ├ UseBFile: (documentation changed) │ ├ UseDirectPathFullLoad: (documentation changed) │ └ UseLogminerReader: (documentation changed) ├[~] service aws-emr │ └ resources │ ├[~] resource AWS::EMR::Cluster │ │ └ types │ │ ├[~] type OnDemandProvisioningSpecification │ │ │ └ properties │ │ │ └ AllocationStrategy: (documentation changed) │ │ └[~] type SpotProvisioningSpecification │ │ └ properties │ │ └ AllocationStrategy: (documentation changed) │ └[~] resource AWS::EMR::InstanceFleetConfig │ └ types │ ├[~] type OnDemandProvisioningSpecification │ │ └ properties │ │ └ AllocationStrategy: (documentation changed) │ └[~] type SpotProvisioningSpecification │ └ properties │ └ AllocationStrategy: (documentation changed) ├[~] service aws-kinesisanalyticsv2 │ └ resources │ └[~] resource AWS::KinesisAnalyticsV2::Application │ └ types │ ├[~] type ApplicationConfiguration │ │ └ properties │ │ └ ApplicationSystemRollbackConfiguration: (documentation changed) │ ├[~] type ApplicationSystemRollbackConfiguration │ │ ├ - documentation: Describes whether system initiated rollbacks are enabled for a Flink-based Kinesis Data Analytics application. │ │ │ + documentation: Describes the system rollback configuration for a Managed Service for Apache Flink application. │ │ └ properties │ │ └ RollbackEnabled: (documentation changed) │ ├[~] type CheckpointConfiguration │ │ ├ - documentation: Describes an application's checkpointing configuration. Checkpointing is the process of persisting application state for fault tolerance. For more information, see [Checkpoints for Fault Tolerance](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/concepts/programming-model.html#checkpoints-for-fault-tolerance) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/) . │ │ │ + documentation: Describes an application's checkpointing configuration. Checkpointing is the process of persisting application state for fault tolerance. For more information, see [Checkpoints for Fault Tolerance](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master/docs/dev/datastream/fault-tolerance/checkpointing/) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master) . │ │ └ properties │ │ └ MinPauseBetweenCheckpoints: (documentation changed) │ ├[~] type FlinkRunConfiguration │ │ └ properties │ │ └ AllowNonRestoredState: (documentation changed) │ └[~] type ParallelismConfiguration │ └ - documentation: Describes parameters for how a Flink-based Kinesis Data Analytics application executes multiple tasks simultaneously. For more information about parallelism, see [Parallel Execution](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/dev/parallel.html) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/) . │ + documentation: Describes parameters for how a Flink-based Kinesis Data Analytics application executes multiple tasks simultaneously. For more information about parallelism, see [Parallel Execution](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master/docs/dev/datastream/execution/parallel/) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master) . ├[~] service aws-rds │ └ resources │ └[~] resource AWS::RDS::DBInstance │ └ types │ ├[~] type CertificateDetails │ │ └ - documentation: Returns the details of the DB instance’s server certificate. │ │ For more information, see [Using SSL/TLS to encrypt a connection to a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) in the *Amazon RDS User Guide* and [Using SSL/TLS to encrypt a connection to a DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html) in the *Amazon Aurora User Guide* . │ │ + documentation: The details of the DB instance’s server certificate. │ │ For more information, see [Using SSL/TLS to encrypt a connection to a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) in the *Amazon RDS User Guide* and [Using SSL/TLS to encrypt a connection to a DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html) in the *Amazon Aurora User Guide* . │ └[~] type ProcessorFeature │ └ properties │ └ Value: (documentation changed) ├[~] service aws-rolesanywhere │ └ resources │ └[~] resource AWS::RolesAnywhere::CRL │ ├ properties │ │ ├ CrlData: (documentation changed) │ │ ├ Enabled: (documentation changed) │ │ ├ Name: (documentation changed) │ │ └ Tags: (documentation changed) │ └ attributes │ └ CrlId: (documentation changed) ├[~] service aws-route53profiles │ └ resources │ └[~] resource AWS::Route53Profiles::ProfileAssociation │ └ properties │ └ ResourceId: (documentation changed) ├[~] service aws-ses │ └ resources │ ├[~] resource AWS::SES::ConfigurationSet │ │ ├ properties │ │ │ ├ DeliveryOptions: (documentation changed) │ │ │ ├ ReputationOptions: (documentation changed) │ │ │ └ TrackingOptions: (documentation changed) │ │ └ types │ │ ├[~] type DashboardOptions │ │ │ └ - documentation: Settings for your VDM configuration as applicable to the Dashboard. │ │ │ + documentation: An object containing additional settings for your VDM configuration as applicable to the Dashboard. │ │ ├[~] type DeliveryOptions │ │ │ └ - documentation: Specifies whether messages that use the configuration set are required to use Transport Layer Security (TLS). │ │ │ + documentation: Specifies the name of the dedicated IP pool to associate with the configuration set and whether messages that use the configuration set are required to use Transport Layer Security (TLS). │ │ ├[~] type GuardianOptions │ │ │ └ - documentation: Settings for your VDM configuration as applicable to the Guardian. │ │ │ + documentation: An object containing additional settings for your VDM configuration as applicable to the Guardian. │ │ ├[~] type ReputationOptions │ │ │ ├ - documentation: Contains information about the reputation settings for a configuration set. │ │ │ │ + documentation: Enable or disable collection of reputation metrics for emails that you send using this configuration set in the current AWS Region. │ │ │ └ properties │ │ │ └ ReputationMetricsEnabled: (documentation changed) │ │ ├[~] type TrackingOptions │ │ │ └ - documentation: A domain that is used to redirect email recipients to an Amazon SES-operated domain. This domain captures open and click events generated by Amazon SES emails. │ │ │ For more information, see [Configuring Custom Domains to Handle Open and Click Tracking](https://docs.aws.amazon.com/ses/latest/dg/configure-custom-open-click-domains.html) in the *Amazon SES Developer Guide* . │ │ │ + documentation: An object that defines the tracking options for a configuration set. When you use the Amazon SES API v2 to send an email, it contains an invisible image that's used to track when recipients open your email. If your email contains links, those links are changed slightly in order to track when recipients click them. │ │ │ You can optionally configure a custom subdomain that is used to redirect email recipients to an Amazon SES-operated domain. This domain captures open and click events generated by Amazon SES emails. │ │ │ For more information, see [Configuring Custom Domains to Handle Open and Click Tracking](https://docs.aws.amazon.com/ses/latest/dg/configure-custom-open-click-domains.html) in the *Amazon SES Developer Guide* . │ │ └[~] type VdmOptions │ │ └ properties │ │ ├ DashboardOptions: (documentation changed) │ │ └ GuardianOptions: (documentation changed) │ ├[~] resource AWS::SES::ConfigurationSetEventDestination │ │ ├ - documentation: Specifies a configuration set event destination. An event destination is an AWS service that Amazon SES publishes email sending events to. When you specify an event destination, you provide one, and only one, destination. You can send event data to Amazon CloudWatch, Amazon Kinesis Data Firehose, or Amazon Simple Notification Service (Amazon SNS). │ │ │ + documentation: Specifies a configuration set event destination. *Events* include message sends, deliveries, opens, clicks, bounces, and complaints. *Event destinations* are places that you can send information about these events to. For example, you can send event data to Amazon SNS to receive notifications when you receive bounces or complaints, or you can use Amazon Kinesis Data Firehose to stream data to Amazon S3 for long-term storage. │ │ │ A single configuration set can include more than one event destination. │ │ ├ properties │ │ │ └ EventDestination: (documentation changed) │ │ └ types │ │ ├[~] type CloudWatchDestination │ │ │ ├ - documentation: Contains information associated with an Amazon CloudWatch event destination to which email sending events are published. │ │ │ │ Event destinations, such as Amazon CloudWatch, are associated with configuration sets, which enable you to publish email sending events. For information about using configuration sets, see the [Amazon SES Developer Guide](https://docs.aws.amazon.com/ses/latest/dg/monitor-sending-activity.html) . │ │ │ │ + documentation: An object that defines an Amazon CloudWatch destination for email events. You can use Amazon CloudWatch to monitor and gain insights on your email sending metrics. │ │ │ └ properties │ │ │ └ DimensionConfigurations: (documentation changed) │ │ ├[~] type DimensionConfiguration │ │ │ ├ - documentation: Contains the dimension configuration to use when you publish email sending events to Amazon CloudWatch. │ │ │ │ For information about publishing email sending events to Amazon CloudWatch, see the [Amazon SES Developer Guide](https://docs.aws.amazon.com/ses/latest/dg/monitor-sending-activity.html) . │ │ │ │ + documentation: An object that defines the dimension configuration to use when you send email events to Amazon CloudWatch. │ │ │ └ properties │ │ │ ├ DefaultDimensionValue: (documentation changed) │ │ │ ├ DimensionName: (documentation changed) │ │ │ └ DimensionValueSource: (documentation changed) │ │ ├[~] type EventBridgeDestination │ │ │ ├ - documentation: An object that contains Event bus ARN associated with the event bridge destination. │ │ │ │ + documentation: An object that defines an Amazon EventBridge destination for email events. You can use Amazon EventBridge to send notifications when certain email events occur. │ │ │ └ properties │ │ │ └ EventBusArn: (documentation changed) │ │ ├[~] type EventDestination │ │ │ ├ - documentation: Contains information about an event destination. │ │ │ │ > When you create or update an event destination, you must provide one, and only one, destination. The destination can be Amazon CloudWatch, Amazon Kinesis Firehose or Amazon Simple Notification Service (Amazon SNS). │ │ │ │ Event destinations are associated with configuration sets, which enable you to publish email sending events to Amazon CloudWatch, Amazon Kinesis Firehose, or Amazon Simple Notification Service (Amazon SNS). For information about using configuration sets, see the [Amazon SES Developer Guide](https://docs.aws.amazon.com/ses/latest/dg/monitor-sending-activity.html) . │ │ │ │ + documentation: In the Amazon SES API v2, *events* include message sends, deliveries, opens, clicks, bounces, complaints and delivery delays. *Event destinations* are places that you can send information about these events to. For example, you can send event data to Amazon SNS to receive notifications when you receive bounces or complaints, or you can use Amazon Kinesis Data Firehose to stream data to Amazon S3 for long-term storage. │ │ │ └ properties │ │ │ ├ CloudWatchDestination: (documentation changed) │ │ │ ├ Enabled: (documentation changed) │ │ │ ├ EventBridgeDestination: (documentation changed) │ │ │ └ MatchingEventTypes: (documentation changed) │ │ └[~] type KinesisFirehoseDestination │ │ ├ - documentation: Contains the delivery stream ARN and the IAM role ARN associated with an Amazon Kinesis Firehose event destination. │ │ │ Event destinations, such as Amazon Kinesis Firehose, are associated with configuration sets, which enable you to publish email sending events. For information about using configuration sets, see the [Amazon SES Developer Guide](https://docs.aws.amazon.com/ses/latest/dg/monitor-sending-activity.html) . │ │ │ + documentation: An object that defines an Amazon Kinesis Data Firehose destination for email events. You can use Amazon Kinesis Data Firehose to stream data to other services, such as Amazon S3 and Amazon Redshift. │ │ └ properties │ │ └ IAMRoleARN: (documentation changed) │ ├[~] resource AWS::SES::EmailIdentity │ │ ├ - documentation: Specifies an identity for using within SES. An identity is an email address or domain that you use when you send email. Before you can use an identity to send email, you first have to verify it. By verifying an identity, you demonstrate that you're the owner of the identity, and that you've given Amazon SES API v2 permission to send email from the identity. │ │ │ When you verify an email address, SES sends an email to the address. Your email address is verified as soon as you follow the link in the verification email. When you verify a domain without specifying the DkimSigningAttributes properties, OR only the NextSigningKeyLength property of DkimSigningAttributes, this resource provides a set of CNAME token names and values (DkimDNSTokenName1, DkimDNSTokenValue1, DkimDNSTokenName2, DkimDNSTokenValue2, DkimDNSTokenName3, DkimDNSTokenValue3) as outputs. You can then add these to the DNS configuration for your domain. Your domain is verified when Amazon SES detects these records in the DNS configuration for your domain. This verification method is known as Easy DKIM. │ │ │ Alternatively, you can perform the verification process by providing your own public-private key pair. This verification method is known as Bring Your Own DKIM (BYODKIM). To use BYODKIM, your resource must include DkimSigningAttributes properties DomainSigningSelector and DomainSigningPrivateKey. When you specify this object, you provide a selector (DomainSigningSelector) (a component of the DNS record name that identifies the public key to use for DKIM authentication) and a private key (DomainSigningPrivateKey). │ │ │ Additionally, you can associate an existing configuration set with the email identity that you're verifying. │ │ │ + documentation: Specifies an identity for using within SES. An identity is an email address or domain that you use when you send email. Before you can use an identity to send email, you first have to verify it. By verifying an identity, you demonstrate that you're the owner of the identity, and that you've given Amazon SES API v2 permission to send email from the identity. │ │ │ When you verify an email address, SES sends an email to the address. Your email address is verified as soon as you follow the link in the verification email. When you verify a domain without specifying the `DkimSigningAttributes` properties, OR only the `NextSigningKeyLength` property of `DkimSigningAttributes` , this resource provides a set of CNAME token names and values ( *DkimDNSTokenName1* , *DkimDNSTokenValue1* , *DkimDNSTokenName2* , *DkimDNSTokenValue2* , *DkimDNSTokenName3* , *DkimDNSTokenValue3* ) as outputs. You can then add these to the DNS configuration for your domain. Your domain is verified when Amazon SES detects these records in the DNS configuration for your domain. This verification method is known as Easy DKIM. │ │ │ Alternatively, you can perform the verification process by providing your own public-private key pair. This verification method is known as Bring Your Own DKIM (BYODKIM). To use BYODKIM, your resource must include `DkimSigningAttributes` properties `DomainSigningSelector` and `DomainSigningPrivateKey` . When you specify this object, you provide a selector ( `DomainSigningSelector` ) (a component of the DNS record name that identifies the public key to use for DKIM authentication) and a private key ( `DomainSigningPrivateKey` ). │ │ │ Additionally, you can associate an existing configuration set with the email identity that you're verifying. │ │ └ properties │ │ └ DkimSigningAttributes: (documentation changed) │ ├[~] resource AWS::SES::ReceiptRule │ │ └ types │ │ ├[~] type Action │ │ │ └ properties │ │ │ └ WorkmailAction: (documentation changed) │ │ ├[~] type AddHeaderAction │ │ │ ├ - documentation: When included in a receipt rule, this action adds a header to the received email. │ │ │ │ For information about adding a header using a receipt rule, see the [Amazon SES Developer Guide](https://docs.aws.amazon.com/ses/latest/dg/receiving-email-action-add-header.html) . │ │ │ │ + documentation: When included in a receipt rule, this action adds a header to the received email. │ │ │ │ For information about adding a header using a receipt rule, see the [Amazon SES Developer Guide](https://docs.aws.amazon.com/ses/latest/dg/receiving-email-receipt-rules-console-walkthrough.html) . │ │ │ └ properties │ │ │ └ HeaderName: (documentation changed) │ │ └[~] type S3Action │ │ └ - documentation: When included in a receipt rule, this action saves the received message to an Amazon Simple Storage Service (Amazon S3) bucket and, optionally, publishes a notification to Amazon Simple Notification Service (Amazon SNS). │ │ To enable Amazon SES to write emails to your Amazon S3 bucket, use an AWS KMS key to encrypt your emails, or publish to an Amazon SNS topic of another account, Amazon SES must have permission to access those resources. For information about granting permissions, see the [Amazon SES Developer Guide](https://docs.aws.amazon.com/ses/latest/dg/receiving-email-permissions.html) . │ │ > When you save your emails to an Amazon S3 bucket, the maximum email size (including headers) is 40 MB. Emails larger than that bounces. │ │ For information about specifying Amazon S3 actions in receipt rules, see the [Amazon SES Developer Guide](https://docs.aws.amazon.com/ses/latest/dg/receiving-email-action-s3.html) . │ │ + documentation: When included in a receipt rule, this action saves the received message to an Amazon Simple Storage Service (Amazon S3) bucket and, optionally, publishes a notification to Amazon Simple Notification Service (Amazon SNS). │ │ To enable Amazon SES to write emails to your Amazon S3 bucket, use an AWS KMS key to encrypt your emails, or publish to an Amazon SNS topic of another account, Amazon SES must have permission to access those resources. For information about granting permissions, see the [Amazon SES Developer Guide](https://docs.aws.amazon.com/ses/latest/dg/receiving-email-permissions.html) . │ │ > When you save your emails to an Amazon S3 bucket, the maximum email size (including headers) is 30 MB. Emails larger than that bounces. │ │ For information about specifying Amazon S3 actions in receipt rules, see the [Amazon SES Developer Guide](https://docs.aws.amazon.com/ses/latest/dg/receiving-email-action-s3.html) . │ ├[~] resource AWS::SES::ReceiptRuleSet │ │ └ properties │ │ └ RuleSetName: (documentation changed) │ ├[~] resource AWS::SES::Template │ │ └ types │ │ └[~] type Template │ │ ├ - documentation: The content of the email, composed of a subject line and either an HTML part or a text-only part. │ │ │ + documentation: An object that defines the email template to use for an email message, and the values to use for any message variables in that template. An *email template* is a type of message template that contains content that you want to define, save, and reuse in email messages that you send. │ │ └ properties │ │ └ TemplateName: (documentation changed) │ └[~] resource AWS::SES::VdmAttributes │ └ types │ ├[~] type DashboardAttributes │ │ └ - documentation: Settings for your VDM configuration as applicable to the Dashboard. │ │ + documentation: An object containing additional settings for your VDM configuration as applicable to the Dashboard. │ └[~] type GuardianAttributes │ └ - documentation: Settings for your VDM configuration as applicable to the Guardian. │ + documentation: An object containing additional settings for your VDM configuration as applicable to the Guardian. ├[~] service aws-verifiedpermissions │ └ resources │ ├[~] resource AWS::VerifiedPermissions::IdentitySource │ │ ├ properties │ │ │ └ Configuration: (documentation changed) │ │ └ types │ │ └[~] type CognitoGroupConfiguration │ │ └ - documentation: The type of entity that a policy store maps to groups from an Amazon Cognito user pool identity source. │ │ This data type is part of a [CognitoUserPoolConfiguration](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CognitoUserPoolConfiguration.html) structure and is a request parameter in [CreateIdentitySource](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html) . │ │ + documentation: The type of entity that a policy store maps to groups from an Amazon Cognito user pool identity source. │ ├[~] resource AWS::VerifiedPermissions::Policy │ │ └ - documentation: Creates or updates a Cedar policy and saves it in the specified policy store. You can create either a static policy or a policy linked to a policy template. │ │ You can directly update only static policies. To update a template-linked policy, you must update it's linked policy template instead. │ │ - To create a static policy, in the `Definition` include a `Static` element that includes the Cedar policy text in the `Statement` element. │ │ - To create a policy that is dynamically linked to a policy template, in the `Definition` include a `Templatelinked` element that specifies the policy template ID and the principal and resource to associate with this policy. If the policy template is ever updated, any policies linked to the policy template automatically use the updated template. │ │ > - If policy validation is enabled in the policy store, then updating a static policy causes Verified Permissions to validate the policy against the schema in the policy store. If the updated static policy doesn't pass validation, the operation fails and the update isn't stored. │ │ > - When you edit a static policy, You can change only certain elements of a static policy: │ │ > │ │ > - The action referenced by the policy. │ │ > - A condition clause, such as when and unless. │ │ > │ │ > You can't change these elements of a static policy: │ │ > │ │ > - Changing a policy from a static policy to a template-linked policy. │ │ > - Changing the effect of a static policy from permit or forbid. │ │ > - The principal referenced by a static policy. │ │ > - The resource referenced by a static policy. │ │ > - To update a template-linked policy, you must update the template instead. │ │ + documentation: Creates or updates a Cedar policy and saves it in the specified policy store. You can create either a static policy or a policy linked to a policy template. │ │ You can directly update only static policies. To update a template-linked policy, you must update its linked policy template instead. │ │ - To create a static policy, in the `Definition` include a `Static` element that includes the Cedar policy text in the `Statement` element. │ │ - To create a policy that is dynamically linked to a policy template, in the `Definition` include a `Templatelinked` element that specifies the policy template ID and the principal and resource to associate with this policy. If the policy template is ever updated, any policies linked to the policy template automatically use the updated template. │ │ > - If policy validation is enabled in the policy store, then updating a static policy causes Verified Permissions to validate the policy against the schema in the policy store. If the updated static policy doesn't pass validation, the operation fails and the update isn't stored. │ │ > - When you edit a static policy, You can change only certain elements of a static policy: │ │ > │ │ > - The action referenced by the policy. │ │ > - A condition clause, such as when and unless. │ │ > │ │ > You can't change these elements of a static policy: │ │ > │ │ > - Changing a policy from a static policy to a template-linked policy. │ │ > - Changing the effect of a static policy from permit or forbid. │ │ > - The principal referenced by a static policy. │ │ > - The resource referenced by a static policy. │ │ > - To update a template-linked policy, you must update the template instead. │ └[~] resource AWS::VerifiedPermissions::PolicyStore │ └ types │ └[~] type SchemaDefinition │ └ properties │ └ CedarJson: (documentation changed) ├[~] service aws-wafv2 │ └ resources │ ├[~] resource AWS::WAFv2::RuleGroup │ │ └ types │ │ └[~] type JsonBody │ │ ├ - documentation: Inspect the body of the web request as JSON. The body immediately follows the request headers. │ │ │ This is used to indicate the web request component to inspect, in the `FieldToMatch` specification. │ │ │ Use the specifications in this object to indicate which parts of the JSON body to inspect using the rule's inspection criteria. AWS WAF inspects only the parts of the JSON that result from the matches that you indicate. │ │ │ Example JSON: `"JsonBody": { "MatchPattern": { "All": {} }, "MatchScope": "ALL" }` │ │ │ + documentation: Inspect the body of the web request as JSON. The body immediately follows the request headers. │ │ │ This is used to indicate the web request component to inspect, in the `FieldToMatch` specification. │ │ │ Use the specifications in this object to indicate which parts of the JSON body to inspect using the rule's inspection criteria. AWS WAF inspects only the parts of the JSON that result from the matches that you indicate. │ │ │ Example JSON: `"JsonBody": { "MatchPattern": { "All": {} }, "MatchScope": "ALL" }` │ │ │ For additional information about this request component option, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* . │ │ └ properties │ │ └ InvalidFallbackBehavior: (documentation changed) │ └[~] resource AWS::WAFv2::WebACL │ └ types │ └[~] type JsonBody │ ├ - documentation: Inspect the body of the web request as JSON. The body immediately follows the request headers. │ │ This is used to indicate the web request component to inspect, in the `FieldToMatch` specification. │ │ Use the specifications in this object to indicate which parts of the JSON body to inspect using the rule's inspection criteria. AWS WAF inspects only the parts of the JSON that result from the matches that you indicate. │ │ Example JSON: `"JsonBody": { "MatchPattern": { "All": {} }, "MatchScope": "ALL" }` │ │ + documentation: Inspect the body of the web request as JSON. The body immediately follows the request headers. │ │ This is used to indicate the web request component to inspect, in the `FieldToMatch` specification. │ │ Use the specifications in this object to indicate which parts of the JSON body to inspect using the rule's inspection criteria. AWS WAF inspects only the parts of the JSON that result from the matches that you indicate. │ │ Example JSON: `"JsonBody": { "MatchPattern": { "All": {} }, "MatchScope": "ALL" }` │ │ For additional information about this request component option, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* . │ └ properties │ └ InvalidFallbackBehavior: (documentation changed) └[~] service aws-workspaces └ resources ├[~] resource AWS::WorkSpaces::Workspace │ ├ properties │ │ ├ UserName: (documentation changed) │ │ └ VolumeEncryptionKey: (documentation changed) │ └ types │ └[~] type WorkspaceProperties │ └ properties │ └ RunningMode: (documentation changed) └[~] resource AWS::WorkSpaces::WorkspacesPool ├ - documentation: Resource Type definition for AWS::WorkSpaces::WorkspacesPool │ + documentation: Describes a pool of WorkSpaces. ├ properties │ ├ ApplicationSettings: (documentation changed) │ ├ BundleId: (documentation changed) │ ├ Capacity: (documentation changed) │ ├ Description: (documentation changed) │ ├ DirectoryId: (documentation changed) │ ├ PoolName: (documentation changed) │ ├ Tags: (documentation changed) │ └ TimeoutSettings: (documentation changed) ├ attributes │ ├ CreatedAt: (documentation changed) │ ├ PoolArn: (documentation changed) │ └ PoolId: (documentation changed) └ types ├[~] type ApplicationSettings │ ├ - documentation: undefined │ │ + documentation: The persistent application settings for users in the pool. │ └ properties │ ├ SettingsGroup: (documentation changed) │ └ Status: (documentation changed) ├[~] type Capacity │ ├ - documentation: undefined │ │ + documentation: Describes the user capacity for the pool. │ └ properties │ └ DesiredUserSessions: (documentation changed) └[~] type TimeoutSettings ├ - documentation: undefined │ + documentation: Describes the timeout settings for the pool. └ properties ├ DisconnectTimeoutInSeconds: (documentation changed) ├ IdleDisconnectTimeoutInSeconds: (documentation changed) └ MaxUserDurationInSeconds: (documentation changed) ```
Comments on closed issues and PRs are hard for our team to see. If you need help, please open a new issue that references this one. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Labels
auto-approve
contribution/core
This is a PR that came from AWS.
dependencies
This issue is a problem in a dependency or a pull request that updates a dependency file.
p2
pr-linter/exempt-integ-test
The PR linter will not require integ test changes
pr-linter/exempt-readme
The PR linter will not require README changes
pr-linter/exempt-test
The PR linter will not require test changes
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Updates the L1 CloudFormation resource definitions with the latest changes from
@aws-cdk/aws-service-spec
L1 CloudFormation resource definition changes: